MyCity » Ambulanta » Virusi provera

Virusi provera

Napisano na dan: 11.4.2021
1

Virusi provera
Sledeća strana Pagination

Idi na vrh

Poslao: 11 Apr 2021 07:03
Idi na vrh
offline
  • Pridružio: 01 Nov 2011
  • Poruke: 89

Pozdrav, krenuo sam da skidam torent iako to nikada ne radim i pokupio neke viruse.
Molio bih proveu. Hvala unapred.

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.122.99.128 109.122.99.129 1.1.1.1
Tcpip\..\Interfaces\{22d76757-1819-4709-beac-ba92e9b591dc}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{85ff6328-561d-4f5c-9487-6836d138693e}: [DhcpNameServer] 109.122.99.128 109.122.99.129 1.1.1.1
Tcpip\..\Interfaces\{ea755338-02fd-4267-8568-76a691446cbb}: [DhcpNameServer] 192.168.42.129

Edge:
=======
Edge Profile: C:\Users\Bojan\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-11]

FireFox:
========
FF DefaultProfile: 5es7r047.default
FF ProfilePath: C:\Users\Bojan\AppData\Roaming\Mozilla\Firefox\Profiles\5es7r047.default [2021-03-09]
FF ProfilePath: C:\Users\Bojan\AppData\Roaming\Mozilla\Firefox\Profiles\c8lhl878.default-release [2021-04-11]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\OFISIN~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default [2021-04-11]
CHR DownloadDir: C:\Users\Bojan\Desktop
CHR HomePage: Default -> hxxps://www.google.rs/?gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.rs/"
CHR Extension: (Slides) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-09]
CHR Extension: (Docs) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-09]
CHR Extension: (Google Drive) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-09]
CHR Extension: (YouTube) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-03-09]
CHR Extension: (Sheets) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-09]
CHR Extension: (Google Docs Offline) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Extension: (Gmail) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-09]

