nepoželjno instaliran Poshuhach

1

nepoželjno instaliran Poshuhach

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

Pre otprilike 7 dana sam primetio dami google podrazumevani pretraživač već se sam menja u pou Poshuhach. Pored toga haovani su mi nalozi pa nemogu da se ulogujem na Facebook.


Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija: 26-01-2022
Pokrenuo Korisnik (administrator) na DESKTOP-BODVLOB (Hewlett-Packard HP ENVY 17 Notebook PC) (27-01-2022 13:28:58)
Pokrenuto sa C:\Users\Korisnik\Desktop
Učitani Profili: Korisnik
Platform: Microsoft Windows 10 Pro Verzija 20H2 19042.1466 (X64) Jezik: engleski (SAD) -> srpski (latinica, Srbija)
Podrazumevani pregledač: FF
Režim pokretanja sistema: Normal

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\updates\7.10.5_46097\bittorrentie.exe <2>
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDRW.exe
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\InterprocessController.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Korisnik\AppData\Local\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Korisnik\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registar (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [BitTorrent] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2021-11-21] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Viber] => C:\Users\Korisnik\AppData\Local\Viber\Viber.exe [51151120 2021-12-16] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [bt] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2150848 2022-01-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive\21.245.1128.0002"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"

==================== Planirani Zadaci (Na Beloj Listi) ============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

Task: {11FDF7FC-0086-43DA-A54F-C58DC5240984} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {13A7DD64-80FA-4762-AFB1-BEC195AB61E8} - System32\Tasks\Mozilla\Firefox Default Browser Agent E5307D7A67AE0E06 => C:\Users\Korisnik\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "E5307D7A67AE0E06"
Task: {20351004-ACC7-4467-B77B-734AA3AC7FC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {3F519F84-FF47-4189-AC46-8CA3A8FDA161} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6E387D12-29E9-458A-B97B-BDACF111F2B5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7A0FDBE7-6A04-4FDE-A42D-F08A5061BD38} - System32\Tasks\CorelUpdateHelperTask-FBBF1CB630BDB13C4F692CCE0CEF98A3 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {8CB7ED9A-9688-4614-912E-3C75E1A2439C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9F5E195D-BA1B-4A34-B5B0-296B102B0ED0} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {EED51E2B-3D4F-45F6-96B4-66A67AAB798B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Datoteka nije potpisana]
Task: {F12A71DB-C923-4A74-8B80-B2773CDFF7A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)

(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)


==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Hosts: Postoji više od jednog unosa u Hosts. Pogledati Hosts sekciju iz Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{0dc19ceb-bae3-46f5-a1d0-6b41205dd880}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{74508fef-8fd2-47d3-a8d4-27e44cb5f70c}: [DhcpNameServer] 89.216.1.30 89.216.1.50

Edge:
=======
DownloadDir: C:\Users\Korisnik\Downloads
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Korisnik\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: wl8pbczq.default
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 [2022-01-27]
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://en.savefrom.net; hxxps://www.instagram.com; hxxps://www.creativefabrica.com; hxxps://www.telegraf.rs; hxxps://ytmp3.cc; hxxps://www.dailystar.co.uk; hxxps://www.fashion.hr; hxxps://ytop1.com; hxxps://filmstock.wondershare.com; hxxps://www.facebook.com
FF Extension: (српски (sr) Language Pack) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\langpack-sr@firefox.mozilla.org.xpi [2022-01-20]
FF Extension: (Српски речник - Serbian Dictionary) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\sr-RS@dictionaries.addons.mozilla.org.xpi [2021-08-09]
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 [2022-01-27]
FF DownloadDir: C:\Users\Korisnik\Desktop\sacuvaj
FF Homepage: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> google
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://www.computer-pdf.com; hxxps://creativetacos.com; hxxps://www.nssmag.com; hxxps://thepiratebay.org; hxxps://www.kurir.rs; hxxps://badoo.com; hxxps://www.pinterest.com; hxxps://www.dreamstime.com; hxxps://www.instagram.com; hxxps://ytmp3.cc; hxxps://glossy.espreso.co.rs; hxxps://direktno.rs
FF Extension: (TubeBuddy) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2022-01-27]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-01-27]
FF Extension: (Fairytale Of Nature) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{6804879d-8801-473a-b13d-605b902a5e4f}.xpi [2021-06-03]
FF Extension: (Purpling bubbles) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{69ab6730-1a1a-4d27-8aa4-f27a0e5f2de8}.xpi [2021-06-17]
FF Extension: (Dark display mode) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{837f1b64-2478-40ef-9ce6-ee2303544a1d}.xpi [2021-08-08]
FF Extension: (Beach chairs - Jen) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{d131036c-f86e-42b1-8386-9a4f47596b24}.xpi [2021-08-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default [2022-01-27]
CHR HomePage: Default -> hxxp://www.google.rs/
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Презентације) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-14]
CHR Extension: (Документи) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-14]
CHR Extension: (Google диск) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-14]
CHR Extension: (Табеле) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-14]
CHR Extension: (Google документи офлајн) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]

