Poshuhach, techmarket.ink kada otvorim sopstveni sajt

Poshuhach, techmarket.ink kada otvorim sopstveni sajt

offline
  • Pridružio: 20 Sep 2014
  • Poruke: 6

Napisano: 25 Mar 2022 18:08

Malwarebytes „divlja“ kada odem na svoj website, na drugim stranicama ne primećujem. Takodje je i pretraživač u FF otišao na Poshuhach, ali mislim da sam njega rešio.
Elem, vratio sam backup sajta, rekoh da nije na serveru neki problem, ali opet ista priča.

FRST izveštaj

Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija: 25-03-2022
Pokrenuo Rade (administrator) na DESKTOP-52DFCSR (Acer Aspire V3-771) (25-03-2022 17:59:25)
Pokrenuto sa C:\Users\Rade\Downloads
Učitani Profili: Rade
Platform: Microsoft Windows 10 Pro Verzija 21H1 19043.1586 (X64) Jezik: engleski (SAD) -> srpski (latinica, Srbija)
Podrazumevani pregledač: Opera
Režim pokretanja sistema: Normal

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\Rade\Downloads\adwcleaner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registar (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [697720 2015-07-10] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datoteka nije potpisana]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.ex (Nema Datoteke)
HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.ex (Nema Datoteke)
HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (Borislav Surbat -> MyCity)
HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\...\Run: [bt] => C:\Users\Rade\AppData\Roaming\BitTorrent\BitTorrent.exe [0 2022-03-24] () <==== Pažnja [nula bajt Datoteka/Fascikla]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrikcije <==== Pažnja

==================== Planirani Zadaci (Na Beloj Listi) ============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

Task: {14503E12-BEEA-46A7-AAB6-F8F89858DCCC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-04] (Google LLC -> Google LLC)
Task: {367507A3-F9A9-4936-82A8-17A2354FF914} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AF5E419-53C9-4A6A-BD59-E7E54160C965} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {63499E45-895A-4059-9AB3-C41BA8D760A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {65EDD2F6-1CCE-4B42-89DB-B6A7CBAA28F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {73A6FD40-5BC3-4DD0-9019-53CFFF2BBDA7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B487FF8-0864-4EBB-A379-3465C396477E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {7DFB0EA8-ED63-4917-BCD4-0678D6F6949A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-04] (Google LLC -> Google LLC)
Task: {85A23936-AF06-47D2-8E12-D9D499D36626} - System32\Tasks\CCleanerSkipUAC - Rade => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8C2E7B0A-C6E4-49CF-8391-99C1D3C13335} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8F804E19-84FB-4EB8-BD38-DA13F26290E4} - System32\Tasks\Opera scheduled Autoupdate 1648223634 => C:\Users\Rade\AppData\Local\Programs\Opera\launcher.exe [2467024 2022-03-23] (Opera Software AS -> Opera Software)
Task: {C7E6C172-E793-4F93-A0FA-C99B4AEE855B} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2022-03-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)

(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)


==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50
Tcpip\..\Interfaces\{43e9a90d-181e-4508-bda7-d6333d4b44f7}: [DhcpNameServer] 89.216.1.40 89.216.1.50