Opera:
=======
OPR Profile: C:\Users\Bojan\AppData\Roaming\Opera Software\Opera Stable [2021-04-11]
OPR DownloadDir: C:\Users\Bojan\Desktop
OPR StartupUrls: Opera Stable -> "hxxps://www.google.rs/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Bojan\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AppServicea; C:\WINDOWS\system32\Z43W00MI54.tmp [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\ProgramData\8468734.exe"
Error Reading file: "C:\ProgramData\8269899.exe"
Error Reading file: "C:\ProgramData\785781.exe"
Error Reading file: "C:\ProgramData\6082542.exe"
Error Reading file: "C:\ProgramData\2887347.exe"
Error Reading file: "C:\ProgramData\2815973.exe"
Error Reading file: "C:\ProgramData\1101959.exe"
2021-04-11 08:00 - 2021-04-11 08:00 - 000007951 _____ C:\Users\Bojan\Desktop\FRST.txt
2021-04-11 08:00 - 2021-04-11 08:00 - 000000000 ____D C:\FRST
2021-04-11 07:59 - 2021-04-11 07:59 - 002297856 _____ (Farbar) C:\Users\Bojan\Desktop\FRST64.exe
2021-04-10 23:36 - 2021-04-10 23:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-10 23:28 - 2021-04-10 23:28 - 000159096 _____ (Oracle Corporation) C:\Program Files\hprof.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000150512 _____ C:\Program Files\jp2iexp.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000003712 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 3D4D5FCD8C06D67C
2021-04-10 23:28 - 2021-04-10 23:28 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Lab.lnk
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\ZKISUAGEUH2YIKE7NNVZKXX9U
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\FANIT80PXSYYDJ093DOCD490P
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\F7OOZ3G9MDZEUVINQ56P783P2
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\Program Files (x86)\Picture Lab
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\8498436.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\7154134.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\6683346.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\6555884.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\5428148.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\4427171.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\3828921.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\3171973.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\2973137.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\287846.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\2472649.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\246174.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\216473.exe
2021-04-10 23:25 - 2021-04-10 23:30 - 000000000 __SHD C:\Users\Bojan\AppData\Roaming\Mxmetamux
2021-04-10 23:25 - 2021-04-10 23:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\TASKDIRFORTASKCREATE
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files\MSBuild
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-10 23:23 - 2021-04-11 07:43 - 000000000 ___HD C:\ProgramData\Windows Host
2021-04-10 23:23 - 2021-04-10 23:28 - 000141296 _____ (Oracle Corporation) C:\Program Files\dcpr.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000015856 _____ C:\Program Files\jp2native.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000000199 _____ C:\Program Files\unins.vbs
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\Documents\VlcpVideoV1.0.1
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Programma configurater
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\llYHlSDJxbwekicZbE
2021-04-10 23:23 - 2021-04-10 23:24 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\sPiAfuTGyyVOZKeaLf
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 ____D C:\ProgramData\B29WDJHRPDAYVGMC3RYZM8I9E
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 ____D C:\Program Files (x86)\94c45254-6d52-40cc-93fb-b69707383880
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\7524605.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\7210982.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\6710493.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\4484019.exe
2021-04-10 16:18 - 2021-04-10 18:37 - 000000000 ____D C:\Users\Bojan\Desktop\Gume
2021-04-10 16:18 - 2021-04-10 17:43 - 000000000 ____D C:\Users\Bojan\Desktop\Clio
2021-04-10 16:18 - 2021-04-10 16:20 - 000000000 ____D C:\Users\Bojan\Desktop\Golf
2021-04-09 16:12 - 2021-04-09 16:23 - 000000000 ____D C:\ESD
2021-04-09 16:10 - 2021-04-09 16:10 - 000000000 ___HD C:\$Windows.~WS
2021-04-09 16:10 - 2021-04-09 16:10 - 000000000 ____D C:\$WINDOWS.~BT
2021-04-05 19:53 - 2021-04-10 06:19 - 000000000 ____D C:\Users\Bojan\Desktop\Golf 4 VAŽNO
2021-03-31 19:05 - 2021-03-31 19:05 - 000000000 ____D C:\Users\Bojan\AppData\Local\Viber
2021-03-31 16:40 - 2021-03-31 16:41 - 000000000 ____D C:\ProgramData\BlueStacks
2021-03-31 16:40 - 2021-03-31 16:40 - 000000000 ____D C:\Program Files\BlueStacks
2021-03-30 13:06 - 2021-04-09 14:40 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-03-29 21:27 - 2021-03-29 21:27 - 000000000 ____D C:\Users\Bojan\Desktop\Vakcina
2021-03-29 16:02 - 2021-03-29 16:03 - 000000000 ____D C:\Users\Bojan\Desktop\Brojila
2021-03-29 14:52 - 2021-03-29 15:07 - 000000000 ____D C:\Users\Bojan\Desktop\HT
2021-03-27 16:46 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Local\CrashDumps
2021-03-27 14:13 - 2021-04-05 19:25 - 000000069 _____ C:\Users\Bojan\Desktop\New Text Document.txt
2021-03-25 16:13 - 2021-03-25 16:13 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-25 16:13 - 2021-03-25 16:13 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-24 16:28 - 2021-03-24 16:28 - 000017625 _____ C:\Users\Bojan\Desktop\Super nova sifra.eml
2021-03-24 16:16 - 2021-04-11 07:44 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-23 21:01 - 2021-03-23 21:20 - 000000000 ____D C:\Users\Bojan\Desktop\Lenovo
2021-03-15 23:46 - 2020-10-22 02:24 - 005936224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-03-15 23:46 - 2020-10-22 02:08 - 042834558 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-03-15 23:46 - 2020-07-23 05:42 - 001138416 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2021-03-15 23:46 - 2020-07-23 05:42 - 000224288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-03-15 23:46 - 2020-07-23 05:41 - 000854120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-03-15 23:46 - 2020-07-23 05:36 - 001145480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-03-15 23:46 - 2020-07-23 05:36 - 000468792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-03-15 23:44 - 2021-03-15 23:51 - 000000000 ____D C:\Users\Bojan\AppData\Local\AMD
2021-03-15 23:44 - 2021-03-15 23:45 - 000000000 ____D C:\AMD
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\AMD
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Local\setup
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Local\cache
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Program Files (x86)\AMD
2021-03-15 23:43 - 2021-03-15 23:43 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-03-15 23:41 - 2021-03-15 23:41 - 000000000 ____D C:\Users\Bojan\AppData\Local\RadeonInstaller
2021-03-15 23:28 - 2021-03-15 23:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-03-15 23:28 - 2021-03-15 23:28 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-03-14 17:04 - 2021-03-14 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-03-13 11:12 - 2021-03-13 11:12 - 000000000 ____D C:\Users\Bojan\AppData\Local\Steam
2021-03-13 11:10 - 2021-03-22 08:14 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-13 11:10 - 2021-03-13 11:10 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2021-03-13 11:10 - 2021-03-13 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-12 23:32 - 2021-03-12 23:32 - 000344064 _____ C:\Users\Bojan\Documents\Database2.accdb
2021-03-12 23:28 - 2021-03-12 23:28 - 000344064 _____ C:\Users\Bojan\Documents\Database1.accdb
2021-03-12 23:03 - 2021-03-12 23:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-12 23:01 - 2021-03-12 23:01 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2021-03-12 23:00 - 2021-04-10 23:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-03-12 23:00 - 2021-03-12 23:01 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\Microsoft Help
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-03-12 22:59 - 2021-03-12 22:59 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-12 22:24 - 2021-03-12 22:24 - 000000000 ___HD C:\$AV_ASW
2021-03-12 22:01 - 2021-04-10 23:20 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\uTorrent
2021-03-12 22:01 - 2021-03-12 22:03 - 000000000 ____D C:\Users\Bojan\AppData\Local\BitTorrentHelper
2021-03-12 22:01 - 2021-03-12 22:01 - 000000896 _____ C:\Users\Bojan\Desktop\µTorrent.lnk
2021-03-12 22:01 - 2021-03-12 22:01 - 000000876 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2021-03-12 22:00 - 2021-03-12 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\UT008

