Otvara nove prozore

Otvara nove prozore

offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Napisano: 10 Dec 2017 11:32

Odnedavno je racunar poceo da otvara nove prozore sa nekim sadrzajima (verovatno su reklame, nisam gledao), ili otvara sadrzaje u istom prozoru pa moram da vracam, cak i po nekoliko strana unazad.
Ranije sam vec cistio racunar par puta, uz vasu pomoc i do sada je bilo ok, zahvaljujem na tome, a i na ovome sto ce biti sada.
Evo izvestaja sa skeniranja sa FRST, u prilogu.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2017
Ran by ZokiVale (administrator) on ZOKIVALE-PC (10-12-2017 11:22:25)
Running from C:\Users\ZokiVale\Desktop
Loaded Profiles: ZokiVale (Available Profiles: ZokiVale)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(System Process Inc.) C:\Users\ZokiVale\AppData\Roaming\Idle\Idle.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(BitTorrent Inc.) C:\Users\ZokiVale\AppData\Roaming\uTorrent\uTorrent.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\qBittorrent\qbittorrent.exe
(Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe
(IO3O LLC) C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CodeLathe LLC) C:\Users\ZokiVale\AppData\Roaming\Tonido\tonido.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(BitTorrent Inc.) C:\Users\ZokiVale\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\ZokiVale\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [ACUW09EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe [2090952 2016-05-09] (ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [uTorrent] => C:\Users\ZokiVale\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-06-30] (BitTorrent Inc.)
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [ACDSeeCommanderUltimate9] => C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe [3146936 2016-05-09] ()
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [Tonido] => C:\Users\ZokiVale\AppData\Roaming\Tonido\launcher.exe [197120 2017-01-12] (CodeLathe LLC)
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [17779712 2017-11-22] ()
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\Run: [BatteryCare] => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [827904 2017-10-06] (Filipe Lourenço)
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\MountPoints2: {64bfebf9-9823-11e7-9034-c01885794988} - V:\Autoplay.exe -auto
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\...\MountPoints2: {8839018f-aeec-11e7-9f6d-c01885794988} - V:\SETUP.EXE
IFEO\osppsvc.exe: [Debugger] SppExtComObjPatcher.exe
IFEO\sppsvc.exe: [Debugger] SppExtComObjPatcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk [2017-09-21]
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (IO3O LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50
Tcpip\..\Interfaces\{06AE81D5-265D-465A-914D-5B9481C00F82}: [DhcpNameServer] 89.216.1.40 89.216.1.50
Tcpip\..\Interfaces\{733DF153-3A3F-4EB3-A3C0-CCAC7A146B06}: [NameServer] 217.65.192.102 217.65.192.101
Tcpip\..\Interfaces\{8A73C835-6A4C-4115-A1D6-98C6E72E9962}: [DhcpNameServer] 89.216.1.40 89.216.1.50

Internet Explorer:
==================
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.d3go.tv/tvguide.html
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20] (Atheros Commnucations)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-22] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5nzvlnhn.default-1492194392001-1512063802933
FF ProfilePath: C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\5nzvlnhn.default-1492194392001-1512063802933 [2017-12-10]
FF Extension: (uBlock Origin) - C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\5nzvlnhn.default-1492194392001-1512063802933\Extensions\uBlock0@raymondhill.net.xpi [2017-12-09]
FF Extension: (Adblock Plus) - C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\5nzvlnhn.default-1492194392001-1512063802933\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-09]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\ZokiVale\AppData\Roaming\Mozilla\Firefox\Profiles\5nzvlnhn.default-1492194392001-1512063802933\features\{948cf0f8-59bb-4eeb-b4a9-c8545c60150d}\disable-media-wmf-nv12@mozilla.org.xpi [2017-12-08] [Lagacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2740702198-154648627-4041826751-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\678957379.js [2017-12-08] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\678957379.cfg [2017-12-08] <==== ATTENTION

