MyCity » Ambulanta » Umesto brauzera Edge u Win 10 otvara se Find it

Umesto brauzera Edge u Win 10 otvara se Find it

Napisano na dan: 8.1.2023
2

Umesto brauzera Edge u Win 10 otvara se Find it
Pagination Prethodna strana

Idi na vrh

Poslao: 23 Jan 2023 17:06
Idi na vrh
offline
  • Pridružio: 15 Dec 2008
  • Poruke: 177
  • Gde živiš: Beograd

Napisano: 23 Jan 2023 15:25

mycity.rs/must-login.png

Dopuna: 23 Jan 2023 15:48

Iz nekog razloga ne dozvoljava mi Copy i Paste u poruku (???)

Dopuna: 23 Jan 2023 15:49

Ovo se odnosi na Za FRST, Addition je očigledno dozvolio. (???)

Dopuna: 23 Jan 2023 16:10

Dozvoljava da kopiram u Notepad ili u Word, ali ne u My City.

Dopuna: 23 Jan 2023 17:05

mycity.rs/must-login.png

Dopuna: 23 Jan 2023 17:06

Jedini način da pošaljem log od FRST i dalje ne prihvata komandu Paste.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by Radovan (administrator) on DESKTOP-QHE25B4 (Gigabyte Technology Co., Ltd. H81M-DS2) (23-01-2023 16:03:28)
Running from C:\Users\Radovan\AppData\Local\Temp\MicrosoftEdgeDownloads\3ae9d30b-7478-41f5-a67f-b09416b6101b
Loaded Profiles: Radovan
Platform: Microsoft Windows 10 IoT Enterprise LTSC Version 21H2 19044.2486 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(C:\Program Files (x86)\FormatFactory\net_updater64.exe ->) (Bright Data Ltd -> BrightData Ltd. (certified)) C:\ProgramData\BrightData\d71ae678248c6f808fef312e7563ca8a3655c744\brightdata.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) () [File not signed] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Viber Media S.à r.l. -> Viber Media S.àr.l.) C:\Users\Radovan\AppData\Local\Viber\Viber.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(services.exe ->) () [File not signed] C:\Program Files\Atomic Alarm Clock\timeserv.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Bright Data Ltd -> BrightData Ltd. (certified)) C:\Program Files (x86)\FormatFactory\net_updater64.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files (x86)\Everything\Everything.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.002.0102.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2226373433-464874539-114592448-1001\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5321728 2016-08-16] () [File not signed]
HKU\S-1-5-21-2226373433-464874539-114592448-1001\...\Run: [Viber] => C:\Users\Radovan\AppData\Local\Viber\Viber.exe [60745936 2023-01-10] (Viber Media S.à r.l. -> Viber Media S.àr.l.)
HKU\S-1-5-21-2226373433-464874539-114592448-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2226373433-464874539-114592448-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1689600 2022-07-30] (Informer Technologies, Inc.) [File not signed]
HKU\S-1-5-21-2226373433-464874539-114592448-1001\...\Run: [MicrosoftEdgeAutoLaunch_257AA465338D314A2D2F3ADBEBB84D5B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\Installer\chrmstp.exe [2023-01-07] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\Radovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar519.lnk [2022-11-26]
ShortcutTarget: Sidebar519.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B84D803-C7E3-4936-9EDD-E454885815A7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A9716F-5C91-430B-96ED-6A9D3AAA1BAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1D2C8226-4E5C-42E9-A439-D1A00A778015} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {3271A856-8085-441D-9A1F-425813B99985} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {452981B1-4D48-4659-9FBB-7BC5A5B923C9} - System32\Tasks\CCleanerSkipUAC - Radovan => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {49692194-5D7D-41EE-B980-81664F4BE4AB} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-11-28] () [File not signed]
Task: {6128C100-E2A0-4719-B8FF-C022E9D9665E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {662B0A04-0813-4FBD-B7E8-7F8DE3A1097C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {708EA712-A0FF-45AF-9825-02193AA1856A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "ca5d4853-2b28-455f-ad31-9342d5211014" --version "6.05.10110" --silent
Task: {83340542-6E04-4E74-8EC2-0F4C4AEA3335} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4185008 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {937FC6B6-F472-40DC-A7FA-9056F9F12821} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {9DA43D03-793A-4328-AC1D-C0BEA972C41E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {CE99322B-A625-447C-8C61-B97C9523CEC0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D1A4DA0F-0479-466E-AC30-1CBA40AAB4B2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2226373433-464874539-114592448-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4185008 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAE30452-DA72-481E-9075-0E30005A1B71} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5BF5DFE-090D-41C4-ABEB-60D6D8295DB4} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2022-07-30] (Informer Technologies, Inc.) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.40 89.216.1.50
Tcpip\..\Interfaces\{63c3661e-c4e1-47fd-bcb5-c30199942196}: [DhcpNameServer] 89.216.1.30 89.216.1.40 89.216.1.50