==================== Servisi (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datoteka nije potpisana]
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-11-21] (Lavasoft Software Canada Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-27] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [22960 2021-11-21] (Lavasoft Software Canada Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drajveri (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-21] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-01-27] (Malwarebytes Inc -> Malwarebytes)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2012-08-20] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12384 2012-08-20] (MiniTool Solution Ltd -> )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec dana (kreirane) (Na Beloj Listi) =========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-27 13:28 - 2022-01-27 13:29 - 000026622 _____ C:\Users\Korisnik\Desktop\FRST.txt
2022-01-27 13:28 - 2022-01-27 13:29 - 000000000 ____D C:\FRST
2022-01-27 13:26 - 2022-01-27 13:26 - 002311680 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST64.exe
2022-01-27 13:02 - 2022-01-27 13:02 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-01-27 13:02 - 2022-01-27 13:02 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-27 13:02 - 2022-01-27 13:02 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-27 13:02 - 2022-01-27 13:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\mbam
2022-01-27 13:01 - 2022-01-27 13:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-27 13:01 - 2022-01-27 13:01 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-27 12:39 - 2022-01-27 12:39 - 002086424 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\MBSetup-076886.076886-Consumer.exe
2022-01-27 02:58 - 2022-01-27 02:58 - 002685778 _____ C:\Users\Korisnik\Desktop\zzzzzz.zip
2022-01-26 23:13 - 2022-01-26 23:13 - 003826350 _____ C:\Users\Korisnik\Desktop\set-vintage-beer-brewery-emblems-labels-logos-badges-designed-elements-monochrome-style-isolated-white-background.zip
2022-01-25 15:28 - 2022-01-25 15:28 - 000001069 _____ C:\Users\Public\Desktop\Wondershare Filmora9.lnk
2022-01-25 15:27 - 2022-01-25 15:31 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2022-01-25 15:24 - 2022-01-25 15:25 - 283315142 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 9.2.7.13 Full [4REALTORRENTZ.COM].ZIP
2022-01-25 15:18 - 2022-01-25 15:27 - 000000000 ____D C:\Program Files\Wondershare
2022-01-25 15:01 - 2022-01-25 15:08 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft SDK10
2022-01-25 04:18 - 2022-01-27 06:30 - 1215208830 _____ C:\Users\Korisnik\Downloads\Penelope Cross - Influencing The Influencer 090921.mp4
2022-01-25 02:03 - 2022-01-25 02:03 - 000000000 ____D C:\Users\Korisnik\Downloads\Money Making Money For Beginners Online Business Youtube Fiverr Craigslist
2022-01-23 00:12 - 2022-01-23 00:13 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla (2)
2022-01-22 16:01 - 2022-01-19 11:13 - 009336320 _____ C:\Users\Korisnik\Desktop\ZOOM0006.WAV
2022-01-22 15:54 - 2022-01-19 10:46 - 126134066 _____ C:\Users\Korisnik\Desktop\GH010808.MP4
2022-01-21 18:59 - 2022-01-21 18:59 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Mozilla Firefox
2022-01-20 22:35 - 2022-01-25 01:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-20 11:31 - 2022-01-20 11:31 - 000000000 ____D C:\Users\Korisnik\AppData\Local\UXP
2022-01-18 18:41 - 2022-01-18 19:02 - 453789012 _____ C:\Users\Korisnik\Desktop\ŽIGOLO SMOOTHIE 🔥 good health immunity and sex 🔥 healthy tasty powerful 🔥 best for winter ❄.mp4
2022-01-18 16:13 - 2022-01-18 13:07 - 207249152 _____ C:\Users\Korisnik\Desktop\ZOOM0001.WAV
2022-01-18 16:05 - 2022-01-18 12:40 - 2707889865 _____ C:\Users\Korisnik\Desktop\GH010801.MP4
2022-01-17 20:27 - 2022-01-17 20:27 - 002176610 _____ C:\Users\Korisnik\Desktop\aktuelan valst.wfp
2022-01-17 20:27 - 2022-01-17 20:27 - 000020903 _____ C:\Users\Korisnik\Desktop\aktuelan valst.fsthumb
2022-01-17 14:13 - 2022-01-18 02:24 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla
2022-01-17 12:11 - 2022-01-17 12:11 - 000000000 ____D C:\ProgramData\Wondershare
2022-01-17 12:08 - 2022-01-17 11:53 - 020026112 _____ C:\Users\Korisnik\Desktop\ZOOM0004.WAV
2022-01-17 12:08 - 2022-01-17 11:44 - 024431360 _____ C:\Users\Korisnik\Desktop\ZOOM0003.WAV
2022-01-17 12:08 - 2022-01-17 11:31 - 098841344 _____ C:\Users\Korisnik\Desktop\ZOOM0002.WAV
2022-01-16 16:54 - 2022-01-15 03:57 - 600004576 ____N (Document) C:\Users\Korisnik\Desktop\Explanation of our pricing policy(mk).scr.scr
2022-01-16 16:49 - 2022-01-16 16:49 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Yandex
2022-01-16 13:20 - 2022-01-16 13:20 - 000160031 _____ C:\Users\Korisnik\Desktop\File with options for work.pdf
2022-01-16 13:20 - 2022-01-16 13:20 - 000000000 ____D C:\Users\Korisnik\Desktop\sacuvaj
2022-01-16 10:04 - 2022-01-16 10:04 - 000000016 _____ C:\ProgramData\mntemp
2022-01-16 09:43 - 2022-01-25 15:00 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.1.21.0 incl Activator [(zabranjeno)ingPatching]
2022-01-16 09:19 - 2022-01-16 10:02 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare
2022-01-16 09:07 - 2022-01-16 09:15 - 250784942 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.7.0 (x64) Repack.rar
2022-01-16 09:03 - 2022-01-16 09:05 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.7.7.9 (x64) Multilingual.Fix
2022-01-16 08:56 - 2022-01-16 08:58 - 000000000 ____D C:\Users\Korisnik\Documents\FilmoraScreen
2022-01-16 08:55 - 2022-01-25 14:43 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2022-01-16 08:44 - 2022-01-16 08:45 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.0.91 (Repack & Portable) {B4tman}
2022-01-13 18:52 - 2022-01-13 18:52 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 18:45 - 2022-01-13 18:45 - 000000000 ___HD C:\$WinREAgent
2022-01-02 20:46 - 2022-01-02 20:47 - 021236796 _____ C:\Users\Korisnik\Downloads\eps_reader.zip
2021-12-31 01:52 - 2021-12-31 02:18 - 007291858 _____ C:\Users\Korisnik\Downloads\The Educated Person's Thumbnail Introduction to the Bible.pdf
2021-12-29 23:37 - 2018-08-18 10:06 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2021-12-29 23:10 - 2021-12-29 23:35 - 2680037867 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 8.7.1.4 (x64) + 1300 Effects.7z
2021-12-29 21:43 - 2021-12-29 21:43 - 000000000 ____D C:\Users\Korisnik\Downloads\[(zabranjeno)zsoft.net]Wondershare.Filmora.Scrn.v1.0.1.Multilingual