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [80032 2011-05-20] (Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-15] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-15] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S2 mts mobilni internet. RunOuc; C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [239968 2016-09-18] ()
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2016-09-12] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 MBAMScheduler; "\mbamscheduler.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2016-09-18] (Huawei Technologies Co., Ltd.)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-16] (Malwarebytes)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-10 11:22 - 2017-12-10 11:23 - 000017819 _____ C:\Users\ZokiVale\Desktop\FRST.txt
2017-12-10 11:22 - 2017-12-10 11:22 - 000000000 ____D C:\FRST
2017-12-10 11:21 - 2017-12-10 11:21 - 002390528 _____ (Farbar) C:\Users\ZokiVale\Desktop\FRST64.exe
2017-12-09 23:13 - 2017-12-09 23:13 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\IDT
2017-12-08 22:55 - 2017-12-08 22:55 - 000000000 ___HD C:\OneDriveTemp
2017-12-08 22:52 - 2017-12-08 22:52 - 000000000 ___RD C:\Users\ZokiVale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2017-12-08 21:17 - 2017-12-08 23:01 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-12-08 18:16 - 2017-12-09 12:50 - 000000000 ____D C:\ProgramData\TEMP
2017-12-08 18:16 - 2017-12-08 18:18 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2017-12-08 18:16 - 2017-12-08 18:16 - 000001975 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk
2017-12-08 18:16 - 2017-12-08 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2017-12-08 18:04 - 2017-12-08 18:04 - 000003178 _____ C:\Windows\System32\Tasks\Idle
2017-12-08 18:04 - 2017-12-08 18:04 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\Idle
2017-12-07 02:39 - 2017-12-07 02:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 21:10 - 2017-12-05 21:11 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\BatteryCare
2017-12-05 21:10 - 2017-12-05 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare
2017-12-05 21:10 - 2017-12-05 21:10 - 000000000 ____D C:\Program Files (x86)\BatteryCare
2017-12-05 21:09 - 2017-12-05 21:09 - 002367584 _____ (Filipe Lourenço ) C:\Users\ZokiVale\Downloads\SetupBatteryCare.exe
2017-12-05 02:06 - 2017-12-05 02:06 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-12-05 02:06 - 2017-12-05 02:06 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-12-05 02:06 - 2017-12-05 02:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-12-05 02:06 - 2017-12-05 02:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-12-01 10:21 - 2017-12-01 10:21 - 018724198 _____ (The qBittorrent project) C:\Users\ZokiVale\Downloads\qbittorrent_4.0.2_setup.exe
2017-11-30 18:40 - 2017-11-30 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-11-30 18:40 - 2017-11-30 18:40 - 000000000 ____D C:\Program Files (x86)\qBittorrent
2017-11-30 18:38 - 2017-11-30 18:38 - 018669686 _____ (The qBittorrent project) C:\Users\ZokiVale\Downloads\qbittorrent_4.0.1_setup.exe
2017-11-30 18:32 - 2017-12-08 22:53 - 000000000 ____D C:\Users\ZokiVale\AppData\LocalLow\uTorrent
2017-11-30 17:49 - 2017-11-17 05:23 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-30 17:49 - 2017-10-17 00:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-11-30 17:49 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-11-30 17:49 - 2017-10-12 01:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-11-30 17:49 - 2017-10-12 01:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-11-30 17:49 - 2017-10-12 01:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-11-30 17:48 - 2017-10-18 03:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-30 17:48 - 2017-10-18 03:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-30 17:48 - 2017-10-15 23:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-30 17:48 - 2017-10-04 14:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-30 17:48 - 2017-10-04 14:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-30 17:48 - 2017-10-04 14:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-30 17:48 - 2017-10-04 14:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-30 17:48 - 2017-10-04 14:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-30 17:48 - 2017-10-04 14:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-30 17:48 - 2017-10-04 14:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-28 18:37 - 2017-11-28 18:37 - 000000000 ____D C:\Users\ZokiVale\Downloads\Lanci za sneg
2017-11-28 17:34 - 2017-11-28 17:34 - 000158394 _____ C:\Users\ZokiVale\AppData\LocalLow\wbk3975.tmp
2017-11-21 18:12 - 2017-11-21 18:12 - 000011851 _____ C:\Users\ZokiVale\Downloads\STP SMA Questionaire ZIbrief.xlsx
2017-11-19 12:17 - 2017-11-19 12:17 - 000001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2017-11-19 12:17 - 2017-11-19 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-11-19 12:16 - 2017-11-19 12:16 - 000000000 ____D C:\Program Files\Oracle
2017-11-19 12:16 - 2017-10-16 11:48 - 000149816 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2017-11-19 12:12 - 2017-11-19 12:12 - 123949400 _____ (Oracle Corporation) C:\Users\ZokiVale\Downloads\VirtualBox-5.1.30-118389-Win.exe
2017-11-16 21:59 - 2017-11-16 22:09 - 000000000 ____D C:\Users\ZokiVale\VirtualBox VMs
2017-11-16 21:57 - 2017-11-19 13:36 - 000000000 ____D C:\Users\ZokiVale\.VirtualBox
2017-11-16 21:55 - 2017-10-16 11:48 - 000965984 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-11-16 21:51 - 2017-11-16 21:52 - 117185736 _____ (Oracle Corporation) C:\Users\ZokiVale\Downloads\VirtualBox-5-0-14-105127-Win.exe
2017-11-16 08:26 - 2017-11-16 10:17 - 016524964 _____ (The qBittorrent project) C:\Users\ZokiVale\Downloads\qbittorrent_3.3.16_setup.exe
