Više pokušaja preuzimanja email adresa

Više pokušaja preuzimanja email adresa

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Napisano: 23 Jan 2023 12:58

Nekoliko dana unazad mi se dešava da dobijam obaveštenja od gmaila da su mi nalozi na gmailu napadnuti i da moram da menjam lozinke. Pre par dana sam preskenirao sa Malwarebytom i nalazli su mi koješta ali su se problemi nastavljali. Malopre sam skenirao i opet je antivirus našao koješta pa vam dostavljam i logove sa Malwarebites
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by Lenovo (administrator) on DESKTOP-O6HALP8 (LENOVO 82C7) (23-01-2023 12:53:27)
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\Lenovo\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Lenovo\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(explorer.exe ->) (Avanquest Software SAS -> Avanquest Software) C:\Users\Lenovo\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Lenovo\AppData\Local\Viber\Viber.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Lenovo\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-11-17] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-699055456-4220227270-3419461705-1002\...\Run: [Avanquest Message] => C:\Users\Lenovo\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [602264 2022-09-15] (Avanquest Software SAS -> Avanquest Software)
HKU\S-1-5-21-699055456-4220227270-3419461705-1002\...\Run: [Viber] => C:\Users\Lenovo\AppData\Local\Viber\Viber.exe [60745936 2023-01-10] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-699055456-4220227270-3419461705-1002\...\Run: [Microsoft Edge Update] => C:\Users\Lenovo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateCore.exe [263592 2023-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-699055456-4220227270-3419461705-1002\...\Run: [MicrosoftEdgeAutoLaunch_5EF70F99B4529735F3564FFE246DB961] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F69158C-831D-4A65-8D9F-2942F91557FF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {104CAC3D-4AE3-47CB-AB82-BBA69E0A387A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A4DC6ED-C125-4541-B198-79271A3C6E7D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3786C9A1-F5E9-4288-B752-827452688928} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {43D80C78-069E-4BD1-BEC9-F609F29C8CEA} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [160696 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EC1FEA9-CC6C-489D-8F52-72A1B86145F2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144288 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D1AF3AC-DEA4-47E2-8DE1-9ECC1DBDE504} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-699055456-4220227270-3419461705-1002Core => C:\Users\Lenovo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {85C8839E-A538-4AAF-AE2E-55ED0893BE0C} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-699055456-4220227270-3419461705-1002UA => C:\Users\Lenovo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2DF58D0-046B-4D09-AD08-378F7CF813C0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-11-05] () [File not signed]
Task: {CE4BF237-8C4F-4142-909A-BD068539CAD9} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {D1E7D78D-8C1F-4BDB-8D98-C443A8C91373} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26326520 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2746C37-72B1-4996-9165-FD40EA1F1244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-08] (Google LLC -> Google LLC)
Task: {D7F70D1A-8CB3-44BF-BC8B-331BBE6F3BB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-08] (Google LLC -> Google LLC)
Task: {E49D568C-D59A-42C3-8513-2793B844CBD5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37dbde66-1e56-49ac-bf7a-f1307dee994a}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-23]