Edge:
=======
Edge Profile: C:\Users\Rade\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-25]
Edge HKU\S-1-5-21-1510031537-1920221045-1840441394-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: dak9h8dz.default
FF ProfilePath: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\dak9h8dz.default [2022-03-25]
FF Homepage: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release [2022-03-25]
FF Homepage: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTabOverride: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> Enabled: @speed-dial-fast
FF NewTabOverride: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> Disabled: @speed-dial-fast
FF Extension: (Speed Dial) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\@speed-dial-fast.xpi [2021-11-24]
FF Extension: (Youtube to MP3 Free Converter) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\@youtubemp3free.xpi [2021-10-22]
FF Extension: (AdBlocker Ultimate) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-10]
FF Extension: (DP-Instagram) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\dp-instagram@dp-develop.com.xpi [2021-12-12]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\firefox@ghostery.com.xpi [2022-02-11]
FF Extension: (Webmail Ad Blocker) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\gmailnoads@mywebber.com.xpi [2022-03-23]
FF Extension: (New Tab Page) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\pavel.sherbakov@gmail.com.xpi [2021-10-22]
FF Extension: (Website Blocker) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\websiteblocker@wesleybranton.com.xpi [2021-11-05]
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2021-10-22]
FF Extension: (Media Converter and Muxer - Audio Tools) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{0ff128a1-c286-4e73-bffa-9ae879b244d5}.xpi [2021-10-22]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-03-24]
FF Extension: (McAfee® WebAdvisor) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2022-03-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (Block Site) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{54e2eb33-18eb-46ad-a4e4-1329c29f6e17}.xpi [2021-10-22]
FF Extension: (Avast SafePrice | Poređenje cena, ponude, kuponi) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{886a6486-37b3-4bcd-891b-fd0e325e7b1a}.xpi [2022-02-02]
FF Extension: (Video DownloadHelper) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-10-22]
FF Extension: (YouTube mp3 Downloader) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{defe5404-0b6f-4cce-a119-ee0df858e5f9}.xpi [2021-10-22]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2022-02-11]
FF SearchPlugin: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\searchplugins\Poshukach Engin Search.xml [2022-03-25]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nije pronađena
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nije pronađena
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-03-25] <==== Pažnja (Ukazuje na .cfg datoteku)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-03-25] <==== Pažnja

Chrome:
=======
CHR Profile: C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default [2022-03-25]
CHR Extension: (Презентације) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-16]
CHR Extension: (Документи) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-16]
CHR Extension: (Google диск) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-16]
CHR Extension: (YouTube) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-16]
CHR Extension: (Табеле) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-03-24]
CHR Extension: (Google документи офлајн) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-24]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-16]
CHR Extension: (Gmail) - C:\Users\Rade\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-16]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Rade\AppData\Roaming\Opera Software\Opera Stable [2022-03-25]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Rade\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Rade\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-25]

==================== Servisi (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [96120 2015-07-10] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 FLService; C:\Windows\SysWOW64\WinFLService.exe [92984 2022-02-18] (Newsoftwares.net, Inc SDN BHD -> New Softwares.net)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8022200 2022-03-25] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datoteka nije potpisana]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drajveri (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2022-03-25] (Bitdefender SRL -> Bitdefender)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [687936 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1542440 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [281856 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [309272 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [319176 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116008 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [227664 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223688 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195024 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2022-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-03-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [157816 2022-03-25] (Malwarebytes Inc -> Malwarebytes)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2022-02-18] (NewSoftwares.net Inc. SDN. BHD. -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [439544 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2022-02-18] (Newsoftwares.net, Inc SDN BHD -> )
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2022-02-18] (NewSoftwares.net Inc. SDN. BHD. -> NewSoftwares.net, Inc.)

