Pretnja

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 20 Feb 2023 22:34

Izvinjavam se ako ovome nije mesto ovde ali sam u frci.
Stigao mi je mail sa pretnjom da uplatim novac da mi ne bi sve unistili.
Evo maila pa ako moze neki savet sta da uradim?
"Dear xaleksandar1974@yahoo.com,
BEFORE YOU READ THIS EMAIL, YOU NEED TO KNOW THAT YOU HAVE BEEN HACKED.
AND REMEBER ANTIVIRUS IS WILL NOT HELP YOU.
READ THIS EMAIL CAREFULLY TO THE END.

We have all your details and we will sell them on the dark web.
We have also your passwords and we will use them to hack your friends and family.
We have also your credit cards and bank accounts details and we will use them to buy things online.
We have also access to all your electronic devices and we will use them to hack your friends and family and neighbors.
you need to change all your passwords ,phone numbers and emails, and also you need to change your credit cards and bank accounts details.


some of your details from your computer:

All Your Emails: tu pisu moji tacni emajlovi.
Znaju mi i tacne podatke za pristup fejsu i ostalim forumima.
Nastavak poruke"-------------------------------------------
YOUR HASH IS: 68d129e2ff501131d0d23782f0b9a8e0
TO AVOID THIS FROM HAPPENING
############################################

YOU HAVE 48 HOURS TO PAY 500$ ETH(ethereum) TO THIS ADDRES: "0x376C44A1DA84aA6671fb72c75bBe5Dd8e0e07b53"
IF NOT WE WILL SEND YOUR SENSTIVE DETAILS TO ALL YOUR FRIENDS AND FAMILY.
WE WILL SELL ALL YOUR DETAILS ON THE DARK WEB.
AND WE WILL FORMAT MOST OF YOUR ELECTRONIC DEVICES.
############################################
this address is a smart contract for you and it will detect your hash and we will know that you have paid.
YOU CAN SEND YOUR HASH IN THE TRANSACTION MESSAGE.
-------------------------------------------
YOU CAN BUY CRYPTOCURRENCY FROM THIS WEBSITES:
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....ZWk8qGQ-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....hLPaQvc-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....p7pipZs-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....SOwEwLk-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....KE5h1xg-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....FEvKDss-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....k8E5yHA-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....RIbrjH8-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....WMY3jSU-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....f94qIYQ-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....tpItQO8-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....UDdQr3k-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....p-2B0N8-3D
email.twirll.com/ls/click?upn=nJLxSKN7RG8c-.....Gr2W9XI-3D
Hitno mi je ako znate sta da uradim???