FireFox:
========
FF DefaultProfile: 7ekf1knn.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\7ekf1knn.default [2021-11-09]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\hvscik5x.default-release [2022-12-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2023-01-23]
CHR DownloadDir: C:\Users\Lenovo\Desktop
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.unicreditbank.rs
CHR HomePage: Default -> hxxp://google.rs/
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-31]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-12]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-01-22]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-17]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-06-17]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-06-17]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-17]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-15]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-01-22]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-06-17]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-22]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-28]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-12]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12548520 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-04] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-02-14] (HP Inc. -> HP Inc.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-18] (Malwarebytes Inc. -> Malwarebytes)
R2 NativePushService; C:\Users\Lenovo\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197088 2023-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [76216 2023-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-01-23] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-23 12:53 - 2023-01-23 12:53 - 000021630 _____ C:\Users\Lenovo\Desktop\FRST.txt
2023-01-23 12:53 - 2023-01-23 12:53 - 000000000 ____D C:\FRST
2023-01-23 12:52 - 2023-01-23 12:52 - 002376704 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2023-01-23 12:47 - 2023-01-23 12:47 - 000007669 _____ C:\Users\Lenovo\Desktop\MB karantin.txt
2023-01-23 12:46 - 2023-01-23 12:47 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IGDump
2023-01-23 12:46 - 2023-01-23 12:46 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-01-23 09:15 - 2023-01-23 09:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2023-01-22 19:39 - 2023-01-22 19:39 - 000000876 _____ C:\Users\Lenovo\AppData\Local\recently-used.xbel
2023-01-22 19:38 - 2023-01-22 19:38 - 022951403 _____ C:\Users\Lenovo\Desktop\22380242_6571222.psd
2023-01-22 12:07 - 2023-01-22 12:08 - 174995190 _____ C:\Users\Lenovo\Desktop\10000000_553757113436404_7946771228217098850_n.mp4
2023-01-22 10:35 - 2023-01-22 10:36 - 106638128 _____ (InterAction studios ) C:\Users\Lenovo\Desktop\ChickenInvadersUniverseInstaller.exe
2023-01-22 09:10 - 2023-01-22 09:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2023-01-20 10:07 - 2023-01-20 10:10 - 1302626628 _____ C:\Users\Lenovo\Desktop\Snowfall in Times Square NYC Walking in New York City in the Winter Snow 4k.mp4
2023-01-18 17:18 - 2023-01-22 19:33 - 000001092 _____ C:\Users\Public\Desktop\paint.net.lnk
2023-01-18 15:25 - 2023-01-18 15:25 - 027810549 _____ C:\Users\Lenovo\Desktop\Transient 2 - 4K UHD 1000FPS.mp4
2023-01-18 15:08 - 2023-01-18 15:08 - 112742984 _____ C:\Users\Lenovo\Desktop\Lightning Strike at 103,000 FPS.mp4
2023-01-18 14:52 - 2023-01-23 09:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-18 12:19 - 2023-01-18 12:20 - 000000000 ____D C:\ProgramData\Wondershare
2023-01-18 11:57 - 2023-01-18 11:57 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-01-18 11:57 - 2023-01-18 11:57 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-01-18 11:57 - 2023-01-18 11:57 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2023-01-18 11:56 - 2023-01-18 11:56 - 002552184 _____ (Malwarebytes) C:\Users\Lenovo\Desktop\MBSetup-9F47914B.exe
2023-01-18 11:56 - 2023-01-18 11:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-01-18 11:56 - 2023-01-18 11:56 - 000000000 ____D C:\Program Files\Malwarebytes
2023-01-17 20:04 - 2023-01-17 20:05 - 018642042 _____ C:\Users\Lenovo\Desktop\Što je bilo bilo je.mp4
2023-01-17 19:45 - 2023-01-17 19:45 - 048927103 _____ C:\Users\Lenovo\Desktop\Transient - 4K, UHD, 1000FPS-[onlinevideoconverter.com].mp4
2023-01-17 16:54 - 2023-01-17 17:00 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Orion