==================== Mesec dana (modifikovane) ==================

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-27 13:30 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\BitTorrent
2022-01-27 13:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-27 13:14 - 2020-07-14 12:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-27 13:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-27 12:52 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\ViberPC
2022-01-27 12:49 - 2021-11-22 23:35 - 000000000 ____D C:\Users\Korisnik\Desktop\Camera
2022-01-27 11:51 - 2021-02-09 02:14 - 000000000 ____D C:\Users\Korisnik\AppData\Local\BitTorrentHelper
2022-01-27 11:28 - 2021-04-04 01:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-27 10:47 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\Documents\ViberDownloads
2022-01-27 09:23 - 2020-07-14 12:20 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\Mozilla
2022-01-26 18:04 - 2021-12-12 17:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:02 - 000002400 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 11:33 - 2021-05-29 04:47 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C3F1E325-79BD-4A4B-BA1F-7B9F1AF91283}
2022-01-26 11:33 - 2020-08-06 14:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-26 11:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-25 22:48 - 2021-04-12 21:33 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d728e6391c4fd1
2022-01-25 22:48 - 2021-04-04 01:06 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 15:29 - 2020-07-25 10:52 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare Filmora 9
2022-01-25 15:28 - 2020-09-07 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-01-25 13:17 - 2020-07-14 12:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 13:17 - 2020-07-14 12:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-25 02:07 - 2021-04-04 01:10 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-25 02:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 02:03 - 2021-06-13 23:31 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\BitTorrent
2022-01-25 02:02 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Lavasoft
2022-01-25 02:02 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Lavasoft
2022-01-25 02:02 - 2020-09-05 22:22 - 000000000 ____D C:\ProgramData\Lavasoft
2022-01-25 02:00 - 2021-08-09 21:29 - 000001286 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-25 02:00 - 2021-08-09 21:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-25 02:00 - 2021-03-20 09:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-25 02:00 - 2021-03-20 09:12 - 000000000 __SHD C:\Users\Korisnik\IntelGraphicsProfiles
2022-01-25 01:59 - 2021-04-04 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-25 01:59 - 2021-04-04 01:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-25 01:59 - 2021-03-20 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-25 01:59 - 2020-07-14 12:55 - 000000000 ____D C:\ProgramData\Synaptics
2022-01-25 01:59 - 2020-07-14 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-25 01:51 - 2020-07-14 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-24 12:52 - 2021-06-11 10:21 - 000000000 ____D C:\WINDOWS\Minidump
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-23 00:19 - 2020-09-05 22:33 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\vlc
2022-01-22 18:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 11:02 - 2020-09-06 01:45 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 11:02 - 2020-09-06 01:45 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-21 05:09 - 2021-04-04 01:06 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 05:09 - 2021-04-04 01:06 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 23:23 - 2020-09-07 10:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-17 09:31 - 2021-04-04 01:02 - 000000000 ____D C:\Users\Korisnik
2022-01-17 09:31 - 2021-04-04 01:00 - 000538568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-16 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-16 10:05 - 2020-07-25 10:46 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-01-14 01:00 - 2020-07-14 12:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Adobe
2022-01-14 00:53 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-14 00:52 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 14:21 - 2020-07-31 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 14:19 - 2020-07-31 15:45 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 01:58 - 2021-04-04 01:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 01:58 - 2020-07-14 12:28 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-07 09:52 - 2018-11-14 18:12 - 000000000 ____D C:\ProgramData\Packages