Dopuna: 20 Feb 2023 22:39

Pretnja mi je dosla sa adrese - phanerogamia-phanerogamia-5526187@elidemail.com

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-02-2023
Ran by alex (administrator) on DESKTOP-76H4NKA (ASUS System Product Name) (21-02-2023 00:43:22)
Running from C:\Users\alex\Desktop
Loaded Profiles: alex
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Language: English (United States)
Default browser: Vivaldi
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(explorer.exe ->) (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\alex\AppData\Local\Vivaldi\Application\vivaldi.exe <20>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.97\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.55\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_1291a5029e813c01\RstMwService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6fd074e02d655c70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe <2>
(services.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\Rar64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (Fz Soft) [File not signed] C:\Program Files (x86)\Microsoft\Edge\Application\mshandler.exe
(svchost.exe ->) (Google LLC) [File not signed] C:\Program Files\Google\ChromeCrashHandler.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201456 2020-10-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ACUW11EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\11.0\acdIDInTouch2.exe [2181632 2019-09-26] (ACD Systems) [File not signed]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [242048 2019-04-22] (Mixbyte Inc -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2587136 2012-12-29] () [File not signed]
HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\...\Run: [ACDSeeCommanderUltimate11] => C:\Program Files\ACD Systems\ACDSee Ultimate\11.0\ACDSeeCommanderUltimate11.exe [6392784 2017-12-01] (ACD Systems International Inc. -> )
HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5865984 2022-05-31] (Tonec Inc.) [File not signed]
HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\...\MountPoints2: {53a037cd-64db-11ec-a1f8-806e6f6e6963} - "E:\Bin\Instv2.exe"
HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ws.lnk [2022-02-02]
ShortcutTarget: ws.lnk -> C:\Users\alex\AppData\Roaming\WS\ws.exe (Microsoft Windows -> Microsoft Corporation)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1DF8FB77-0DB7-4EF9-A45F-E9508121BCA5} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1469552 2021-01-21] (ASUSTeK Computer Inc. -> )
Task: {26B91E37-5519-435F-B6D3-F8C722244946} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2122552 2021-01-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {764FAD9D-26A9-4109-B173-B23519120D41} - System32\Tasks\Crash Handler => C:\Program Files\Google\ChromeCrashHandler.exe [373248 2022-09-14] (Google LLC) [File not signed]
Task: {7914AB01-97D6-43DE-95B8-D886F94601DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {80A0BDE1-63CD-491A-A2C7-41D5468A7E06} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3867928 2020-11-15] (Nero AG -> Nero AG)
Task: {97BA99E1-0A38-4D9B-BC2A-53FAE3F5CC8B} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {9BB9698B-7472-4642-9BFB-101C9A3A00A4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A198F048-8D6A-4D1A-8DA4-B9789C4F32DE} - System32\Tasks\VivaldiUpdateCheck-965511a1b8f9a13c => C:\Users\alex\AppData\Local\Vivaldi\Application\update_notifier.exe [3471760 2023-02-15] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {BC2E638F-E829-4E7B-B226-A2DE8E419ADA} - System32\Tasks\Winrar => C:\Program Files\WinRAR\Rar64.exe [51200 2022-09-14] (Alexander Roshal) [File not signed]
Task: {BCEBDEBE-58E9-44F2-85FA-C7F8E7EE847A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1964DA0-97BC-4D2C-B5F2-37F38FD32CC8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {D8FACC0A-BB24-48E3-BB4E-554A1E5407FF} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2020-12-23] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {F33CA1EB-B198-4838-BCFF-F745A59EC635} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {F79C9CE2-4047-4CD1-9FCB-FB9D1C815F75} - System32\Tasks\EdgeCrashHandler => C:\Program Files (x86)\Microsoft\Edge\Application\mshandler.exe [34304 2022-06-03] (Fz Soft) [File not signed] <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{da0996fd-13e5-421b-9195-82f0b88e58e8}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\alex\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-27]
Edge HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2022-05-31]

FireFox:
========
FF DefaultProfile: pzd2ol4p.default
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\46h56j68.default-release-1 [2021-12-28]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\pzd2ol4p.default [2022-01-02]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\bziie1wy.default-release [2022-09-28]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4 [2022-01-03]
FF NewTabOverride: Mozilla\Firefox\Profiles\fflu9tff.default-release-4 -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (AdBlocker Ultimate) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\adblockultimate@adblockultimate.net.xpi [2021-12-26]
FF Extension: (Ant Video downloader) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\anttoolbar@ant.com.xpi [2021-12-28]
FF Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\fvdmedia@gmail.com.xpi [2021-12-26]
FF Extension: (IMDb Plus) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\imdbplus@eros.man.xpi [2021-12-31]
FF Extension: (AdBlock — best ad blocker) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-12-26]
FF Extension: (LeechBlock NG) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\leechblockng@proginosko.com.xpi [2021-12-29]
FF Extension: (New Tab Page) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\pavel.sherbakov@gmail.com.xpi [2020-11-20]
FF Extension: (IMDb Search) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\{76382c80-a47f-4493-bb24-f8fa554b2a05}.xpi [2021-12-31]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\fflu9tff.default-release-4\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-12-26]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6 [2023-02-19]
FF NewTabOverride: Mozilla\Firefox\Profiles\enzkxsuy.default-release-6 -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (AdBlocker Ultimate) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\adblockultimate@adblockultimate.net.xpi [2023-02-14]
FF Extension: (AdBlock — best ad blocker) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-02-14]
FF Extension: (AdBlocker for YouTube™) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2023-02-14]
FF Extension: (LeechBlock NG) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\leechblockng@proginosko.com.xpi [2023-02-14]
FF Extension: (IDM Integration Module) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2022-09-14]
FF Extension: (New Tab Page) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\pavel.sherbakov@gmail.com.xpi [2022-01-04]
FF Extension: (IMDb Search) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\{76382c80-a47f-4493-bb24-f8fa554b2a05}.xpi [2022-01-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\enzkxsuy.default-release-6\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-02-14]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\8830ftut.default-release-5 [2021-12-28]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\ji7sedjc.default-release-2 [2021-12-28]
FF ProfilePath: C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\mrha0rwv.default-release-3 [2021-12-28]
FF HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\alex\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\alex\AppData\Roaming\IDM\idmmzcc5 [2022-09-14] [Legacy] [not signed]
FF HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-31]
CHR HKU\S-1-5-21-2070535610-2730784066-1945118765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-31]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-31]