2023-01-17 16:54 - 2023-01-17 16:54 - 000001176 _____ C:\Users\Lenovo\Desktop\Effect House.lnk
2023-01-17 16:54 - 2023-01-17 16:54 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Effect House
2023-01-17 16:53 - 2023-01-17 16:54 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Effect House
2023-01-17 16:53 - 2023-01-17 16:53 - 000000000 ____D C:\Users\Lenovo\AppData\Local\EffectHouseSetupUI
2023-01-17 16:41 - 2023-01-17 16:49 - 618121448 _____ C:\Users\Lenovo\Downloads\Effect_House_v1.9.1.116_Setup.exe
2023-01-17 13:43 - 2023-01-17 13:43 - 073982360 _____ C:\Users\Lenovo\Desktop\lažu me.mp4
2023-01-17 13:25 - 2023-01-17 13:27 - 150515623 _____ C:\Users\Lenovo\Desktop\New York in 8K ULTRA HD - Capital of Earth (60FPS).mp4
2023-01-17 11:26 - 2023-01-17 11:29 - 037903019 _____ C:\Users\Lenovo\Desktop\Kakva je 2022-[onlinevideoconverter.com].mp4
2023-01-17 11:02 - 2023-01-17 11:02 - 115051871 _____ C:\Users\Lenovo\Desktop\Ritam koraka.mp4
2023-01-17 10:59 - 2023-01-17 10:59 - 244058973 _____ C:\Users\Lenovo\Desktop\Rita m koraka.mp4
2023-01-17 09:15 - 2023-01-17 09:15 - 000000533 _____ C:\Users\Lenovo\Desktop\rtv1 (2).asx
2023-01-17 09:13 - 2023-01-17 09:13 - 000000533 _____ C:\Users\Lenovo\Desktop\rtv1.asx
2023-01-17 09:13 - 2023-01-17 09:13 - 000000533 _____ C:\Users\Lenovo\Desktop\rtv1 (1).asx
2023-01-17 09:01 - 2023-01-17 09:01 - 000000000 __SHD C:\ProgramData\360Quarant
2023-01-17 09:01 - 2023-01-17 09:01 - 000000000 __SHD C:\$360Section
2023-01-17 09:01 - 2023-01-17 09:01 - 000000000 ____D C:\Users\Lenovo\Documents\GOMPlayer
2023-01-17 09:00 - 2023-01-18 12:16 - 000000000 ____D C:\Program Files (x86)\360
2023-01-17 08:59 - 2023-01-17 08:59 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-17 08:58 - 2023-01-17 08:58 - 000000000 _____ C:\end
2023-01-17 08:57 - 2023-01-17 08:57 - 000000304 _____ C:\nsispromotion_log.txt
2023-01-16 22:34 - 2023-01-16 22:34 - 022892818 _____ C:\Users\Lenovo\Desktop\My Video.mp4
2023-01-16 22:30 - 2023-01-22 13:05 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-01-16 22:30 - 2023-01-16 22:30 - 000001191 _____ C:\Users\Lenovo\Desktop\Wondershare Filmora.lnk
2023-01-16 22:30 - 2023-01-16 22:30 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Wondershare Filmora
2023-01-16 22:30 - 2023-01-16 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare Filmora
2023-01-16 22:30 - 2023-01-16 22:30 - 000000000 ____D C:\Program Files\Wondershare
2023-01-16 22:30 - 2020-10-17 02:47 - 001250304 _____ (CineForm Inc.) C:\Windows\system32\CFDecode64.ax
2023-01-16 22:10 - 2018-08-18 10:06 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2023-01-16 21:35 - 2023-01-16 21:35 - 000000000 ____D C:\Users\Lenovo\Desktop\Use_2022_As-P@Sw0rd-Final&Stup-V9
2023-01-16 21:34 - 2023-01-16 21:44 - 000684984 _____ (Mozilla Foundation) C:\Users\Lenovo\AppData\LocalLow\freebl3.dll
2023-01-16 21:34 - 2023-01-16 21:44 - 000627128 _____ (Mozilla Foundation) C:\Users\Lenovo\AppData\LocalLow\mozglue.dll
2023-01-16 21:34 - 2023-01-16 21:44 - 000254392 _____ (Mozilla Foundation) C:\Users\Lenovo\AppData\LocalLow\softokn3.dll
2023-01-16 21:23 - 2023-01-22 12:09 - 000000000 ____D C:\Users\Lenovo\Desktop\tiktok
2023-01-16 21:10 - 2023-01-16 21:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Wondershare
2023-01-16 21:10 - 2023-01-16 21:10 - 000000016 _____ C:\ProgramData\mntemp
2023-01-16 21:09 - 2023-01-16 21:09 - 000000000 ____D C:\Users\Lenovo\Documents\Wondershare
2023-01-16 21:07 - 2023-01-16 22:17 - 000000000 ____D C:\Users\Lenovo\Desktop\pesme za dušu
2023-01-16 21:06 - 2023-01-16 21:40 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-01-16 15:38 - 2023-01-16 22:11 - 000000000 ____D C:\Users\Lenovo\Documents\Wondershare Filmora
2023-01-16 12:30 - 2023-01-16 12:41 - 2288462254 _____ C:\Users\Lenovo\Desktop\4K HDR __ Tokyo Snowy Night Walk - Shibuya to Shinjuku - 2 hours.mp4
2023-01-16 10:00 - 2023-01-20 19:50 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-15 09:57 - 2023-01-15 09:57 - 000000000 ____D C:\Users\Lenovo\Documents\Zoom
2023-01-15 09:51 - 2023-01-15 09:51 - 000137600 _____ (Zoom Video Communications, Inc.) C:\Users\Lenovo\Desktop\Zoom_cm_fo42pnktZ9vvrZo4_mJji-lr6Ccg1LWx0hgZSY3OY1HuUWebYX2R2N@gI66MTwm6XWokIwx_k1c1fb922596dd662_.exe
2023-01-15 09:49 - 2023-01-15 09:49 - 000001934 _____ C:\Users\Lenovo\Desktop\Zoom.lnk
2023-01-15 09:48 - 2023-01-15 09:50 - 257642768 _____ C:\Users\Lenovo\Desktop\zoom (1).apk
2023-01-15 09:48 - 2023-01-15 09:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Zoom