==================== Datoteke u korenu nekih direktorijuma ========

2021-10-14 15:24 - 2021-10-14 21:23 - 000005120 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-07 01:04 - 2021-03-20 09:11 - 000000205 _____ () C:\Users\Korisnik\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

==================== Kraj od FRST.txt ========================
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Zdravo,

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
Klikni na dugme Scan Now i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[S00].txt) sa izveštajem.
Sačuvaj taj izveštaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

nakon skeniranja racunara adwcleanerom nudi mi samo opciju "karantin". ne zatvara ostale programe, niti trazi restart racunara, i ne pokazuje izvestaj u notepad-u. sta da uradim?

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Stavi u karantin i potrazi izvestaj u C:\Adwcleaner

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

uspeo sam
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-28-2022
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 20
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Korisnik\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted C:\Users\Korisnik\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d59376bb-a9ba-4963-a2a7-ce12e681d149}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d59376bb-a9ba-4963-a2a7-ce12e681d149}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{d59376bb-a9ba-4963-a2a7-ce12e681d149}|UninstallString
Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3479 octets] - [27/01/2022 17:52:43]
AdwCleaner[S01].txt - [3540 octets] - [27/01/2022 17:57:01]
AdwCleaner[S02].txt - [3601 octets] - [27/01/2022 17:58:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Postavi mi novi FRST log i Addition log.

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

firefox jos uvek radi na ruskom i ne znam da li je li virus odstranjen
Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija: 26-01-2022
Pokrenuo Korisnik (administrator) na DESKTOP-BODVLOB (Hewlett-Packard HP ENVY 17 Notebook PC) (28-01-2022 21:00:10)
Pokrenuto sa C:\Users\Korisnik\Desktop
Učitani Profili: Korisnik
Platform: Microsoft Windows 10 Pro Verzija 20H2 19042.1466 (X64) Jezik: engleski (SAD) -> srpski (latinica, Srbija)
Podrazumevani pregledač: FF
Režim pokretanja sistema: Normal

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Korisnik\AppData\Roaming\BitTorrent\updates\7.10.5_46097\bittorrentie.exe <2>
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDRW.exe
(Corel Corporation -> Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\InterprocessController.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Korisnik\AppData\Local\Mozilla Firefox\firefox.exe <14>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Korisnik\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registar (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [BitTorrent] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Viber] => C:\Users\Korisnik\AppData\Local\Viber\Viber.exe [51397392 2022-01-26] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [bt] => C:\Users\Korisnik\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2854175078-3885979775-3097901551-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2150848 2022-01-25] (Wargaming.net Limited -> Wargaming.net)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"

==================== Planirani Zadaci (Na Beloj Listi) ============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

Task: {11FDF7FC-0086-43DA-A54F-C58DC5240984} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {20351004-ACC7-4467-B77B-734AA3AC7FC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {30F9D352-96AE-45E4-97BF-591DB87633BF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {3F519F84-FF47-4189-AC46-8CA3A8FDA161} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4E4F086B-38BA-4AAB-8A1B-051D94EE68ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E4F3F24-A5B5-49C0-9E23-8315D132069F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FD10A3D-54CC-42F2-9927-A09D64065F73} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A0FDBE7-6A04-4FDE-A42D-F08A5061BD38} - System32\Tasks\CorelUpdateHelperTask-FBBF1CB630BDB13C4F692CCE0CEF98A3 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {8CB7ED9A-9688-4614-912E-3C75E1A2439C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9F5E195D-BA1B-4A34-B5B0-296B102B0ED0} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {D783D15A-4EDA-4BD8-B47D-D2E234EE131D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC1BCD34-DBE2-4370-8F60-CF7D64FC78E2} - System32\Tasks\Mozilla\Firefox Default Browser Agent E5307D7A67AE0E06 => C:\Users\Korisnik\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "E5307D7A67AE0E06"
Task: {EED51E2B-3D4F-45F6-96B4-66A67AAB798B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Datoteka nije potpisana]
Task: {F12A71DB-C923-4A74-8B80-B2773CDFF7A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)