2017-11-15 13:52 - 2017-10-18 08:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-15 13:52 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-15 13:52 - 2017-10-18 03:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-15 13:52 - 2017-10-18 03:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-15 13:52 - 2017-10-18 03:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-15 13:52 - 2017-10-18 03:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-15 13:52 - 2017-10-18 03:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-15 13:52 - 2017-10-18 03:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-15 13:52 - 2017-10-18 03:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-15 13:52 - 2017-10-17 00:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-15 13:52 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-15 13:52 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-15 13:52 - 2017-10-14 09:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-15 13:52 - 2017-10-14 09:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 13:52 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-15 13:52 - 2017-10-14 09:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-15 13:52 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-15 13:52 - 2017-10-14 09:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-15 13:52 - 2017-10-14 09:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-15 13:52 - 2017-10-14 09:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-15 13:52 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-15 13:52 - 2017-10-14 09:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-15 13:52 - 2017-10-14 09:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-15 13:52 - 2017-10-14 09:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-15 13:52 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-15 13:52 - 2017-10-14 09:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-15 13:52 - 2017-10-14 09:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-15 13:52 - 2017-10-14 09:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-15 13:52 - 2017-10-14 08:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 13:52 - 2017-10-14 08:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-15 13:52 - 2017-10-14 08:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-15 13:52 - 2017-10-14 08:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 13:52 - 2017-10-14 08:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-15 13:52 - 2017-10-14 08:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-15 13:52 - 2017-10-14 08:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-15 13:52 - 2017-10-14 08:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-15 13:52 - 2017-10-14 08:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-15 13:52 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-15 13:52 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-15 13:52 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-15 13:52 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-15 13:52 - 2017-10-14 08:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-15 13:52 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-15 13:52 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-15 13:52 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-15 13:52 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-15 13:52 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-15 13:52 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-15 13:52 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-15 13:52 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-15 13:52 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-15 13:52 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-15 13:52 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-15 13:52 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-15 13:52 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-15 13:52 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-15 13:52 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-15 13:52 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-15 13:52 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-15 13:52 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-15 13:52 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-15 13:52 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-15 13:52 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-15 13:52 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-15 13:52 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-15 13:52 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-15 13:52 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-15 13:52 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-15 13:52 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-15 13:52 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-15 13:52 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-15 13:52 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-15 13:52 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-15 13:52 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-15 13:52 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-15 13:52 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-15 13:52 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-15 13:52 - 2017-10-12 01:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-15 13:52 - 2017-10-12 01:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-15 13:52 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-15 13:52 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-15 13:52 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-15 13:52 - 2017-10-12 01:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-15 13:52 - 2017-10-12 01:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 13:52 - 2017-10-12 01:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-15 13:52 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-15 13:52 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-15 13:52 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-15 13:52 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-15 13:52 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-15 13:52 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-15 13:52 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-15 13:52 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-15 13:52 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-15 13:52 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-15 13:52 - 2017-10-12 01:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-15 13:52 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-15 13:52 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-11 10:43 - 2017-11-16 08:21 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-11 10:42 - 2017-11-11 10:42 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-11 10:42 - 2017-11-11 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-11 10:42 - 2017-11-11 10:42 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-11-11 10:42 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-10 11:23 - 2016-07-24 15:21 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\uTorrent
2017-12-10 11:22 - 2016-09-14 17:43 - 000000000 ____D C:\wifidata
2017-12-10 11:20 - 2016-08-26 10:02 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\Skype
2017-12-10 11:09 - 2016-11-21 22:52 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\qBittorrent
2017-12-10 10:56 - 2016-07-15 17:34 - 000000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-12-10 05:56 - 2016-07-15 17:34 - 000000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-12-10 03:46 - 2009-07-14 05:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-10 03:46 - 2009-07-14 05:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-08 22:57 - 2016-11-19 19:31 - 000000000 ____D C:\Users\ZokiVale\AppData\LocalLow\Mozilla
2017-12-08 22:55 - 2016-07-15 17:45 - 000000000 ___RD C:\Users\ZokiVale\OneDrive
2017-12-08 22:52 - 2016-09-20 23:46 - 000000000 ____D C:\ProgramData\MCShield
2017-12-08 22:52 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-08 21:31 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-08 21:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-08 21:17 - 2016-07-10 15:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-08 18:37 - 2017-07-27 08:25 - 000003184 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2740702198-154648627-4041826751-1000
2017-12-08 18:37 - 2016-07-15 17:45 - 000002168 _____ C:\Users\ZokiVale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-12-08 18:15 - 2016-12-10 21:21 - 000000000 ____D C:\Users\ZokiVale\AppData\Local\Downloaded Installations
2017-12-08 18:04 - 2017-02-21 18:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-07 02:40 - 2016-07-15 17:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-12-05 18:39 - 2017-02-03 23:30 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\Kodi
2017-11-30 20:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-11-30 18:45 - 2017-10-15 14:58 - 000000000 ____D C:\Users\ZokiVale\AppData\Local\ElevatedDiagnostics
2017-11-30 18:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-11-30 18:43 - 2016-09-19 20:29 - 000000000 ____D C:\Users\ZokiVale\Desktop\Стари Firefox подаци
2017-11-30 18:40 - 2016-11-21 22:52 - 000000000 ____D C:\Users\ZokiVale\AppData\Local\qBittorrent
2017-11-30 18:30 - 2009-07-14 05:45 - 000362856 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-30 18:27 - 2016-07-16 11:01 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-11-30 18:27 - 2016-07-16 11:01 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-30 18:18 - 2016-07-15 15:43 - 000766100 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-11-30 18:02 - 2016-07-16 09:22 - 000000000 ____D C:\Windows\system32\MRT
2017-11-30 17:51 - 2017-10-12 02:04 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-30 17:51 - 2016-07-16 09:22 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-29 15:24 - 2016-07-27 19:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-24 22:50 - 2017-01-26 00:49 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\vlc
2017-11-17 08:03 - 2016-07-27 19:25 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 21:59 - 2016-07-10 15:05 - 000000000 ____D C:\Users\ZokiVale
2017-11-16 08:29 - 2017-02-19 21:00 - 000000000 ____D C:\ProgramData\Skype
2017-11-16 08:22 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-15 17:36 - 2016-07-10 15:40 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\Mozilla
2017-11-15 14:42 - 2017-06-11 11:34 - 000000000 ____D C:\Users\ZokiVale\Documents\Bluetooth Folder
2017-11-14 23:56 - 2017-07-13 18:43 - 000000948 _____ C:\Users\ZokiVale\Desktop\Core Temp.lnk
2017-11-14 23:56 - 2017-07-13 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-11-14 23:56 - 2017-07-13 18:43 - 000000000 ____D C:\Program Files\Core Temp
2017-11-14 23:55 - 2017-07-13 18:42 - 001243944 _____ (ALCPU ) C:\Users\ZokiVale\Downloads\Core-Temp-setup.exe
2017-11-14 11:24 - 2016-07-16 10:21 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 11:24 - 2016-07-16 10:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 11:24 - 2016-07-16 10:21 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 11:24 - 2016-07-16 10:21 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 11:24 - 2016-07-16 10:21 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 04:56 - 2017-04-11 21:11 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 04:56 - 2017-04-11 21:11 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-13 15:18 - 2017-09-27 21:42 - 000000000 ____D C:\Users\ZokiVale\AppData\Roaming\Eagle