2023-01-15 09:46 - 2023-01-15 09:48 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Zoom
2023-01-15 09:46 - 2023-01-15 09:46 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-01-15 09:42 - 2023-01-15 09:44 - 257642768 _____ C:\Users\Lenovo\Desktop\zoom.apk
2023-01-14 00:39 - 2023-01-14 00:39 - 000002663 _____ C:\Users\Lenovo\Desktop\TikTok.lnk
2023-01-13 19:42 - 2023-01-13 19:43 - 063638711 _____ C:\Users\Lenovo\Desktop\nisam te zaboravio.mp4
2023-01-13 19:11 - 2023-01-13 19:11 - 001715545 _____ C:\Users\Lenovo\Desktop\videoplayback.mp4
2023-01-12 20:14 - 2023-01-12 20:19 - 953511810 _____ C:\Users\Lenovo\Desktop\【4K HDR】Night Walk in Tokyo Shibuya (東京散歩).mp4
2023-01-12 17:21 - 2023-01-12 17:21 - 000000000 ___HD C:\$WinREAgent
2023-01-09 11:45 - 2023-01-12 17:38 - 000000000 ____D C:\Users\Lenovo\Desktop\New folder (6)
2023-01-07 14:17 - 2023-01-07 14:54 - 000000000 ____D C:\Users\Lenovo\Desktop\Božić 2023
2022-12-27 19:41 - 2022-12-27 19:41 - 011380632 _____ C:\Users\Lenovo\Downloads\Dr Merica ..... - Psihologija.WMA
2022-12-27 12:11 - 2022-12-27 12:28 - 274817991 _____ C:\Users\Lenovo\Desktop\svet.mp4
2022-12-27 11:38 - 2022-12-27 12:01 - 335604326 _____ C:\Users\Lenovo\Desktop\moj svet.avi
2022-12-27 10:49 - 2022-12-27 10:50 - 262640741 _____ C:\Users\Lenovo\Desktop\20221226_122236.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-23 12:54 - 2021-06-24 23:50 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-23 12:54 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-01-23 12:49 - 2021-11-08 19:12 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2023-01-23 12:48 - 2021-11-08 20:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-23 12:47 - 2021-12-06 09:18 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\ViberPC
2023-01-23 12:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-23 12:46 - 2021-11-09 09:43 - 000000000 ____D C:\Users\Lenovo\Documents\Outlook Files
2023-01-23 12:46 - 2021-11-08 19:10 - 000000000 ____D C:\Windows\CSC
2023-01-23 12:46 - 2021-06-25 08:44 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-23 12:46 - 2021-06-25 08:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-23 12:46 - 2021-06-25 08:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-23 12:46 - 2019-12-07 10:51 - 000000000 ____D C:\Windows\addins
2023-01-23 12:46 - 2019-12-07 10:50 - 000000000 ____D C:\Windows\DigitalLocker
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\Offline Web Pages
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SKB
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SchCache
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PLA
2023-01-23 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ModemLogs
2023-01-23 11:54 - 2021-11-09 02:32 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2023-01-23 10:10 - 2021-11-08 19:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2023-01-23 09:17 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-01-23 09:16 - 2021-11-08 20:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-23 09:08 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-01-22 19:40 - 2022-11-30 14:19 - 000000000 ____D C:\Users\Lenovo\AppData\Local\babl-0.1
2023-01-22 19:33 - 2021-12-25 17:33 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2023-01-22 19:32 - 2021-12-25 17:33 - 000000000 ____D C:\Program Files\paint.net
2023-01-22 18:46 - 2021-12-06 09:18 - 000000000 ____D C:\Users\Lenovo\Documents\ViberDownloads
2023-01-22 13:09 - 2021-11-08 19:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2023-01-22 10:36 - 2022-11-16 12:55 - 000001150 _____ C:\Users\Public\Desktop\Chicken Invaders Universe.lnk
2023-01-22 10:36 - 2022-09-16 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chicken Invaders Universe
2023-01-22 10:36 - 2022-09-16 16:29 - 000000000 ____D C:\Program Files (x86)\ChickenInvadersUniverse
2023-01-21 23:21 - 2021-11-08 19:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-21 23:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-21 23:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-21 04:24 - 2021-06-24 23:47 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-20 21:52 - 2021-11-08 20:28 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AIMP
2023-01-20 19:50 - 2021-06-25 08:44 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-18 21:49 - 2021-11-08 20:28 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-18 21:49 - 2021-11-08 20:28 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-01-18 17:18 - 2021-12-25 17:33 - 000000000 ____D C:\Users\Lenovo\AppData\Local\paint.net