(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)


==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Hosts: Postoji više od jednog unosa u Hosts. Pogledati Hosts sekciju iz Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{0dc19ceb-bae3-46f5-a1d0-6b41205dd880}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{74508fef-8fd2-47d3-a8d4-27e44cb5f70c}: [DhcpNameServer] 89.216.1.30 89.216.1.50

Edge:
=======
DownloadDir: C:\Users\Korisnik\Downloads
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Korisnik\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: wl8pbczq.default
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 [2022-01-28]
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://en.savefrom.net; hxxps://www.instagram.com; hxxps://www.creativefabrica.com; hxxps://www.telegraf.rs; hxxps://ytmp3.cc; hxxps://www.dailystar.co.uk; hxxps://www.fashion.hr; hxxps://ytop1.com; hxxps://filmstock.wondershare.com; hxxps://www.facebook.com
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\firefox@ghostery.com.xpi [2022-01-28]
FF Extension: (HTTPS Svuda) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\https-everywhere@eff.org.xpi [2022-01-28]
FF Extension: (Privacy Badger) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2022-01-28]
FF Extension: (српски (sr) Language Pack) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\langpack-sr@firefox.mozilla.org.xpi [2022-01-27]
FF Extension: (Српски речник - Serbian Dictionary) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\sr-RS@dictionaries.addons.mozilla.org.xpi [2021-08-09]
FF Extension: (uBlock Origin) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\bmaapmzb.default-release-1\Extensions\uBlock0@raymondhill.net.xpi [2022-01-28]
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 [2022-01-28]
FF DownloadDir: C:\Users\Korisnik\Desktop\sacuvaj
FF Homepage: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> google
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://www.computer-pdf.com; hxxps://creativetacos.com; hxxps://www.nssmag.com; hxxps://thepiratebay.org; hxxps://www.kurir.rs; hxxps://badoo.com; hxxps://www.pinterest.com; hxxps://www.dreamstime.com; hxxps://www.instagram.com; hxxps://ytmp3.cc; hxxps://glossy.espreso.co.rs; hxxps://direktno.rs
FF Extension: (TubeBuddy) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2022-01-28]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-01-28]
FF Extension: (Fairytale Of Nature) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{6804879d-8801-473a-b13d-605b902a5e4f}.xpi [2021-06-03]
FF Extension: (Purpling bubbles) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{69ab6730-1a1a-4d27-8aa4-f27a0e5f2de8}.xpi [2021-06-17]
FF Extension: (Dark display mode) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{837f1b64-2478-40ef-9ce6-ee2303544a1d}.xpi [2021-08-08]
FF Extension: (Beach chairs - Jen) - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146\Extensions\{d131036c-f86e-42b1-8386-9a4f47596b24}.xpi [2021-08-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default [2022-01-28]
CHR HomePage: Default -> hxxp://www.google.rs/
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Презентације) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-14]
CHR Extension: (Документи) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-14]
CHR Extension: (Google диск) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-23]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-14]
CHR Extension: (Табеле) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-14]
CHR Extension: (Google документи офлајн) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-28]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]

==================== Servisi (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datoteka nije potpisana]
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X]