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-23]
Edge DownloadDir: Default -> D:\01 D DOWNLOAD
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> about:tabs
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-01-20]
Edge Extension: (Mailtrack - Email Tracker for Gmail) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cemhcpmgfkheedjjbgflkldmkoiappji [2022-11-25]
Edge Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ggnchfknjkebijkdlbddehcpgfebapdc [2023-01-07] [UpdateUrl:hxxps://clients35.google.com/service/update2/crx] <==== ATTENTION
Edge Extension: (OneNote Web Clipper) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2022-11-16]
Edge Profile: C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-01-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-01-21]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: p9ju1wtj.default
FF ProfilePath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\p9ju1wtj.default [2023-01-07]
FF ProfilePath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\g73xp1r0.default-release [2023-01-23]
FF Homepage: Mozilla\Firefox\Profiles\g73xp1r0.default-release -> hxxps://links.malwarebytes.com/link/restorebrowser?lic=trial&product=MBAM-C?utm_source=distr_m
FF Notifications: Mozilla\Firefox\Profiles\g73xp1r0.default-release -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{A5735E22-7BD8-4CED-A24E-FBBD2D9CABB9}.xpi [2023-01-07] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-07] (Avast Software s.r.o. -> AVAST Software)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-01-23]

Chrome:
=======
CHR Profile: C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default [2023-01-20]
CHR DownloadDir: D:\01 D DOWNLOAD
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-08]
CHR Extension: (Google News) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2022-11-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-12-28]
CHR Extension: (Google Docs Offline) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-27]
CHR Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddmabhekhhonkmomaklnflhhgbfnioe [2023-01-07] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-01-20]
CHR Extension: (Google Mail Checker) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2022-11-15]
CHR Extension: (SmoothScroll) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2022-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-15]
CHR Extension: (AIO Search) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhijjefkkokfaiffkcemldacdabpeei [2022-11-15]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2022-11-15]
CHR Profile: C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.25.0.8302\BVDChromeExt.crx [2022-12-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\elevation_service.exe [1794040 2022-12-14] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1185616 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12548520 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2022-08-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1778184 2022-10-10] (voidtools -> voidtools)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.002.0102.0004\FileSyncHelper.exe [3483024 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 luminati_net_updater_win_formatfactory_pcfreetime_com; C:\Program Files (x86)\FormatFactory\net_updater64.exe [9879632 2023-01-13] (Bright Data Ltd -> BrightData Ltd. (certified))
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-20] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [850256 2023-01-19] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.002.0102.0004\OneDriveUpdaterService.exe [3853232 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [242168 2022-09-21] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197088 2023-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-01-23] (Malwarebytes Inc. -> Malwarebytes)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2022-08-24] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-23 15:29 - 2023-01-23 15:29 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-01-23 15:29 - 2023-01-23 15:29 - 000000000 ____D C:\Users\Radovan\AppData\LocalLow\IGDump