==================== Files in the root of some directories =======

2017-06-12 23:27 - 2017-06-12 23:27 - 000000069 _____ () C:\Program Files (x86)\dialogysclip.bat
2017-06-12 23:27 - 2017-06-15 10:58 - 000001815 _____ () C:\Program Files (x86)\DialogysUninstWPS.bat
2016-11-12 10:52 - 2017-06-12 23:27 - 000001679 _____ () C:\Program Files (x86)\INSTALL.LOG
2017-06-12 23:27 - 2014-09-12 12:01 - 000176055 _____ () C:\Program Files (x86)\UninstScript.EXE

Some files in TEMP:
====================
2017-12-08 18:04 - 2017-12-08 18:04 - 000839680 _____ (System Process Inc.) C:\Users\ZokiVale\AppData\Local\Temp\678959438.exe
2017-10-22 09:16 - 2017-10-22 09:16 - 000003584 _____ () C:\Users\ZokiVale\AppData\Local\Temp\7CEB9B2A0E395BD64E74381485A106AF.dll
2017-10-22 09:16 - 2017-10-22 09:16 - 000003072 _____ () C:\Users\ZokiVale\AppData\Local\Temp\A1D76FF97175BF79025AB7AA1DDF0A2A.dll
2017-10-22 09:34 - 2017-10-22 09:34 - 001856576 _____ (Oracle Corporation) C:\Users\ZokiVale\AppData\Local\Temp\jre-8u151-windows-au.exe
2017-09-04 21:44 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Users\ZokiVale\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-09 00:47

==================== End of FRST.txt ============================







mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 10 Dec 2017 11:34

Da dodam, imam Malwarebytes od proslog puta, pise da je `up to date`, ali ocito nije dovoljno. I jos, pola godine idem na neki sajt za kliktanje po reklamama, ali nije bilo problema. Inace, sumnjive sajtove ne posecujem.

Dopuna: 10 Dec 2017 11:36

I jos, od kako se to pojavilo, ukljucio sam dva ad blokera u Mozillu, i dosta pomazu, ali opet ni to nije dovoljno.

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pozdrav,
bilo bi pametno da provjeriš u kakvom su stanju diskovi, jer sumnjam da s jednim imaš problema.

Obavezno ažuriraj Windows Defender, jer je zastario i uključi Windows Firewall, jer je isključen.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKU\S-1-5-21-2740702198-154648627-4041826751-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.d3go.tv/tvguide.html
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\678957379.js [2017-12-08] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\678957379.cfg [2017-12-08] <==== ATTENTION
Task: {1B43A038-F744-4D6E-AB78-1AC08D97D350} - System32\Tasks\Idle => C:\Users\ZokiVale\AppData\Roaming\Idle\Idle.exe [2017-12-08] (System Process Inc.) <==== ATTENTION
C:\Users\ZokiVale\AppData\Roaming\Idle
IFEO\osppsvc.exe: [Debugger] SppExtComObjPatcher.exe
IFEO\sppsvc.exe: [Debugger] SppExtComObjPatcher.exe
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Hvala na pomoci. Ovo sam odradio, log je u prilogu. Firewall i windows defender su bili iskljuceni, oba. Ukljucio sam ih, defender je posle uddate-a skenirao i nije nasao nista.
Diskove cu da proverim, zanima me na osnovu cega si to zakljucio, mozda neki od malware-a cini tako da izgleda da disk ne valja. Smart u Bios-u nista nije prijavio.

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

U jednom od logova zabilježeni su problemi s datotečnim sustavom i mogu uzrokovati probleme. Check Disk može popraviti te logičke probleme koji postoje. Oni mogu biti uzrokovani nestankom struje ili u slučaju USB-ova na primjer vađenjem u trenutku kada se nešto na njih zapisuje.

Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.

Zatim:

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Tools odaberi Options.
U dijaloškom okviru koji se pojavi isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"


Javi kakvo je stanje nakon toga.

offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Ni jedan ni drugi nisu nista maliciozno pronasli.
Hvala na trudu. Pozdrav.
mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pojavljuju li se prozori i dalje?

offline
  • Pridružio: 23 Mar 2006
  • Poruke: 84

Nema nista, za sada je sve ok. Hvala jos jednom.

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

OK, gotovi smo.

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Ko je trenutno na forumu
 

Ukupno su 1036 korisnika na forumu :: 24 registrovanih, 3 sakrivenih i 1009 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: bokisha253, Boris BM, BORUTUS, comi_pfc, draganca, FileFinder, GandorCC, Georgius, helen1, hyla, jaeger, Još malo pa deda, Kubovac, ladro, Mi lao shu, mik7, Milometer, Mixelotti, nenad81, nesa1962, raptorsi, skvara, Srle993, vukovi