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 07:49 - 2020-11-19 09:54 - 000841126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-11 07:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-11 07:44 - 2021-03-09 21:16 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\eM Client
2021-04-11 07:44 - 2021-03-09 20:37 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-11 07:43 - 2021-03-09 21:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-11 07:43 - 2021-03-09 21:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-11 07:43 - 2021-03-09 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-11 07:43 - 2020-11-19 09:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-11 07:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-11 00:34 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-11 00:31 - 2020-11-19 09:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-10 23:36 - 2021-03-09 21:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-10 23:36 - 2021-03-09 21:11 - 000000000 ____D C:\Users\Bojan\AppData\LocalLow\Mozilla
2021-04-10 23:36 - 2021-03-09 21:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-10 23:34 - 2021-03-09 19:02 - 000000000 ____D C:\Users\Bojan\AppData\Local\D3DSCache
2021-04-10 23:31 - 2021-03-09 18:31 - 000000000 ____D C:\Users\Bojan\AppData\Local\Packages
2021-04-10 23:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-10 23:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-10 23:30 - 2021-03-09 18:33 - 000000000 ____D C:\Users\Bojan\AppData\Local\PlaceholderTileLogoFolder
2021-04-10 23:28 - 2021-03-09 18:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-10 23:28 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-10 23:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-10 18:29 - 2021-03-10 19:12 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\ProMod
2021-04-10 16:58 - 2020-11-19 09:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-09 16:23 - 2021-03-09 21:07 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-09 14:40 - 2021-03-09 21:16 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-04-09 13:49 - 2021-03-09 18:50 - 000000000 ____D C:\Users\Bojan\Documents\ViberDownloads
2021-04-07 11:35 - 2021-03-09 21:52 - 000004158 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1615316300
2021-04-07 11:35 - 2021-03-09 20:58 - 000001409 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-04-07 07:26 - 2021-03-09 22:22 - 000003926 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-04-06 06:12 - 2021-03-09 21:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-02 06:46 - 2021-03-09 18:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 06:16 - 2021-03-09 19:02 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-04-02 06:16 - 2021-03-09 19:02 - 000000000 ____D C:\Games
2021-03-31 21:06 - 2021-03-09 18:50 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\ViberPC
2021-03-31 19:18 - 2021-03-09 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\BlueStacksSetup
2021-03-31 16:41 - 2021-03-09 22:02 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2021-03-31 16:41 - 2021-03-09 22:02 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2021-03-31 16:41 - 2021-03-09 22:02 - 000001912 _____ C:\ProgramData\Desktop\BlueStacks.lnk
2021-03-31 16:40 - 2021-03-09 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\Bluestacks
2021-03-28 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-27 17:42 - 2021-03-11 20:05 - 000000029 _____ C:\Users\Bojan\Desktop\Banka.txt
2021-03-25 16:13 - 2021-03-09 20:38 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-25 16:13 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-16 01:25 - 2020-11-19 09:48 - 000000000 ____D C:\ProgramData\Packages
2021-03-15 23:42 - 2021-03-09 19:34 - 000000000 ____D C:\Program Files\AMD
2021-03-15 20:59 - 2021-03-09 21:52 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3910170956-1247854177-3012191338-1001
2021-03-15 20:59 - 2021-03-09 21:49 - 000002367 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 20:59 - 2021-03-09 18:33 - 000000000 ___RD C:\Users\Bojan\OneDrive
2021-03-14 16:57 - 2021-03-09 21:49 - 000000000 ____D C:\Users\Bojan
2021-03-14 00:51 - 2021-03-10 00:53 - 000000517 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-03-13 18:21 - 2021-03-09 22:29 - 000000246 _____ C:\Users\Bojan\Desktop\Brawl.txt
2021-03-12 23:31 - 2021-03-09 18:47 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Skype
2021-03-12 23:19 - 2020-11-19 09:43 - 000437696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 23:05 - 2018-09-15 09:31 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-12 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\216473.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\246174.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\2472649.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\287846.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\2973137.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\3171973.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\3828921.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\4427171.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\4484019.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\5428148.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\6555884.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\6683346.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\6710493.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\7154134.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\7210982.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\7524605.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\8498436.exe
2021-04-10 23:23 - 2021-04-10 23:28 - 000022848 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-convert-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000023360 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000024896 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-string-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000141296 _____ (Oracle Corporation) C:\Program Files\dcpr.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000159096 _____ (Oracle Corporation) C:\Program Files\hprof.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000150512 _____ () C:\Program Files\jp2iexp.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000015856 _____ () C:\Program Files\jp2native.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000000199 _____ () C:\Program Files\unins.vbs
2021-03-09 21:32 - 2021-03-09 23:20 - 000000114 _____ () C:\Users\Bojan\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-03-09 21:08 - 2021-03-09 21:08 - 000000017 _____ () C:\Users\Bojan\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
mycity.rs/must-login.png

Poslao: 11 Apr 2021 09:42
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo,

FRST log nije kompletan, da li bi mogao ponovo da pokrenes skeniranje i postavis novi log? Ukoliko imas problema sa tim, probacemo nesto drugo.