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec dana (kreirane) (Na Beloj Listi) =========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-03-25 17:59 - 2022-03-25 18:00 - 000024781 _____ C:\Users\Rade\Downloads\FRST.txt
2022-03-25 17:59 - 2022-03-25 18:00 - 000000000 ____D C:\FRST
2022-03-25 17:58 - 2022-03-25 17:58 - 002365440 _____ (Farbar) C:\Users\Rade\Downloads\FRST64.exe
2022-03-25 17:55 - 2022-03-25 17:56 - 000000000 ____D C:\AdwCleaner
2022-03-25 17:54 - 2022-03-25 17:54 - 008540344 _____ (Malwarebytes) C:\Users\Rade\Downloads\adwcleaner.exe
2022-03-25 17:53 - 2022-03-25 17:53 - 000223688 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-03-25 17:53 - 2022-03-25 17:53 - 000195024 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-03-25 17:53 - 2022-03-25 17:53 - 000157816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-03-25 17:53 - 2022-03-25 17:53 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-03-25 17:53 - 2022-03-25 17:53 - 000000000 ____D C:\Users\Rade\AppData\LocalLow\IGDump
2022-03-25 17:28 - 2022-03-25 17:28 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-25 17:28 - 2022-03-25 17:28 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-25 17:28 - 2022-03-25 17:28 - 000000000 ____D C:\Users\Rade\AppData\Local\mbam
2022-03-25 17:27 - 2022-03-25 17:27 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-03-25 17:27 - 2022-03-25 17:27 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-03-25 17:27 - 2022-03-25 17:27 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-03-25 17:10 - 2022-03-25 17:10 - 000319176 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2022-03-25 17:10 - 2022-03-25 17:10 - 000309272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-03-25 17:10 - 2022-03-25 17:10 - 000227664 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2022-03-25 17:10 - 2022-03-25 17:10 - 000116008 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-03-25 17:09 - 2022-03-25 17:09 - 000003240 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2022-03-25 17:09 - 2022-03-25 17:09 - 000001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-03-25 17:09 - 2022-03-25 17:09 - 000001167 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-03-25 17:09 - 2022-03-25 17:09 - 000000000 ____D C:\Program Files\Common Files\AV
2022-03-25 17:08 - 2022-03-25 17:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-25 17:08 - 2022-03-25 17:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-03-25 17:08 - 2022-03-25 17:09 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-03-25 17:08 - 2022-03-25 17:08 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security.lnk
2022-03-25 17:08 - 2022-03-25 17:08 - 000002182 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2022-03-25 17:08 - 2022-03-25 17:08 - 000000000 ____D C:\ProgramData\mb3migration
2022-03-25 17:08 - 2022-02-17 21:25 - 001049864 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2022-03-25 17:08 - 2022-02-17 21:25 - 000522504 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2022-03-25 17:08 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2022-03-25 17:07 - 2022-03-25 17:26 - 002365440 _____ (Farbar) C:\Users\Rade\Downloads\FRSTEnglish.exe
2022-03-25 17:07 - 2022-03-25 17:07 - 013471344 _____ C:\Users\Rade\Downloads\mb-support-1.8.7.918.exe
2022-03-25 17:01 - 2022-03-25 17:01 - 002827648 _____ (Kaspersky) C:\Users\Rade\Downloads\kts21.3.10.391sr-Cyrl_sr-Latn_25744.exe
2022-03-25 17:01 - 2022-03-25 17:01 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2022-03-25 16:54 - 2022-03-25 17:56 - 000000000 ____D C:\Users\Rade\AppData\Roaming\Lavasoft
2022-03-25 16:54 - 2022-03-25 17:56 - 000000000 ____D C:\Users\Rade\AppData\Local\Lavasoft
2022-03-25 16:54 - 2022-03-25 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2022-03-25 16:53 - 2022-03-25 17:56 - 000000000 ____D C:\ProgramData\Lavasoft
2022-03-25 16:53 - 2022-03-25 17:56 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2022-03-25 16:53 - 2022-03-25 16:53 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2022-03-25 16:53 - 2022-03-25 16:53 - 000004220 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1648223634
2022-03-25 16:53 - 2022-03-25 16:53 - 000001410 _____ C:\Users\Rade\Desktop\Прегледач Opera.lnk