2023-01-22 12:33 - 2023-01-23 10:12 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-01-20 21:08 - 2023-01-20 21:08 - 000000000 ____D C:\Users\Radovan\AppData\LocalLow\Temp
2023-01-20 00:03 - 2023-01-20 00:03 - 000000000 ____D C:\Users\Radovan\AppData\Local\mbam
2023-01-20 00:02 - 2023-01-23 10:12 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-01-20 00:02 - 2023-01-23 10:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-01-20 00:02 - 2023-01-23 10:11 - 000000000 ____D C:\Program Files\Malwarebytes
2023-01-15 14:08 - 2023-01-15 14:08 - 794762848 _____ C:\WINDOWS\MEMORY.DMP
2023-01-15 14:08 - 2023-01-15 14:08 - 001086580 _____ C:\WINDOWS\Minidump\011523-10562-01.dmp
2023-01-15 14:08 - 2023-01-15 14:08 - 000000000 ____D C:\WINDOWS\Minidump
2023-01-15 11:17 - 2023-01-15 13:02 - 000000000 ____D C:\ProgramData\Online_KMS_Activation
2023-01-13 23:15 - 2023-01-13 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Tab
2023-01-13 23:15 - 2023-01-13 23:15 - 000000000 ____D C:\Program Files (x86)\ExtendOffice
2023-01-13 21:47 - 2023-01-14 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-01-13 21:47 - 2023-01-13 21:47 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-01-13 21:47 - 2023-01-13 21:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-01-13 21:47 - 2023-01-13 21:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-01-13 21:43 - 2023-01-17 15:11 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-13 21:43 - 2023-01-13 21:43 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-01-13 21:34 - 2023-01-13 21:34 - 000000000 ____D C:\Users\Radovan\AppData\Local\ESET
2023-01-10 20:49 - 2023-01-10 20:49 - 000000000 ___HD C:\$WinREAgent
2023-01-09 16:04 - 2023-01-21 17:57 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-09 14:29 - 2023-01-09 14:29 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{F4828406-3E3C-40D1-A54C-D1B9052F5A72}
2023-01-09 14:29 - 2023-01-09 14:29 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{97FB1F4E-CD05-4B54-9874-C4D76C643E86}
2023-01-09 13:24 - 2023-01-09 13:24 - 000000000 ____D C:\Users\Radovan\AppData\Local\DESlock+
2023-01-09 13:22 - 2023-01-09 13:24 - 000000000 ____D C:\Program Files\ESET
2023-01-09 13:22 - 2023-01-09 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-01-09 13:22 - 2023-01-09 13:22 - 000000000 ____D C:\ProgramData\ESET
2023-01-09 12:25 - 2023-01-09 12:35 - 000000000 ____D C:\$SysReset
2023-01-09 10:37 - 2023-01-23 15:28 - 105644032 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-01-09 10:20 - 2023-01-09 10:36 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-01-08 21:50 - 2023-01-23 16:03 - 000000000 ____D C:\FRST
2023-01-07 15:57 - 2023-01-09 12:35 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-01-07 15:57 - 2023-01-07 15:57 - 000002576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-01-07 12:53 - 2023-01-07 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-01-07 12:53 - 2023-01-07 12:53 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-01-07 12:53 - 2023-01-07 12:53 - 000000000 ____D C:\Program Files\WinRAR
2023-01-07 12:51 - 2023-01-07 15:57 - 000000004 _____ C:\ProgramData\rc.dat
2023-01-07 12:50 - 2023-01-07 15:57 - 000000004 _____ C:\ProgramData\lock.dat
2023-01-07 12:50 - 2023-01-07 13:14 - 000000016 _____ C:\ProgramData\lir.bats
2023-01-07 12:50 - 2023-01-07 12:50 - 000000008 _____ C:\ProgramData\ts.dat