Poslao: 11 Apr 2021 10:48
Idi na vrh
offline
  • Pridružio: 01 Nov 2011
  • Poruke: 89

Napisano: 11 Apr 2021 10:43

Pa u toku skeniranja avast je 3-4x izbacivao neke pretnje, prozorčiće.

Dopuna: 11 Apr 2021 10:47

Evo ga sada odradio bez grešaka:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2021
Ran by Bojan (administrator) on BOJANPC (Micro-Star International Co., Ltd. MS-7C95) (11-04-2021 11:45:41)
Running from C:\Users\Bojan\Desktop
Loaded Profiles: Bojan
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0362846.inf_amd64_6c9deb6524ba1c5b\B362533\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0362846.inf_amd64_6c9deb6524ba1c5b\B362533\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(eM Client, s.r.o. -> eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe <2>
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Bojan\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138416 2020-07-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Viber] => C:\Users\Bojan\AppData\Local\Viber\Viber.exe [48844504 2021-03-29] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Opera Browser Assistant] => C:\Users\Bojan\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3368600 2021-03-04] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [253544 2021-04-07] (eM Client, s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar805.lnk [2021-04-11]
ShortcutTarget: Sidebar805.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
BootExecute: autocheck autochk * aswBoot.exe /M:4197d6068 /dir:"C:\Program Files\Avast Software\Avast"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0344CBDC-5303-466D-8C5B-700CC54F2F1A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {0B683E33-908B-43AA-90D7-F2D216D0F34B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-09] (Google LLC -> Google LLC)
Task: {186FA48F-87BA-4B37-B8A1-10A61A65A6F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AAD97D8-955E-4E56-8F6A-D729139B3AFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-09] (Google LLC -> Google LLC)
Task: {2EEB5606-817C-49EA-9D6E-17533CB2DCBB} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {34BA5D64-66D1-448C-9580-1F0950316E4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {5BD05201-3DE1-451D-A652-22A3273DAAB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {615BF1D1-2337-435E-A9C7-617C30009485} - System32\Tasks\Opera scheduled assistant Autoupdate 1615316301 => C:\Users\Bojan\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Bojan\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {68DB51B5-23A1-49A6-B0EE-59E661499568} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {853B2362-CFFA-4B66-9AD9-269C9C1847D4} - System32\Tasks\Opera scheduled Autoupdate 1615316300 => C:\Users\Bojan\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software)
Task: {8C200A54-6734-4960-886C-92F11E2F5C6A} - System32\Tasks\Firefox Default Browser Agent 3D4D5FCD8C06D67C => C:\Users\Bojan\AppData\Roaming\hahchfg.exe <==== ATTENTION
Task: {93A9F377-3A8D-4B1E-93A6-4B00D9291E96} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {D4724E34-F57E-4286-84DC-C552F6A4D66E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EDDA5D95-A340-4AF3-8B18-5CDB448D755E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.122.99.128 109.122.99.129 1.1.1.1
Tcpip\..\Interfaces\{22d76757-1819-4709-beac-ba92e9b591dc}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{85ff6328-561d-4f5c-9487-6836d138693e}: [DhcpNameServer] 109.122.99.128 109.122.99.129 1.1.1.1
Tcpip\..\Interfaces\{ea755338-02fd-4267-8568-76a691446cbb}: [DhcpNameServer] 192.168.42.129

Edge:
=======
Edge Profile: C:\Users\Bojan\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-11]

FireFox:
========
FF DefaultProfile: 5es7r047.default
FF ProfilePath: C:\Users\Bojan\AppData\Roaming\Mozilla\Firefox\Profiles\5es7r047.default [2021-03-09]
FF ProfilePath: C:\Users\Bojan\AppData\Roaming\Mozilla\Firefox\Profiles\c8lhl878.default-release [2021-04-11]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\OFISIN~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default [2021-04-11]
CHR DownloadDir: C:\Users\Bojan\Desktop
CHR HomePage: Default -> hxxps://www.google.rs/?gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.rs/"
CHR Extension: (Slides) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-09]
CHR Extension: (Docs) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-09]
CHR Extension: (Google Drive) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-09]
CHR Extension: (YouTube) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-03-09]
CHR Extension: (Sheets) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-09]
CHR Extension: (Google Docs Offline) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Extension: (Gmail) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-09]