2022-03-25 16:53 - 2022-03-25 16:53 - 000001400 _____ C:\Users\Rade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Прегледач Opera.lnk
2022-03-25 16:53 - 2022-03-25 16:53 - 000000000 ____D C:\Users\Rade\AppData\Roaming\Opera Software
2022-03-25 16:53 - 2022-03-25 16:53 - 000000000 ____D C:\Users\Rade\AppData\Local\Opera Software
2022-03-24 20:54 - 2022-03-24 21:21 - 000000000 ____D C:\Windows\Minidump
2022-03-24 20:51 - 2022-03-24 20:51 - 000420295 _____ C:\Users\Rade\Downloads\Poresko rešenje za stan 2022.pdf
2022-03-24 20:51 - 2022-03-24 20:51 - 000394413 _____ C:\Users\Rade\Downloads\Poresko rešenje za stan 2021.pdf
2022-03-24 17:36 - 2022-03-25 17:22 - 000000000 ____D C:\ProgramData\MCShield
2022-03-24 17:36 - 2022-03-24 17:36 - 002856736 _____ (MyCity) C:\Users\Rade\Downloads\MCShield-Setup.exe
2022-03-24 17:36 - 2022-03-24 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2022-03-24 17:36 - 2022-03-24 17:36 - 000000000 ____D C:\Program Files (x86)\MCShield
2022-03-24 17:15 - 2022-03-25 17:27 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-24 17:15 - 2022-03-24 17:15 - 002443448 _____ (Malwarebytes) C:\Users\Rade\Downloads\MBSetup.exe
2022-03-24 17:11 - 2022-03-24 17:11 - 000000000 ____D C:\Windows\system32\gf2engine
2022-03-24 17:10 - 2022-03-24 17:10 - 000225608 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Rade\Downloads\avg_antivirus_free_setup.exe
2022-03-24 16:38 - 2022-03-24 16:39 - 000000000 ____D C:\Users\Rade\AppData\LocalLow\BitTorrent
2022-03-23 22:32 - 2022-03-23 22:32 - 004643423 _____ C:\Users\Rade\Desktop\Presentation1.pptx
2022-03-23 20:10 - 2022-03-23 20:10 - 000000000 ____D C:\Users\Rade\AppData\Local\Yandex
2022-03-23 19:03 - 2022-03-25 16:53 - 000000895 _____ C:\Users\Rade\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2022-03-23 19:03 - 2022-03-25 16:53 - 000000000 ____D C:\Users\Rade\AppData\Roaming\BitTorrent
2022-03-23 18:27 - 2022-03-23 18:27 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-03-16 20:01 - 2022-03-16 20:01 - 000000000 ____D C:\Users\Rade\Documents\Custom Office Templates
2022-03-14 20:24 - 2022-03-12 07:56 - 000170475 _____ C:\Users\Rade\Downloads\Spider-Man.No.Way.Home.2021.1080p.BluRay.x264.AAC5.1- YTS.MX .2 SR-KIR-Serbian.srt
2022-03-14 20:24 - 2022-03-12 07:56 - 000124287 _____ C:\Users\Rade\Downloads\Spider-Man.No.Way.Home.2021.1080p.BluRay.H264.AAC-RARBG-Serbian.srt
2022-03-13 19:39 - 2022-03-13 19:39 - 000012628 _____ C:\Users\Rade\Desktop\HTML tagovi.xlsx
2022-03-12 13:55 - 2022-03-14 21:53 - 000000000 ____D C:\Users\Rade\Desktop\Nova fascikla
2022-03-11 21:32 - 2022-03-13 20:27 - 000010508 _____ C:\Users\Rade\Desktop\Pozivni znaci avijacija.xlsx
2022-03-11 20:20 - 2022-03-11 20:20 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-03-11 20:20 - 2022-03-11 20:20 - 000195584 _____ C:\Windows\system32\uwfcfgmgmt.dll
2022-03-11 20:20 - 2022-03-11 20:20 - 000011911 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-03-11 20:19 - 2022-03-11 20:19 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-03-11 20:19 - 2022-03-11 20:19 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2022-03-11 20:19 - 2022-03-11 20:19 - 000272896 _____ C:\Windows\system32\TpmTool.exe
2022-03-11 20:13 - 2022-03-11 20:13 - 000000000 ___HD C:\$WinREAgent
2022-03-09 19:10 - 2022-03-09 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2022-03-09 19:08 - 2022-03-09 19:08 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-09 19:03 - 2022-03-09 19:11 - 000000000 ____D C:\xampp
2022-03-09 19:01 - 2022-03-09 19:08 - 000000000 ____D C:\Users\Rade\.atom
2022-03-09 19:01 - 2022-03-09 19:02 - 000000000 ____D C:\Users\Rade\AppData\Roaming\Atom
2022-03-09 19:01 - 2022-03-09 19:01 - 000002176 _____ C:\Users\Rade\Desktop\Atom.lnk
2022-03-09 19:01 - 2022-03-09 19:01 - 000000000 ____D C:\Users\Rade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2022-03-09 19:00 - 2022-03-09 19:01 - 000000000 ____D C:\Users\Rade\AppData\Local\SquirrelTemp
2022-03-09 19:00 - 2022-03-09 19:01 - 000000000 ____D C:\Users\Rade\AppData\Local\atom
2022-03-08 18:47 - 2022-03-08 18:47 - 000000927 _____ C:\Users\Rade\Desktop\index.html – prečica.lnk
2022-03-03 20:37 - 2022-03-03 20:43 - 000000000 ____D C:\Users\Rade\Downloads\Video
2022-02-27 14:24 - 2022-02-27 14:24 - 004500756 _____ C:\Users\Rade\Downloads\flightinternational_wafd_2021_798196.pdf