2023-01-07 12:46 - 2023-01-09 13:24 - 000000000 ____D C:\Program Files (x86)\qZmJDUQbSwUn
2023-01-07 12:46 - 2023-01-07 16:00 - 000000000 ____D C:\Program Files (x86)\xzQPDMqrQnZyvJJzPrR
2023-01-07 12:46 - 2023-01-07 16:00 - 000000000 ____D C:\Program Files (x86)\UeOGQDGbBgTU2
2023-01-07 12:46 - 2023-01-07 16:00 - 000000000 ____D C:\Program Files (x86)\KfBVaxxIqNosC
2023-01-07 12:46 - 2023-01-07 16:00 - 000000000 ____D C:\Program Files (x86)\cnWDCNXmU
2023-01-07 12:45 - 2023-01-09 13:38 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\ZCqer9KRKR6
2023-01-07 12:45 - 2023-01-09 13:38 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\hRxnsq3mr
2023-01-07 12:45 - 2023-01-09 13:38 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\dwtjgei1
2023-01-07 12:45 - 2023-01-09 13:38 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\8ZeDrl
2023-01-07 12:45 - 2023-01-07 15:59 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Win32Sync
2023-01-07 12:45 - 2023-01-07 15:57 - 000000000 ____D C:\ProgramData\PrintManager
2023-01-07 12:45 - 2023-01-07 12:58 - 032726866 _____ C:\Users\Radovan\OneDrive\Documents\kmsauto-net-portable-zip
2023-01-07 12:45 - 2023-01-07 12:45 - 000684984 _____ (Mozilla Foundation) C:\Users\Radovan\AppData\LocalLow\freebl3.dll
2023-01-07 12:45 - 2023-01-07 12:45 - 000627128 _____ (Mozilla Foundation) C:\Users\Radovan\AppData\LocalLow\mozglue.dll
2023-01-07 12:45 - 2023-01-07 12:45 - 000254392 _____ (Mozilla Foundation) C:\Users\Radovan\AppData\LocalLow\softokn3.dll
2023-01-07 12:45 - 2023-01-07 12:45 - 000000014 _____ C:\ProgramData\wefwegge.txt
2023-01-07 12:45 - 2023-01-07 12:45 - 000000000 ____D C:\Users\Radovan\AppData\Local\Yandex
2023-01-07 12:45 - 2023-01-07 12:45 - 000000000 ____D C:\Program Files (x86)\Nitter
2023-01-07 12:44 - 2023-01-09 13:01 - 000000000 ____D C:\Program Files (x86)\Qinvo
2023-01-07 12:18 - 2023-01-07 12:18 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2023-01-07 12:18 - 2023-01-07 12:18 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2023-01-07 12:18 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2023-01-01 19:33 - 2023-01-01 19:53 - 000000000 ____D C:\Users\Radovan\.Icecream Ebook Reader
2023-01-01 19:33 - 2023-01-01 19:33 - 000001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader 6.lnk
2023-01-01 19:33 - 2023-01-01 19:33 - 000000000 ____D C:\Users\Radovan\AppData\Local\Icecream
2023-01-01 19:33 - 2023-01-01 19:33 - 000000000 ____D C:\Users\Radovan\AppData\Local\CrashRpt
2023-01-01 19:33 - 2023-01-01 19:33 - 000000000 ____D C:\Program Files (x86)\Icecream Ebook Reader 6
2022-12-29 21:24 - 2023-01-12 12:56 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-12-29 21:24 - 2022-12-29 21:24 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-12-29 21:24 - 2022-12-29 21:24 - 000000000 ____D C:\Program Files\Adobe
2022-12-29 18:28 - 2022-12-29 18:28 - 000000000 ____D C:\Program Files (x86)\Korektor
2022-12-28 21:42 - 2022-12-28 21:42 - 000000000 ____D C:\ProgramData\VS Revo Group
2022-12-28 21:32 - 2022-12-28 21:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\MEGA
2022-12-28 18:27 - 2022-12-29 21:25 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\com.adobe.dunamis
2022-12-28 18:27 - 2022-12-28 18:27 - 000000000 ____D C:\Users\Radovan\AppData\Local\SolidDocuments
2022-12-28 18:27 - 2022-12-28 18:27 - 000000000 ____D C:\Users\Radovan\.ms-ad
2022-12-28 17:53 - 2022-12-28 17:54 - 000000000 ____D C:\ProgramData\WinZip
2022-12-28 17:53 - 2022-12-28 17:53 - 000002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2022-12-28 17:53 - 2022-12-28 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2022-12-28 17:53 - 2022-12-28 17:53 - 000000000 ____D C:\Program Files (x86)\WinZip
2022-12-27 02:57 - 2022-12-27 02:57 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Macromedia