2023-01-18 14:52 - 2021-11-08 20:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-18 12:16 - 2022-02-27 14:00 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent
2023-01-18 12:16 - 2021-11-08 23:05 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\WinShare
2023-01-18 12:16 - 2021-06-25 08:44 - 003118768 _____ C:\Windows\system32\FNTCACHE.DAT
2023-01-18 12:15 - 2022-01-22 12:13 - 000000000 ____D C:\Users\Lenovo\Desktop\Internet programi
2023-01-18 12:15 - 2021-11-08 23:41 - 000000000 ____D C:\Windows\AAct_Tools
2023-01-18 12:15 - 2021-11-08 23:03 - 000000000 ____D C:\Users\Lenovo\Downloads\lipsur v1.109.0045
2023-01-18 12:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Web
2023-01-18 11:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-01-17 16:36 - 2021-11-08 19:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2023-01-17 10:00 - 2021-12-12 18:07 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-699055456-4220227270-3419461705-1002
2023-01-17 10:00 - 2021-11-08 19:12 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-699055456-4220227270-3419461705-1002
2023-01-17 10:00 - 2021-11-08 19:12 - 000002382 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-17 09:15 - 2022-05-15 09:36 - 000000000 ____D C:\ProgramData\GRETECH
2023-01-17 09:15 - 2021-11-08 20:29 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\GRETECH
2023-01-17 09:15 - 2021-11-08 20:28 - 000000000 ____D C:\Program Files (x86)\GRETECH
2023-01-17 08:14 - 2021-11-10 14:05 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BitTorrentHelper
2023-01-16 22:20 - 2022-01-03 16:30 - 000000000 ____D C:\Users\Lenovo\Desktop\spov
2023-01-16 22:17 - 2022-11-18 10:21 - 000000000 ____D C:\Users\Lenovo\Desktop\New folder (3)
2023-01-16 21:44 - 2021-11-08 20:28 - 000000000 ____D C:\Program Files\Google
2023-01-16 21:42 - 2021-11-08 23:49 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Wondershare
2023-01-16 21:27 - 2022-01-22 12:12 - 000000000 ____D C:\Users\Lenovo\Desktop\Grafički programi
2023-01-16 21:09 - 2021-11-08 23:48 - 000000000 ____D C:\Users\Lenovo\Documents\Wondershare Filmora 9
2023-01-15 09:09 - 2022-08-29 08:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Viber
2023-01-15 09:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-01-15 09:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-01-15 09:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-15 09:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-01-14 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Performance
2023-01-14 00:39 - 2022-01-22 14:52 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2023-01-13 21:22 - 2021-06-25 09:43 - 000000000 ____D C:\Windows\Panther
2023-01-12 17:44 - 2021-11-09 15:10 - 000000000 ____D C:\Users\Lenovo\Desktop\СП Зрењанин
2023-01-12 17:27 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-01-12 17:26 - 2021-06-24 23:46 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-01-12 17:21 - 2021-11-08 19:13 - 000000000 ____D C:\Windows\system32\MRT
2023-01-12 17:19 - 2021-11-08 19:13 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-01-11 22:53 - 2022-10-13 09:03 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-11 22:53 - 2022-10-13 09:03 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-11 22:53 - 2022-02-24 17:13 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-01-06 20:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System
2023-01-06 11:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\GameBarPresenceWriter
2023-01-05 20:16 - 2021-06-25 08:44 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-05 20:16 - 2021-06-25 08:44 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-05 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-01-03 18:52 - 2022-06-19 18:34 - 000003818 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-699055456-4220227270-3419461705-1002UA
2023-01-03 18:52 - 2022-06-19 18:34 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-699055456-4220227270-3419461705-1002Core
2023-01-03 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\schemas
2022-12-31 13:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-12-30 14:50 - 2022-02-24 18:44 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Telegram Desktop
2022-12-26 01:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IdentityCRL