Opera:
=======
OPR Profile: C:\Users\Bojan\AppData\Roaming\Opera Software\Opera Stable [2021-04-11]
OPR DownloadDir: C:\Users\Bojan\Desktop
OPR StartupUrls: Opera Stable -> "hxxps://www.google.rs/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Bojan\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 11:45 - 2021-04-11 11:45 - 000017281 _____ C:\Users\Bojan\Desktop\FRST.txt
2021-04-11 08:00 - 2021-04-11 11:45 - 000000000 ____D C:\FRST
2021-04-11 07:59 - 2021-04-11 07:59 - 002297856 _____ (Farbar) C:\Users\Bojan\Desktop\FRST64.exe
2021-04-10 23:36 - 2021-04-10 23:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-10 23:28 - 2021-04-10 23:28 - 000159096 _____ (Oracle Corporation) C:\Program Files\hprof.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000150512 _____ C:\Program Files\jp2iexp.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000003712 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 3D4D5FCD8C06D67C
2021-04-10 23:28 - 2021-04-10 23:28 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Lab.lnk
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\ZKISUAGEUH2YIKE7NNVZKXX9U
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\FANIT80PXSYYDJ093DOCD490P
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\F7OOZ3G9MDZEUVINQ56P783P2
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\Program Files (x86)\Picture Lab
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\8498436.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\7154134.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\6683346.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\6555884.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\5428148.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\4427171.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\3828921.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\3171973.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\2973137.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\287846.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\2472649.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\246174.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\216473.exe
2021-04-10 23:25 - 2021-04-10 23:30 - 000000000 __SHD C:\Users\Bojan\AppData\Roaming\Mxmetamux
2021-04-10 23:25 - 2021-04-10 23:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\TASKDIRFORTASKCREATE
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files\MSBuild
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-10 23:23 - 2021-04-11 07:43 - 000000000 ___HD C:\ProgramData\Windows Host
2021-04-10 23:23 - 2021-04-10 23:28 - 000141296 _____ (Oracle Corporation) C:\Program Files\dcpr.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000015856 _____ C:\Program Files\jp2native.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000000199 _____ C:\Program Files\unins.vbs
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\Documents\VlcpVideoV1.0.1
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Programma configurater
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\llYHlSDJxbwekicZbE
2021-04-10 23:23 - 2021-04-10 23:24 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\sPiAfuTGyyVOZKeaLf
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 ____D C:\ProgramData\B29WDJHRPDAYVGMC3RYZM8I9E
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 ____D C:\Program Files (x86)\94c45254-6d52-40cc-93fb-b69707383880
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\7524605.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\7210982.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\6710493.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\4484019.exe
2021-04-10 16:18 - 2021-04-10 18:37 - 000000000 ____D C:\Users\Bojan\Desktop\Gume
2021-04-10 16:18 - 2021-04-10 17:43 - 000000000 ____D C:\Users\Bojan\Desktop\Clio
2021-04-10 16:18 - 2021-04-10 16:20 - 000000000 ____D C:\Users\Bojan\Desktop\Golf
2021-04-09 16:12 - 2021-04-09 16:23 - 000000000 ____D C:\ESD
2021-04-09 16:10 - 2021-04-09 16:10 - 000000000 ___HD C:\$Windows.~WS
2021-04-09 16:10 - 2021-04-09 16:10 - 000000000 ____D C:\$WINDOWS.~BT
2021-04-05 19:53 - 2021-04-10 06:19 - 000000000 ____D C:\Users\Bojan\Desktop\Golf 4 VAŽNO
2021-03-31 19:05 - 2021-03-31 19:05 - 000000000 ____D C:\Users\Bojan\AppData\Local\Viber
2021-03-31 16:40 - 2021-03-31 16:41 - 000000000 ____D C:\ProgramData\BlueStacks
2021-03-31 16:40 - 2021-03-31 16:40 - 000000000 ____D C:\Program Files\BlueStacks
2021-03-30 13:06 - 2021-04-09 14:40 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-03-29 21:27 - 2021-03-29 21:27 - 000000000 ____D C:\Users\Bojan\Desktop\Vakcina
2021-03-29 16:02 - 2021-03-29 16:03 - 000000000 ____D C:\Users\Bojan\Desktop\Brojila
2021-03-29 14:52 - 2021-03-29 15:07 - 000000000 ____D C:\Users\Bojan\Desktop\HT
2021-03-27 16:46 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Local\CrashDumps
2021-03-27 14:13 - 2021-04-05 19:25 - 000000069 _____ C:\Users\Bojan\Desktop\New Text Document.txt
2021-03-25 16:13 - 2021-03-25 16:13 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-25 16:13 - 2021-03-25 16:13 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-24 16:28 - 2021-03-24 16:28 - 000017625 _____ C:\Users\Bojan\Desktop\Super nova sifra.eml
2021-03-24 16:16 - 2021-04-11 11:41 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-23 21:01 - 2021-03-23 21:20 - 000000000 ____D C:\Users\Bojan\Desktop\Lenovo
2021-03-15 23:46 - 2020-10-22 02:24 - 005936224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-03-15 23:46 - 2020-10-22 02:08 - 042834558 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-03-15 23:46 - 2020-07-23 05:42 - 001138416 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2021-03-15 23:46 - 2020-07-23 05:42 - 000224288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-03-15 23:46 - 2020-07-23 05:41 - 000854120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-03-15 23:46 - 2020-07-23 05:36 - 001145480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-03-15 23:46 - 2020-07-23 05:36 - 000468792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-03-15 23:44 - 2021-03-15 23:51 - 000000000 ____D C:\Users\Bojan\AppData\Local\AMD
2021-03-15 23:44 - 2021-03-15 23:45 - 000000000 ____D C:\AMD
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\AMD
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Local\setup
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Local\cache
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Program Files (x86)\AMD
2021-03-15 23:43 - 2021-03-15 23:43 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-03-15 23:41 - 2021-03-15 23:41 - 000000000 ____D C:\Users\Bojan\AppData\Local\RadeonInstaller
2021-03-15 23:28 - 2021-03-15 23:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-03-15 23:28 - 2021-03-15 23:28 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-03-14 17:04 - 2021-03-14 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-03-13 11:12 - 2021-03-13 11:12 - 000000000 ____D C:\Users\Bojan\AppData\Local\Steam
2021-03-13 11:10 - 2021-03-22 08:14 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-13 11:10 - 2021-03-13 11:10 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2021-03-13 11:10 - 2021-03-13 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-12 23:32 - 2021-03-12 23:32 - 000344064 _____ C:\Users\Bojan\Documents\Database2.accdb
2021-03-12 23:28 - 2021-03-12 23:28 - 000344064 _____ C:\Users\Bojan\Documents\Database1.accdb
2021-03-12 23:03 - 2021-03-12 23:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-12 23:01 - 2021-03-12 23:01 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2021-03-12 23:00 - 2021-04-10 23:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-03-12 23:00 - 2021-03-12 23:01 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\Microsoft Help
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-03-12 22:59 - 2021-03-12 22:59 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-12 22:24 - 2021-03-12 22:24 - 000000000 ___HD C:\$AV_ASW
2021-03-12 22:01 - 2021-04-10 23:20 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\uTorrent
2021-03-12 22:01 - 2021-03-12 22:03 - 000000000 ____D C:\Users\Bojan\AppData\Local\BitTorrentHelper
2021-03-12 22:01 - 2021-03-12 22:01 - 000000896 _____ C:\Users\Bojan\Desktop\µTorrent.lnk
2021-03-12 22:01 - 2021-03-12 22:01 - 000000876 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2021-03-12 22:00 - 2021-03-12 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\UT008