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-23 16:02 - 2022-12-15 18:02 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Software Informer
2023-01-23 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-23 15:35 - 2022-11-26 18:04 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-23 15:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-23 15:30 - 2022-11-26 18:01 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-23 15:30 - 2022-11-14 19:39 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-23 15:30 - 2022-11-14 19:39 - 000000000 ____D C:\Program Files\CCleaner
2023-01-23 15:29 - 2022-11-14 18:58 - 000000000 ___RD C:\Users\Radovan\OneDrive
2023-01-23 15:28 - 2022-11-26 18:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-23 15:28 - 2022-11-15 02:17 - 000000000 ____D C:\Users\Radovan\AppData\Local\Everything
2023-01-23 15:28 - 2022-11-15 01:59 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Everything
2023-01-23 15:28 - 2022-11-14 20:21 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\qBittorrent
2023-01-23 15:28 - 2022-11-14 18:14 - 000000000 __SHD C:\Users\Radovan\IntelGraphicsProfiles
2023-01-23 15:28 - 2022-11-14 18:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-01-23 15:28 - 2022-11-14 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-23 15:28 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\BBI
2023-01-23 15:17 - 2022-11-26 17:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-23 13:07 - 2022-11-14 19:31 - 000000000 ____D C:\Users\Radovan\AppData\LocalLow\Mozilla
2023-01-23 12:11 - 2022-12-08 19:49 - 000000000 ____D C:\Users\Radovan\OneDrive\Documents\ViberDownloads
2023-01-23 10:12 - 2022-11-14 19:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-22 18:49 - 2022-11-14 19:38 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\vlc
2023-01-22 11:51 - 2022-11-15 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-01-22 11:21 - 2022-11-24 18:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-01-21 18:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-21 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-21 18:00 - 2022-11-23 18:14 - 000000000 ____D C:\Users\Radovan\AppData\Local\CrashDumps
2023-01-21 15:54 - 2022-11-26 18:01 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2226373433-464874539-114592448-1001
2023-01-21 15:54 - 2022-11-26 18:01 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-01-21 15:54 - 2022-11-24 18:22 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-20 00:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-01-17 13:47 - 2022-11-26 17:51 - 000000000 ____D C:\Users\Radovan
2023-01-16 19:34 - 2022-11-10 08:15 - 000237208 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-01-16 19:34 - 2022-11-10 08:15 - 000198416 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-01-16 19:34 - 2022-11-10 08:15 - 000122504 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-01-16 19:34 - 2022-11-10 08:15 - 000119904 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-01-16 19:34 - 2022-11-10 08:15 - 000081696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2023-01-16 19:34 - 2022-11-10 08:15 - 000055392 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-01-15 10:56 - 2022-11-17 17:49 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\ViberPC
2023-01-15 10:56 - 2022-11-17 17:49 - 000000000 ____D C:\Users\Radovan\AppData\Local\Viber
2023-01-14 22:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-01-13 21:38 - 2022-11-22 16:24 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2023-01-12 12:56 - 2022-11-26 18:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-10 21:47 - 2022-11-26 17:58 - 000467712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-10 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-10 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-10 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-10 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-10 20:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-10 20:55 - 2022-11-26 17:59 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-10 20:49 - 2022-11-14 19:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-10 20:46 - 2022-11-14 19:07 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-10 20:15 - 2022-11-15 17:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-10 20:15 - 2022-11-14 19:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-10 19:20 - 2022-11-26 18:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-10 19:20 - 2022-11-14 19:31 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-09 18:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-01-09 14:27 - 2022-11-23 17:20 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-09 13:38 - 2022-12-09 15:57 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\D4E0ADC434598A5D
2023-01-09 12:45 - 2022-11-23 17:22 - 000000000 ____D C:\Users\Radovan\AppData\Local\Avast Software
2023-01-09 12:35 - 2022-11-23 18:25 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2023-01-09 12:35 - 2022-11-14 21:12 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Atomic Alarm Clock 6
2023-01-09 12:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2023-01-07 11:49 - 2022-11-15 17:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-05 19:27 - 2022-11-14 19:49 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\ImageGlass
2023-01-05 19:26 - 2022-11-29 21:16 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\MPC-HC
2022-12-30 21:20 - 2022-12-19 01:30 - 000000000 ____D C:\Users\Radovan\OneDrive\Documents\FormatFactory
2022-12-30 18:47 - 2022-11-14 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atomic Alarm Clock
2022-12-30 18:47 - 2022-11-14 21:12 - 000000000 ____D C:\Program Files\Atomic Alarm Clock
2022-12-29 21:25 - 2022-11-14 20:09 - 000000000 ____D C:\Users\Radovan\AppData\Local\Adobe
2022-12-29 21:25 - 2022-11-14 18:15 - 000000000 ____D C:\ProgramData\Packages
2022-12-29 21:25 - 2022-11-14 18:14 - 000000000 ____D C:\Users\Radovan\AppData\Local\Packages
2022-12-29 21:23 - 2022-11-14 20:08 - 000000000 ____D C:\ProgramData\Adobe
2022-12-29 21:18 - 2022-11-14 20:12 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2022-12-29 18:28 - 2022-11-14 20:24 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-28 22:26 - 2022-11-22 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-12-28 22:07 - 2022-11-22 20:38 - 000000000 ____D C:\Program Files (x86)\7-Zip
2022-12-28 22:07 - 2022-11-14 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-12-28 18:27 - 2022-11-14 20:09 - 000000000 ____D C:\Users\Radovan\AppData\LocalLow\Adobe
2022-12-28 18:27 - 2022-11-14 18:14 - 000000000 ____D C:\Users\Radovan\AppData\Roaming\Adobe