Vivaldi:
=======
VIV Profile: C:\Users\alex\AppData\Local\Vivaldi\User Data\Default [2023-02-21]
VIV DownloadDir: D:\Downloads
VIV Custom_url: Default -> chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html#
VIV HomePage: Default -> vivaldi://startpage
VIV StartupUrls: Default -> "chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html#"
VIV NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
VIV DefaultSearchKeyword: Default -> g
VIV Extension: (LeechBlock NG) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\blaaajhemilngeeffpbfkdjjoefldkok [2022-11-28]
VIV Extension: (Right-Click Search IMDb) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\cbchccggcmgoabfolahgafbfapoejkcn [2022-07-03]
VIV Extension: (Adblock Plus - free ad blocker) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-02-06]
VIV Extension: (AdBlock — best ad blocker) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-16]
VIV Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2023-01-29]
VIV Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2022-06-14]
VIV Extension: (IDM Integration Module) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-09-15]
VIV Extension: (AdBlocker Ultimate) - C:\Users\alex\AppData\Local\Vivaldi\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2023-01-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.55\atkexComSvc.exe [450096 2020-12-29] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [179488 2021-09-17] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.97\AsusFanControlService.exe [2082352 2020-12-29] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1189784 2023-02-20] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-04-22] (Mixbyte Inc -> Freemake)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [17792 2019-04-22] (Mixbyte Inc -> Ellora Assets Corp.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-16] (Malwarebytes Inc -> Malwarebytes)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6101680 2021-12-18] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2021-12-25] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HDRansomOffSvc; C:\Program Files\Heilig Defense\RansomOff\HDRansomOffSvc.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6fd074e02d655c70\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6fd074e02d655c70\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [35136 2020-05-25] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43192 2021-09-17] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 HDRansomOffDrv; C:\Windows\System32\DRIVERS\HDRansomOffDrv.sys [194848 2018-12-05] (Heilig Defense, LLC -> Heilig Defense)
R0 HDRansomOffMBR; C:\Windows\System32\DRIVERS\HDRansomOffMBR.sys [43072 2017-10-30] (Heilig Defense, LLC -> Heilig Defense, LLC)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_42e0121b9785f90e\iaLPSS2_GPIO2_TGL.sys [128680 2020-11-20] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_70d4531ccdd0c3c2\iaLPSS2_I2C_TGL.sys [197288 2020-11-20] (Intel Corporation -> Intel Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2020-12-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2023-01-29] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2023-02-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2023-02-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2023-02-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116832 2023-02-20] (Malwarebytes Corporation -> Malwarebytes)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49576 2023-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473336 2023-02-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-21 00:43 - 2023-02-21 00:43 - 000027806 _____ C:\Users\alex\Desktop\FRST.txt
2023-02-21 00:42 - 2023-02-21 00:43 - 000000000 ____D C:\FRST
2023-02-21 00:40 - 2023-02-21 00:40 - 002378240 _____ (Farbar) C:\Users\alex\Desktop\FRST64.exe
2023-02-20 22:45 - 2019-05-04 23:13 - 030044752 _____ (Heilig Defense) C:\Users\alex\Desktop\RansomOff.5.2018.339.6492.x64.exe
2023-02-20 22:43 - 2023-02-20 22:43 - 000000000 ____D C:\Users\alex\AppData\LocalLow\IGDump
2023-02-20 22:19 - 2023-02-20 22:19 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2023-02-20 22:19 - 2023-02-20 22:19 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2023-02-20 22:19 - 2023-02-20 22:19 - 000116832 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-02-20 22:19 - 2023-02-20 22:19 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2023-02-17 15:50 - 2023-02-17 15:50 - 000000000 ___HD C:\$WinREAgent
2023-02-14 16:28 - 2023-02-14 16:28 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-02-01 20:37 - 2023-02-01 20:37 - 144849878 _____ C:\Users\alex\Desktop\HIDDEN MENU,TRICKS,ADDITIONAL OPTIONS, - FORD FOCUS MK2-.mp4