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 11:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-11 11:42 - 2021-03-09 19:02 - 000000000 ____D C:\Users\Bojan\AppData\Local\D3DSCache
2021-04-11 11:41 - 2020-11-19 09:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-11 07:49 - 2020-11-19 09:54 - 000841126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-11 07:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-11 07:44 - 2021-03-09 21:16 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\eM Client
2021-04-11 07:44 - 2021-03-09 20:37 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-11 07:43 - 2021-03-09 21:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-11 07:43 - 2021-03-09 21:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-11 07:43 - 2021-03-09 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-11 07:43 - 2020-11-19 09:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-11 00:34 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-10 23:36 - 2021-03-09 21:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-10 23:36 - 2021-03-09 21:11 - 000000000 ____D C:\Users\Bojan\AppData\LocalLow\Mozilla
2021-04-10 23:36 - 2021-03-09 21:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-10 23:31 - 2021-03-09 18:31 - 000000000 ____D C:\Users\Bojan\AppData\Local\Packages
2021-04-10 23:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-10 23:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-10 23:30 - 2021-03-09 18:33 - 000000000 ____D C:\Users\Bojan\AppData\Local\PlaceholderTileLogoFolder
2021-04-10 23:28 - 2021-03-09 18:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-10 23:28 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-10 23:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-10 18:29 - 2021-03-10 19:12 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\ProMod
2021-04-10 16:58 - 2020-11-19 09:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-09 16:23 - 2021-03-09 21:07 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-09 14:40 - 2021-03-09 21:16 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-04-09 13:49 - 2021-03-09 18:50 - 000000000 ____D C:\Users\Bojan\Documents\ViberDownloads
2021-04-07 11:35 - 2021-03-09 21:52 - 000004158 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1615316300
2021-04-07 11:35 - 2021-03-09 20:58 - 000001409 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-04-07 07:26 - 2021-03-09 22:22 - 000003926 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-04-06 06:12 - 2021-03-09 21:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-02 06:46 - 2021-03-09 18:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 06:16 - 2021-03-09 19:02 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-04-02 06:16 - 2021-03-09 19:02 - 000000000 ____D C:\Games
2021-03-31 21:06 - 2021-03-09 18:50 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\ViberPC
2021-03-31 19:18 - 2021-03-09 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\BlueStacksSetup
2021-03-31 16:41 - 2021-03-09 22:02 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2021-03-31 16:41 - 2021-03-09 22:02 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2021-03-31 16:41 - 2021-03-09 22:02 - 000001912 _____ C:\ProgramData\Desktop\BlueStacks.lnk
2021-03-31 16:40 - 2021-03-09 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\Bluestacks
2021-03-28 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-27 17:42 - 2021-03-11 20:05 - 000000029 _____ C:\Users\Bojan\Desktop\Banka.txt
2021-03-25 16:13 - 2021-03-09 20:38 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-25 16:13 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-16 01:25 - 2020-11-19 09:48 - 000000000 ____D C:\ProgramData\Packages
2021-03-15 23:42 - 2021-03-09 19:34 - 000000000 ____D C:\Program Files\AMD
2021-03-15 20:59 - 2021-03-09 21:52 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3910170956-1247854177-3012191338-1001
2021-03-15 20:59 - 2021-03-09 21:49 - 000002367 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 20:59 - 2021-03-09 18:33 - 000000000 ___RD C:\Users\Bojan\OneDrive
2021-03-14 16:57 - 2021-03-09 21:49 - 000000000 ____D C:\Users\Bojan
2021-03-14 00:51 - 2021-03-10 00:53 - 000000517 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-03-13 18:21 - 2021-03-09 22:29 - 000000246 _____ C:\Users\Bojan\Desktop\Brawl.txt
2021-03-12 23:31 - 2021-03-09 18:47 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Skype
2021-03-12 23:19 - 2020-11-19 09:43 - 000437696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 23:05 - 2018-09-15 09:31 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-12 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\216473.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\246174.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\2472649.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\287846.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\2973137.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\3171973.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\3828921.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\4427171.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\4484019.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\5428148.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\6555884.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\6683346.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\6710493.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\7154134.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\7210982.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\7524605.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\8498436.exe
2021-04-10 23:23 - 2021-04-10 23:28 - 000022848 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-convert-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000023360 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000024896 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-string-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000141296 _____ (Oracle Corporation) C:\Program Files\dcpr.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000159096 _____ (Oracle Corporation) C:\Program Files\hprof.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000150512 _____ () C:\Program Files\jp2iexp.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000015856 _____ () C:\Program Files\jp2native.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000000199 _____ () C:\Program Files\unins.vbs
2021-03-09 21:32 - 2021-03-09 23:20 - 000000114 _____ () C:\Users\Bojan\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-03-09 21:08 - 2021-03-09 21:08 - 000000017 _____ () C:\Users\Bojan\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Dopuna: 11 Apr 2021 10:48