==================== Files in the root of some directories ========

2023-01-07 12:50 - 2023-01-07 15:57 - 000000004 _____ () C:\ProgramData\lock.dat
2023-01-07 12:51 - 2023-01-07 15:57 - 000000004 _____ () C:\ProgramData\rc.dat
2023-01-07 12:50 - 2023-01-07 12:50 - 000000008 _____ () C:\ProgramData\ts.dat
2022-11-14 20:08 - 2022-12-29 21:18 - 000000615 _____ () C:\Users\Radovan\AppData\Local\oobelibMkey.log
2022-11-22 16:29 - 2022-12-19 21:23 - 000007596 _____ () C:\Users\Radovan\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Poslao: 23 Jan 2023 20:23
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Edge Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ggnchfknjkebijkdlbddehcpgfebapdc [2023-01-07] [UpdateUrl:hxxps://clients35.google.com/service/update2/crx] <==== ATTENTION
FF DefaultProfile: p9ju1wtj.default
FF ProfilePath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\p9ju1wtj.default [2023-01-07]
FF Homepage: Mozilla\Firefox\Profiles\g73xp1r0.default-release -> hxxps://links.malwarebytes.com/link/restorebrowser?lic=trial&product=MBAM-C?utm_source=distr_m
FF Notifications: Mozilla\Firefox\Profiles\g73xp1r0.default-release -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{A5735E22-7BD8-4CED-A24E-FBBD2D9CABB9}.xpi [2023-01-07] [not signed]
CHR Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddmabhekhhonkmomaklnflhhgbfnioe [2023-01-07] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Poslao: 24 Jan 2023 12:23
Idi na vrh
offline
  • Pridružio: 15 Dec 2008
  • Poruke: 177
  • Gde živiš: Beograd