==================== Mesec dana (modifikovane) ==================

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2022-03-25 17:59 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-03-25 17:56 - 2022-02-16 17:23 - 000000000 ____D C:\Users\Rade\AppData\LocalLow\Mozilla
2022-03-25 17:56 - 2022-02-16 17:17 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-25 17:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-25 17:27 - 2021-11-04 00:54 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-25 17:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-03-25 17:23 - 2022-02-16 20:01 - 000000000 ____D C:\Program Files\CCleaner
2022-03-25 17:23 - 2021-11-04 09:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-25 17:21 - 2022-02-16 18:51 - 000000000 __SHD C:\Users\Rade\IntelGraphicsProfiles
2022-03-25 17:21 - 2021-11-04 09:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-25 17:21 - 2021-11-04 09:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-25 17:21 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-03-25 17:10 - 2022-02-16 17:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-25 17:08 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-03-25 17:02 - 2022-02-16 20:02 - 000000000 ____D C:\ProgramData\AVG
2022-03-25 16:53 - 2022-02-16 17:27 - 000000000 ____D C:\Users\Rade\AppData\Local\Adaware
2022-03-24 21:36 - 2022-02-19 12:24 - 000000000 ____D C:\Users\Rade\AppData\Roaming\Telegram Desktop
2022-03-24 21:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-24 21:26 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-03-24 20:54 - 2022-02-16 17:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-24 20:54 - 2022-02-16 17:15 - 000000000 ____D C:\Users\Rade
2022-03-24 20:54 - 2021-11-04 09:35 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-03-24 17:27 - 2022-02-16 17:23 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-24 17:27 - 2022-02-16 17:23 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-03-24 16:58 - 2022-02-16 17:28 - 000000000 ____D C:\Users\Rade\AppData\Local\BitTorrentHelper
2022-03-23 18:27 - 2022-02-19 20:06 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-03-23 18:27 - 2022-02-19 20:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-23 18:25 - 2022-02-16 17:18 - 000000000 ____D C:\Windows\Online_KMS_Activation_Script
2022-03-23 18:24 - 2021-11-04 09:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-23 18:23 - 2021-11-04 09:15 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-16 18:23 - 2022-02-16 20:01 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-03-16 18:18 - 2021-11-04 09:36 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-03-12 19:58 - 2022-02-19 12:30 - 000000000 ____D C:\Users\Rade\Downloads\Telegram Desktop
2022-03-11 22:22 - 2021-11-04 09:35 - 005100504 _____ C:\Windows\system32\FNTCACHE.DAT
2022-03-11 22:21 - 2019-12-07 10:54 - 000000000 ___SD C:\Windows\system32\AppV
2022-03-11 22:21 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-03-11 22:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-03-11 22:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2022-03-11 20:23 - 2021-11-04 00:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 20:23 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-03-11 20:19 - 2021-11-04 00:39 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-03-11 20:13 - 2021-11-04 00:44 - 000000000 ____D C:\Windows\system32\MRT
2022-03-11 20:11 - 2021-11-04 00:44 - 145666720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-03-09 07:41 - 2021-11-04 09:36 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-09 07:41 - 2021-11-04 09:36 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-08 20:09 - 2022-02-16 17:15 - 000000000 ____D C:\Users\Rade\AppData\Local\Packages
2022-02-27 18:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration

==================== SigCheck ============================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

==================== Kraj od FRST.txt ========================



mycity.rs/must-login.png

Dopuna: 25 Mar 2022 18:09

Sad kada sam kliknuo na link iz posta (fotkica), Malwarebytes je poludeo, i od adrese fotkice prijavljuje mi trojanca.

Da ja ovo reinstaliram?