mycity.rs/must-login.png

Poslao: 11 Apr 2021 13:23
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Probacemo sa malwarebajtova, ako ne uspe, rucno cemo. Dacu ti pripremljeno uputstvo za MBAM, sad se postupak malo razlikuje, ali snaci ces se.
Koji si program skidao sa torrenta?

Malwarebytes; https://www.malwarebytes.com/
=> kako instalirati Malwarebytes : https://www.malwarebytes.com/mwb-download/thankyou/

Instaliraj program, klik na Scanner da bi izvrsio skeniranje sistema. Ako MBAM detektuje neke unose, dozvoli mu uklanjanje.

Snimi logfile i postavi mi MBAM logfile na uvid:

* Kada se skeiranje zavrsi klik na View report. Na Advanced tabu klik na Export dugme a potom izaberi Text file (*.txt)

* Kada se "Save File" dijalog otvori, izaberi Desktop. Pod File name: upisi mbam za naziv izvestaja.
Pojavice se Your file has been successfully exported poruka, klik OK i zatvori prozore.


• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju .

Poslao: 11 Apr 2021 13:57
Idi na vrh
offline
  • Pridružio: 01 Nov 2011
  • Poruke: 89

Skidao sam Adobe lightroom :S

Nije bila baš procedura kako si napisao ali valjda sam ok snimio.

mycity.rs/must-login.png

Poslao: 11 Apr 2021 14:01
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zasto nisi uklonio sta je nasao?

Poslao: 11 Apr 2021 14:10
Idi na vrh
offline
  • Pridružio: 01 Nov 2011
  • Poruke: 89

Evo sada sam ih stavio u karantin, jedino tu opciju imam.

mycity.rs/must-login.png

Poslao: 11 Apr 2021 14:12
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Odlicno.

Postavi mi novi FRST log, da uklonimo ostatak.