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2023
Ran by Radovan (24-01-2023 12:20:05) Run:1
Running from C:\Users\Radovan\OneDrive\Desktop
Loaded Profiles: Radovan
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Edge Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ggnchfknjkebijkdlbddehcpgfebapdc [2023-01-07] [UpdateUrl:hxxps://clients35.google.com/service/update2/crx] <==== ATTENTION
FF DefaultProfile: p9ju1wtj.default
FF ProfilePath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\p9ju1wtj.default [2023-01-07]
FF Homepage: Mozilla\Firefox\Profiles\g73xp1r0.default-release -> hxxps://links.malwarebytes.com/link/restorebrowser?lic=trial&product=MBAM-C?utm_source=distr_m
FF Notifications: Mozilla\Firefox\Profiles\g73xp1r0.default-release -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{A5735E22-7BD8-4CED-A24E-FBBD2D9CABB9}.xpi [2023-01-07] [not signed]
CHR Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddmabhekhhonkmomaklnflhhgbfnioe [2023-01-07] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION
EmptyTemp:
*****************

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
Edge Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ggnchfknjkebijkdlbddehcpgfebapdc [2023-01-07] [UpdateUrl:hxxps://clients35.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
FF DefaultProfile: p9ju1wtj.default => Error: No automatic fix found for this entry.
C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\p9ju1wtj.default => moved successfully
C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\p9ju1wtj.default => path removed successfully
"Firefox homepage" => removed successfully
"FF Notifications:" => removed successfully
C:\Program Files\Mozilla Firefox\browser\features\{A5735E22-7BD8-4CED-A24E-FBBD2D9CABB9}.xpi => moved successfully
CHR Extension: (Adblocker for Youtubeâ„¢) - C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddmabhekhhonkmomaklnflhhgbfnioe [2023-01-07] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75721513 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 85450378 B
Edge => 0 B
Chrome => 144970839 B
Firefox => 82247390 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 139772 B
NetworkService => 144208 B
Radovan => 177170450 B

RecycleBin => 1742484 B
EmptyTemp: => 542.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:20:57 ====

Poslao: 24 Jan 2023 13:43
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Da li je bolje stanje?

Poslao: 24 Jan 2023 14:46
Idi na vrh
offline
  • Pridružio: 15 Dec 2008
  • Poruke: 177
  • Gde živiš: Beograd

Napisano: 24 Jan 2023 14:40

Sve je solidno, ne vidim probleme.

Dopuna: 24 Jan 2023 14:41

Osim što mi se čini da je ESET previše strog, blokira i ono što ne bi morao.

Dopuna: 24 Jan 2023 14:46

Jel tebi izgleda čisto? Jel u programima bilo šta što ti izgleda opasno?

Poslao: 24 Jan 2023 15:30
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Da li je previse strog ili ga zuljaju aktivatori koje koristis, pitanje je sad. Very Happy

Mislim da je sad sve ok. MBAM je pokupio vecinu, ovo nesto sto je ostalo u browserima bi trebalo da je sad zavrseno.

Preimenuj FRST64 u uninstall i pokreni ga.

Poslao: 24 Jan 2023 17:20
Idi na vrh
offline
  • Pridružio: 15 Dec 2008
  • Poruke: 177
  • Gde živiš: Beograd

OK majstore, hvala na pomoći.

Poslao: 24 Jan 2023 18:21
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Pozdrav. Sve najbolje.

MyCity » Ambulanta » Umesto brauzera Edge u Win 10 otvara se Find it

Ko je trenutno na forumu
 

Ukupno su 1101 korisnika na forumu :: 46 registrovanih, 3 sakrivenih i 1052 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., asdfjklc, babaroga, Bobrock1, bojank, Bubimir, bufanje, cenejac111, Centauro, DejanSt, Denaya, Dorcolac, Excalibur13, Frunze, hologram, JOntra, Krusarac, Kubovac, kubura91, ladro, Mad Serb, madza, mane123, MB120mm, mile23, milenko crazy north, milos.cbr, minmatar34957, mnn2, Panter, predragc, RED4G-304, ruger357, sevenino, shaja1, t.mile, tmanda323, Tragač, Trpe Grozni, uruk, vathra, virked, voja64, yrraf, zillbg