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Zdravo, probacemo da resimo problem.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrikcije <==== Pažnja
FF ProfilePath: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\dak9h8dz.default [2022-03-25]
FF Homepage: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release [2022-03-25]
FF Homepage: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF SearchPlugin: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\searchplugins\Poshukach Engin Search.xml [2022-03-25]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-03-25] <==== Pažnja (Ukazuje na .cfg datoteku)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-03-25] <==== Pažnja
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 20 Sep 2014
  • Poruke: 6

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija: 25-03-2022
Pokrenuo Rade (26-03-2022 06:36:31) Run:1
Pokrenuto sa C:\Users\Rade\Desktop
Učitani Profili: Rade
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrikcije <==== Pažnja
FF ProfilePath: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\dak9h8dz.default [2022-03-25]
FF Homepage: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release [2022-03-25]
FF Homepage: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF SearchPlugin: C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\searchplugins\Poshukach Engin Search.xml [2022-03-25]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-03-25] <==== Pažnja (Ukazuje na .cfg datoteku)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-03-25] <==== Pažnja
EmptyTemp:
*****************

Tačka vraćanja je uspešno kreirana.
HKLM\SOFTWARE\Policies\Mozilla => uspešno uklonjeno
C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\dak9h8dz.default => uspešno premešteno
C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\dak9h8dz.default => pitanja uspešno uklonjeno
"FF Homepage: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"FF NewTab: Mozilla\Firefox\Profiles\dak9h8dz.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release => uspešno premešteno
C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release => pitanja uspešno uklonjeno
"FF Homepage: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"FF NewTab: Mozilla\Firefox\Profiles\t6vko4rs.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" => nije pronađena
"C:\Users\Rade\AppData\Roaming\Mozilla\Firefox\Profiles\t6vko4rs.default-release\searchplugins\Poshukach Engin Search.xml" => nije pronađena
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => uspešno premešteno
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => uspešno premešteno

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8459290 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 9065553 B
Edge => 0 B
Chrome => 20480 B
Firefox => 15673359 B
Opera => 7479951 B

Temp, IE cache, history, cookies, recent:
Default => 21406 B
ProgramData => 21406 B
Public => 21406 B
systemprofile => 21406 B
systemprofile32 => 21406 B
LocalService => 21406 B
NetworkService => 21406 B
Rade => 135260122 B

RecycleBin => 0 B
EmptyTemp: => 168 MB privremeni podaci Uklonjeni.

================================


Sistemu je potreban ponovno pokretanje.

==== Kraj od Fixlog 06:37:17 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Da li ima poboljsanja?

offline
  • Pridružio: 20 Sep 2014
  • Poruke: 6

Napisano: 26 Mar 2022 7:36

Isto...



Dopuna: 26 Mar 2022 7:50

Изгледа да је мука у додацима за WP. Поискључивао сам их, смањило се, остао је још један: pagead2.googlesyndication.com
Њега не умем да уклоним.

Dopuna: 26 Mar 2022 7:55

Заборавих да пријавим, Poshuhach је ликвидиран.

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
Klikni na dugme Scan Now i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[S00].txt) sa izveštajem.
Sačuvaj taj izveštaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 20 Sep 2014
  • Poruke: 6

Reinstalirao sam operativni sistem.
Obrisao sajt. Ionako nisam više imao vremena da se mlatim s njim.

Izvini što sam te namučio. Pozdrav

Ko je trenutno na forumu
 

Ukupno su 1079 korisnika na forumu :: 41 registrovanih, 5 sakrivenih i 1033 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, aramis s, bladesu, bobomicek, bokisha253, Boris90, BORUTUS, CikaKURE, Dimitrije Paunovic, DPera, Excalibur13, Georgius, Jeremiah, Kaplar2, Lieutenant, ljuba, LUDI, mean_machine, mercedesamg, Metanoja, milenko crazy north, milutin134, Nemanja.M, nemkea71, Nikolaa11, nikoladim, pein, powSrb, procesor, raketaš, raptorsi, RED4G-304, Romibrat, stagezin, stegonosa, Tvrtko I, VanHelsing, Viktor Petrenko, Vlad000, vladaa012, voja64