==================== Files in the root of some directories ========

2023-01-22 19:39 - 2023-01-22 19:39 - 000000876 _____ () C:\Users\Lenovo\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
https://www.mycity.rs/must-login.png

Dopuna: 23 Jan 2023 12:59

https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Da li ti je poznato cemu sluzi ovaj program:
C:\Users\Lenovo\Downloads\Effect_House_v1.9.1.116_Setup.exe

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Napisano: 23 Jan 2023 20:33

Apsolutno ne!

Dopuna: 23 Jan 2023 20:47

Zapravo, sad sam se setio. Skinuo sam taj program, nadajući se da bih njim mogao da ulepšam postove na TikTok-u ali nisam znao da radim sa njim pa sam odustao. Jel treba da ga izbrišem?

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Postavi mi sadrzaj maila, ako mozes.

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Napisano: 24 Jan 2023 0:02



Dopuna: 24 Jan 2023 0:03

Isto obaveštenje sam dobio i na ostalim nalozima (ukupno 3)

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Izvini na cekanju.

Da li mozes da ponovo skeniras sa MBAMom, ukoliko nesto pronadje da obrises, i postavis mi MBAM log nakon toga.
Da li i dalje dobijas upozorenja od googla?

offline
  • goust  Male
  • Elitni građanin
  • Pridružio: 09 Apr 2005
  • Poruke: 1799

Napisano: 26 Jan 2023 12:03

https://www.mycity.rs/must-login.png

Dopuna: 26 Jan 2023 12:14

Sad dobijam i neke mejlove sa upozorenjima da neko pokušava da se uloguje na moje naloge sa stranica na kojima nisam možda godinama bio ali i na Instagram



Dopuna: 26 Jan 2023 12:15



Dopuna: 26 Jan 2023 12:23

i još nešto, ne znam koliko je to normalno ali kad kliknem na prikačeni fajl MBAM mi to prijavljuje kao trojanca


offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Neko je provalio gde si sve registrovan, kojim nikom i sad pokusava da pristupi tim nalozima. Najbolje bi bilo da prvo promenis lozinku na mailu, ako vec nisi, i onda redom da menjas lozinke.

Ova fotkica ni meni ne radi, ko zna sta je sa sajtom.

Ko je trenutno na forumu
 

Ukupno su 1181 korisnika na forumu :: 46 registrovanih, 6 sakrivenih i 1129 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., asdfjklc, babaroga, bobomicek, bufanje, cenejac111, Centauro, DejanSt, Denaya, Dorcolac, dule10savic, Excalibur13, Frunze, Georgius, hologram, ikan, jackreacher011011, JOntra, Krusarac, Kubovac, Mad Serb, madza, mane123, MB120mm, mile23, milenko crazy north, milos.cbr, minmatar34957, mnn2, oldtimer, pedja.st, RED4G-304, ruger357, sevenino, shaja1, Shinobi, t.mile, Tragač, Trpe Grozni, uruk, vathra, Viceroy, virked, voja64, yrraf, |_MeD_|