===================== Drajveri (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-21] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datoteka nije potpisana]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 MpKsl07380d60; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B06B50FF-EDD8-4605-8B25-D30467A3D502}\MpKslDrv.sys [134376 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19032 2012-08-20] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12384 2012-08-20] (MiniTool Solution Ltd -> )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-26] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec dana (kreirane) (Na Beloj Listi) =========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-28 21:00 - 2022-01-28 21:00 - 000025874 _____ C:\Users\Korisnik\Desktop\FRST.txt
2022-01-28 01:22 - 2022-01-28 01:22 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Mozilla Firefox
2022-01-28 01:16 - 2022-01-28 01:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-28 01:13 - 2022-01-28 01:13 - 000003425 _____ C:\Users\Korisnik\Desktop\AdwCleaner[C02].txt
2022-01-27 17:52 - 2022-01-28 01:11 - 000000000 ____D C:\AdwCleaner
2022-01-27 17:51 - 2022-01-27 17:51 - 008540344 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\adwcleaner_8.3.1.exe
2022-01-27 13:28 - 2022-01-28 21:00 - 000000000 ____D C:\FRST
2022-01-27 13:26 - 2022-01-27 13:26 - 002311680 _____ (Farbar) C:\Users\Korisnik\Desktop\FRST64.exe
2022-01-27 13:02 - 2022-01-27 13:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\mbam
2022-01-27 12:52 - 2022-01-27 12:53 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Viber
2022-01-27 12:39 - 2022-01-27 12:39 - 002086424 _____ (Malwarebytes) C:\Users\Korisnik\Desktop\MBSetup-076886.076886-Consumer.exe
2022-01-27 02:58 - 2022-01-27 02:58 - 002685778 _____ C:\Users\Korisnik\Desktop\zzzzzz.zip
2022-01-26 23:13 - 2022-01-26 23:13 - 003826350 _____ C:\Users\Korisnik\Desktop\set-vintage-beer-brewery-emblems-labels-logos-badges-designed-elements-monochrome-style-isolated-white-background.zip
2022-01-25 15:28 - 2022-01-25 15:28 - 000001069 _____ C:\Users\Public\Desktop\Wondershare Filmora9.lnk
2022-01-25 15:27 - 2022-01-25 15:31 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2022-01-25 15:24 - 2022-01-25 15:25 - 283315142 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 9.2.7.13 Full [4REALTORRENTZ.COM].ZIP
2022-01-25 15:18 - 2022-01-25 15:27 - 000000000 ____D C:\Program Files\Wondershare
2022-01-25 15:01 - 2022-01-25 15:08 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft SDK10
2022-01-25 04:18 - 2022-01-28 06:29 - 1215208830 _____ C:\Users\Korisnik\Downloads\Penelope Cross - Influencing The Influencer 090921.mp4
2022-01-25 02:03 - 2022-01-25 02:03 - 000000000 ____D C:\Users\Korisnik\Downloads\Money Making Money For Beginners Online Business Youtube Fiverr Craigslist
2022-01-23 00:12 - 2022-01-23 00:13 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla (2)
2022-01-22 16:01 - 2022-01-19 11:13 - 009336320 _____ C:\Users\Korisnik\Desktop\ZOOM0006.WAV
2022-01-22 15:54 - 2022-01-19 10:46 - 126134066 _____ C:\Users\Korisnik\Desktop\GH010808.MP4
2022-01-20 11:31 - 2022-01-20 11:31 - 000000000 ____D C:\Users\Korisnik\AppData\Local\UXP
2022-01-18 18:41 - 2022-01-18 19:02 - 453789012 _____ C:\Users\Korisnik\Desktop\ŽIGOLO SMOOTHIE 🔥 good health immunity and sex 🔥 healthy tasty powerful 🔥 best for winter ❄.mp4
2022-01-18 16:13 - 2022-01-18 13:07 - 207249152 _____ C:\Users\Korisnik\Desktop\ZOOM0001.WAV
2022-01-18 16:05 - 2022-01-18 12:40 - 2707889865 _____ C:\Users\Korisnik\Desktop\GH010801.MP4
2022-01-17 20:27 - 2022-01-17 20:27 - 002176610 _____ C:\Users\Korisnik\Desktop\aktuelan valst.wfp
2022-01-17 20:27 - 2022-01-17 20:27 - 000020903 _____ C:\Users\Korisnik\Desktop\aktuelan valst.fsthumb
2022-01-17 14:13 - 2022-01-18 02:24 - 000000000 ____D C:\Users\Korisnik\Desktop\Nova fascikla
2022-01-17 12:11 - 2022-01-17 12:11 - 000000000 ____D C:\ProgramData\Wondershare
2022-01-17 12:08 - 2022-01-17 11:53 - 020026112 _____ C:\Users\Korisnik\Desktop\ZOOM0004.WAV
2022-01-17 12:08 - 2022-01-17 11:44 - 024431360 _____ C:\Users\Korisnik\Desktop\ZOOM0003.WAV
2022-01-17 12:08 - 2022-01-17 11:31 - 098841344 _____ C:\Users\Korisnik\Desktop\ZOOM0002.WAV
2022-01-16 16:54 - 2022-01-15 03:57 - 600004576 ____N (Document) C:\Users\Korisnik\Desktop\Explanation of our pricing policy(mk).scr.scr
2022-01-16 16:49 - 2022-01-16 16:49 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Yandex
2022-01-16 13:20 - 2022-01-16 13:20 - 000160031 _____ C:\Users\Korisnik\Desktop\File with options for work.pdf
2022-01-16 13:20 - 2022-01-16 13:20 - 000000000 ____D C:\Users\Korisnik\Desktop\sacuvaj
2022-01-16 10:04 - 2022-01-16 10:04 - 000000016 _____ C:\ProgramData\mntemp
2022-01-16 09:43 - 2022-01-25 15:00 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.1.21.0 incl Activator [(zabranjeno)ingPatching]
2022-01-16 09:19 - 2022-01-16 10:02 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare
2022-01-16 09:07 - 2022-01-16 09:15 - 250784942 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.7.0 (x64) Repack.rar
2022-01-16 09:03 - 2022-01-16 09:05 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora X 10.7.7.9 (x64) Multilingual.Fix
2022-01-16 08:56 - 2022-01-16 08:58 - 000000000 ____D C:\Users\Korisnik\Documents\FilmoraScreen
2022-01-16 08:55 - 2022-01-25 14:43 - 000000000 ____D C:\ProgramData\Wondershare Filmora Scrn
2022-01-16 08:44 - 2022-01-16 08:45 - 000000000 ____D C:\Users\Korisnik\Downloads\Wondershare Filmora 10.0.0.91 (Repack & Portable) {B4tman}
2022-01-13 18:52 - 2022-01-13 18:52 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 18:52 - 2022-01-13 18:52 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 18:45 - 2022-01-13 18:45 - 000000000 ___HD C:\$WinREAgent
2022-01-02 20:46 - 2022-01-02 20:47 - 021236796 _____ C:\Users\Korisnik\Downloads\eps_reader.zip
2021-12-31 01:52 - 2021-12-31 02:18 - 007291858 _____ C:\Users\Korisnik\Downloads\The Educated Person's Thumbnail Introduction to the Bible.pdf
2021-12-29 23:37 - 2018-08-18 10:06 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2021-12-29 23:10 - 2021-12-29 23:35 - 2680037867 _____ C:\Users\Korisnik\Downloads\Wondershare Filmora 8.7.1.4 (x64) + 1300 Effects.7z
2021-12-29 21:43 - 2021-12-29 21:43 - 000000000 ____D C:\Users\Korisnik\Downloads\[(zabranjeno)zsoft.net]Wondershare.Filmora.Scrn.v1.0.1.Multilingual