2023-02-01 20:14 - 2023-02-01 20:14 - 030198632 _____ C:\Users\alex\Desktop\How to_ Mk4 Mondeo electric windows reset.mp4
2023-01-29 13:51 - 2023-01-29 13:51 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2023-01-29 12:21 - 2023-01-29 12:22 - 003928254 _____ C:\Users\alex\Desktop\How to activate Ford Mondeo MK4 zone central locking (selective unlocking).mp4
2023-01-28 17:45 - 2023-01-28 17:45 - 125871673 _____ C:\Users\alex\Desktop\Ford cd 6000 ostao bez koda,Menjao akumulator i zaboravio,kako naci kod za radio.mp4
2023-01-25 22:52 - 2023-01-25 22:51 - 004935609 _____ C:\Users\alex\Desktop\Uputstvo-Iris-2.0.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-20 23:31 - 2021-12-28 19:17 - 000000000 ____D C:\Users\alex\AppData\Roaming\POP Peeper
2023-02-20 22:50 - 2021-12-25 23:49 - 000000000 ____D C:\ProgramData\TEMP
2023-02-20 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-20 22:25 - 2022-01-01 16:05 - 000002384 _____ C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2023-02-20 22:23 - 2021-12-25 01:33 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-20 22:23 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-02-20 22:19 - 2021-12-25 23:48 - 000000000 ____D C:\Users\alex\.rainlendar2
2023-02-20 22:19 - 2021-12-25 14:02 - 000000000 ____D C:\ProgramData\Minidumps
2023-02-20 22:19 - 2021-12-25 01:26 - 001228336 _____ C:\Windows\system32\wpbbin.exe
2023-02-20 22:19 - 2021-12-25 01:26 - 001189784 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-02-20 22:19 - 2021-12-25 01:26 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-20 22:19 - 2021-12-25 01:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-20 22:19 - 2021-12-24 16:41 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-20 12:19 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-02-19 22:23 - 2022-09-14 20:14 - 000000000 ____D C:\Users\alex\AppData\Roaming\DMCache
2023-02-19 21:45 - 2021-12-24 16:58 - 000000000 ____D C:\Users\alex\AppData\Local\D3DSCache
2023-02-19 21:18 - 2021-12-24 18:39 - 000000000 ____D C:\Users\alex\AppData\LocalLow\Mozilla
2023-02-19 20:06 - 2021-12-25 01:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-02-19 19:27 - 2022-12-02 09:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-19 17:42 - 2021-12-25 01:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-19 17:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-19 17:42 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-02-18 10:15 - 2021-12-25 01:34 - 000000000 ____D C:\Users\alex
2023-02-18 01:27 - 2021-12-25 01:26 - 000437856 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-17 21:04 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-17 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-17 18:44 - 2021-12-26 10:21 - 000000000 ____D C:\Users\alex\AppData\Roaming\qBittorrent
2023-02-17 17:44 - 2022-01-01 16:05 - 000000000 ____D C:\Users\alex\AppData\Local\Vivaldi
2023-02-17 15:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-17 15:55 - 2021-12-25 01:29 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-17 15:50 - 2021-12-24 19:54 - 000000000 ____D C:\Windows\system32\MRT
2023-02-17 15:48 - 2021-12-25 01:26 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-02-17 15:48 - 2021-12-24 19:54 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-14 22:40 - 2021-12-26 00:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-14 22:40 - 2021-12-26 00:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-14 16:28 - 2021-12-26 00:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-08 22:36 - 2021-12-25 01:26 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-08 22:36 - 2021-12-25 01:26 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-07 00:02 - 2022-12-01 23:39 - 000000000 ____D C:\Users\alex\Desktop\ACA !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
2023-02-02 22:16 - 2022-01-25 22:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-01-30 20:10 - 2022-09-14 20:14 - 000000000 ____D C:\Users\alex\AppData\Roaming\IDM
2023-01-28 09:17 - 2021-12-24 19:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-12-24 17:08 - 2022-01-26 20:24 - 000007597 _____ () C:\Users\alex\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zdravo,

Promeni sve lozinke za mail, fejs i na forumima, bankama, za svaki slucaj.
I da imaju podatke o karticama, ne mogu da ti trose pare sa kartice ako je potrebna verifikacija sa telefona i ako nisi delio onaj broj sa poledjine kartice.
I da imaju tvoje lozinke, ne mogu da iskoriste tvoje sifre da drugima uhakuju uredjaje.

Da li mozes normalno da pristupis svojim fajlovima na kompu?
Ne znam kako je na yahoo, ali na gmailu postoji opcija da vidis odakle je pristupano tvom nalogu, pa je lako proverljivo da li ti je neko ulazio na mail.

Kad promenis lozinke, pokreni MBAM da skenira i ocisti ako nesto nadje.