==================== Mesec dana (modifikovane) ==================

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-01-28 21:01 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\BitTorrent
2022-01-28 20:57 - 2021-04-04 01:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-28 20:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-28 20:54 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\Documents\ViberDownloads
2022-01-28 20:39 - 2020-07-14 12:20 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\Mozilla
2022-01-28 20:36 - 2020-07-14 12:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 17:41 - 2021-05-29 04:47 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C3F1E325-79BD-4A4B-BA1F-7B9F1AF91283}
2022-01-28 17:23 - 2021-02-09 02:14 - 000000000 ____D C:\Users\Korisnik\AppData\Local\BitTorrentHelper
2022-01-28 02:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-28 02:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 01:39 - 2021-08-09 21:29 - 000001286 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-28 01:39 - 2021-08-09 21:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-28 01:39 - 2020-09-07 10:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-28 01:39 - 2020-07-14 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-28 01:37 - 2020-08-06 14:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-28 01:33 - 2021-04-04 01:10 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-28 01:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-28 01:26 - 2021-06-13 23:31 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\BitTorrent
2022-01-28 01:26 - 2021-04-14 16:09 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\ViberPC
2022-01-28 01:25 - 2021-04-04 01:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-28 01:25 - 2021-04-04 01:02 - 000000000 ____D C:\Users\Korisnik
2022-01-28 01:25 - 2021-04-04 01:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-28 01:25 - 2021-03-20 09:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-28 01:25 - 2021-03-20 09:12 - 000000000 __SHD C:\Users\Korisnik\IntelGraphicsProfiles
2022-01-28 01:25 - 2021-03-20 09:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-28 01:25 - 2020-07-14 12:55 - 000000000 ____D C:\ProgramData\Synaptics
2022-01-28 01:25 - 2020-07-14 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-28 01:25 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-28 01:11 - 2020-09-05 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\ProgramData\Lavasoft
2022-01-28 01:11 - 2020-09-05 22:22 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2022-01-27 17:56 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-27 12:49 - 2021-11-22 23:35 - 000000000 ____D C:\Users\Korisnik\Desktop\Camera
2022-01-26 18:04 - 2021-12-12 17:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2854175078-3885979775-3097901551-1002
2022-01-26 18:04 - 2021-04-04 01:02 - 000002400 _____ C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-25 22:48 - 2021-04-12 21:33 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d728e6391c4fd1
2022-01-25 22:48 - 2021-04-04 01:06 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 15:29 - 2020-07-25 10:52 - 000000000 ____D C:\Users\Korisnik\Documents\Wondershare Filmora 9
2022-01-25 15:28 - 2020-09-07 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-01-25 13:17 - 2020-07-14 12:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 13:17 - 2020-07-14 12:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-24 12:52 - 2021-06-11 10:21 - 000000000 ____D C:\WINDOWS\Minidump
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-24 01:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-23 00:19 - 2020-09-05 22:33 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\vlc
2022-01-22 11:02 - 2020-09-06 01:45 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 11:02 - 2020-09-06 01:45 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-21 05:09 - 2021-04-04 01:06 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 05:09 - 2021-04-04 01:06 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-17 09:31 - 2021-04-04 01:00 - 000538568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-16 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-16 10:05 - 2020-07-25 10:46 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-01-14 01:00 - 2020-07-14 12:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Adobe
2022-01-14 00:52 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 14:21 - 2020-07-31 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 14:19 - 2020-07-31 15:45 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 01:58 - 2021-04-04 01:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 01:58 - 2020-07-14 12:28 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-07 09:52 - 2018-11-14 18:12 - 000000000 ____D C:\ProgramData\Packages

==================== Datoteke u korenu nekih direktorijuma ========

2021-10-14 15:24 - 2021-10-14 21:23 - 000005120 _____ () C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-07 01:04 - 2021-03-20 09:11 - 000000205 _____ () C:\Users\Korisnik\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

==================== Kraj od FRST.txt ========================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 27 Jan 2022
  • Poruke: 6

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija: 26-01-2022
Pokrenuo Korisnik (29-01-2022 16:35:04) Run:1
Pokrenuto sa C:\Users\Korisnik\Desktop
Učitani Profili: Korisnik
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
CreateRestorePoint:
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nema Datoteke)
InternetURL: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url -> URL: "file:///C:\ProgramData\GNUQlUqfKY\dll.exe"
Edge Extension: (Nema Imena) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nije pronađena]
Edge Extension: (Nema Imena) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nije pronađena]
Edge Extension: (Nema Imena) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nije pronađena]
Edge Extension: (Nema Imena) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nije pronađena]
Edge HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
Edge StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
Edge DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
Edge DefaultSearchKeyword: Default -> poshukach engin search
Edge DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
FF NewTab: Mozilla\Firefox\Profiles\wib72npz.default-release-1599470295146 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default [2022-01-25]
FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\bmaapmzb.default-release-1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
EmptyTemp:
*****************

Tačka vraćanja je uspešno kreirana.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => uspešno uklonjeno
C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NkeGMKDHuN.url => uspešno premešteno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => uspešno uklonjeno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => uspešno uklonjeno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => uspešno uklonjeno
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => uspešno uklonjeno
"Edge HomePage" => uspešno uklonjeno
"Edge StartupUrls" => uspešno uklonjeno
"Edge DefaultSearchURL" => uspešno uklonjeno
"Edge DefaultSearchKeyword" => uspešno uklonjeno
"Edge DefaultSuggestURL" => uspešno uklonjeno
"Chrome DefaultSearchURL" => uspešno uklonjeno
"Chrome DefaultSearchKeyword" => uspešno uklonjeno
"Chrome DefaultSuggestURL" => uspešno uklonjeno
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\makcojoppodhcgmmchohadhpkicoafka => uspešno uklonjeno
"Firefox newtab" => uspešno uklonjeno
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default => uspešno premešteno
C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\wl8pbczq.default => pitanja uspešno uklonjeno
"FF Homepage: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"FF NewTab: Mozilla\Firefox\Profiles\wl8pbczq.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"Firefox newtab" => uspešno uklonjeno

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 642983089 B
Java, Flash, Steam htmlcache => 1123 B
Windows/system/drivers => 7938468 B
Edge => 929930 B
Chrome => 70829376 B
Firefox => 2549456537 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7262 B
NetworkService => 902686 B
Korisnik => 9183944651 B

RecycleBin => 84452 B
EmptyTemp: => 11.6 GB privremeni podaci Uklonjeni.

================================


Sistemu je potreban ponovno pokretanje.

==== Kraj od Fixlog 16:43:31 ====



firefox i sada otvara nekakva upozorenja na ruskom

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Postavi mi novi FRST log i Addition log. Da li je stanje malo bolje?

Ko je trenutno na forumu
 

Ukupno su 952 korisnika na forumu :: 58 registrovanih, 8 sakrivenih i 886 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., AC-DC, Acaks88, aleksandarbl, Alibaba1981, babaroga, Bajker 72, Belac91, bojank, bufanje, Chainsaw, chichabg, Cranium, cuculo, cvrle312, Djokislav, doklevise, Georgius, gorantrojka, goxin, hyla, Igor Antonic, ikan, indja, Jovan Nenad, Krusarac, LeGrandCharles, ljuka988, loon123, Lord Nem, Magistar78, Outis, panda1, pceklic, pein, proka89, proleter373, pvoman, RiV, riva, RJ, royst33, S2M, sakota79, ss10, stagezin, stokssone, strn, tmanda323, udbas, Van, Vendox, Vlada1389, Vlada78, vladetije, zlaya011, zveki63, |_MeD_|