Poslao: 11 Apr 2021 14:16
Idi na vrh
offline
  • Pridružio: 01 Nov 2011
  • Poruke: 89

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2021
Ran by Bojan (administrator) on BOJANPC (Micro-Star International Co., Ltd. MS-7C95) (11-04-2021 15:14:50)
Running from C:\Users\Bojan\Desktop
Loaded Profiles: Bojan
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0362846.inf_amd64_6c9deb6524ba1c5b\B362533\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0362846.inf_amd64_6c9deb6524ba1c5b\B362533\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(eM Client, s.r.o. -> eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe <2>
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\Bojan\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) [File not signed] C:\Games\World_of_Tanks_EU\win64\cef_browser_process.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\cef_subprocess.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\WorldOfTanks.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138416 2020-07-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Viber] => C:\Users\Bojan\AppData\Local\Viber\Viber.exe [48844504 2021-03-29] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Opera Browser Assistant] => C:\Users\Bojan\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3368600 2021-03-04] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [253544 2021-04-07] (eM Client, s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3910170956-1247854177-3012191338-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar265.lnk [2021-04-11]
ShortcutTarget: Sidebar265.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0344CBDC-5303-466D-8C5B-700CC54F2F1A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {0B683E33-908B-43AA-90D7-F2D216D0F34B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-09] (Google LLC -> Google LLC)
Task: {186FA48F-87BA-4B37-B8A1-10A61A65A6F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AAD97D8-955E-4E56-8F6A-D729139B3AFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-09] (Google LLC -> Google LLC)
Task: {2EEB5606-817C-49EA-9D6E-17533CB2DCBB} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {34BA5D64-66D1-448C-9580-1F0950316E4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {5BD05201-3DE1-451D-A652-22A3273DAAB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {615BF1D1-2337-435E-A9C7-617C30009485} - System32\Tasks\Opera scheduled assistant Autoupdate 1615316301 => C:\Users\Bojan\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Bojan\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {68DB51B5-23A1-49A6-B0EE-59E661499568} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {6DE0C01C-0855-4F55-8411-BE835A395F2A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {853B2362-CFFA-4B66-9AD9-269C9C1847D4} - System32\Tasks\Opera scheduled Autoupdate 1615316300 => C:\Users\Bojan\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software)
Task: {8C200A54-6734-4960-886C-92F11E2F5C6A} - System32\Tasks\Firefox Default Browser Agent 3D4D5FCD8C06D67C => C:\Users\Bojan\AppData\Roaming\hahchfg.exe <==== ATTENTION
Task: {93A9F377-3A8D-4B1E-93A6-4B00D9291E96} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {D4724E34-F57E-4286-84DC-C552F6A4D66E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.122.99.128 109.122.99.129 1.1.1.1
Tcpip\..\Interfaces\{22d76757-1819-4709-beac-ba92e9b591dc}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{85ff6328-561d-4f5c-9487-6836d138693e}: [DhcpNameServer] 109.122.99.128 109.122.99.129 1.1.1.1
Tcpip\..\Interfaces\{ea755338-02fd-4267-8568-76a691446cbb}: [DhcpNameServer] 192.168.42.129

Edge:
=======
Edge Profile: C:\Users\Bojan\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-11]

FireFox:
========
FF DefaultProfile: 5es7r047.default
FF ProfilePath: C:\Users\Bojan\AppData\Roaming\Mozilla\Firefox\Profiles\5es7r047.default [2021-03-09]
FF ProfilePath: C:\Users\Bojan\AppData\Roaming\Mozilla\Firefox\Profiles\c8lhl878.default-release [2021-04-11]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\OFISIN~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default [2021-04-11]
CHR DownloadDir: C:\Users\Bojan\Desktop
CHR HomePage: Default -> hxxps://www.google.rs/?gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.rs/"
CHR Extension: (Slides) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-09]
CHR Extension: (Docs) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-09]
CHR Extension: (Google Drive) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-09]
CHR Extension: (YouTube) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-03-09]
CHR Extension: (Sheets) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-09]
CHR Extension: (Google Docs Offline) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Extension: (Gmail) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Bojan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-09]

Opera:
=======
OPR Profile: C:\Users\Bojan\AppData\Roaming\Opera Software\Opera Stable [2021-04-11]
OPR DownloadDir: C:\Users\Bojan\Desktop
OPR StartupUrls: Opera Stable -> "hxxps://www.google.rs/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Bojan\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 15:09 - 2021-04-11 15:09 - 000010612 _____ C:\Users\Bojan\Desktop\mbam.txt
2021-04-11 14:52 - 2021-04-11 14:52 - 000000000 ____D C:\Users\Bojan\AppData\Local\mbam
2021-04-11 14:51 - 2021-04-11 14:51 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-11 14:51 - 2021-04-11 14:51 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-11 14:51 - 2021-04-11 14:51 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-11 14:51 - 2021-04-11 14:51 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-11 14:51 - 2021-04-11 14:51 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-11 14:51 - 2021-04-11 14:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-11 14:51 - 2021-04-11 14:51 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-11 11:45 - 2021-04-11 15:15 - 000017750 _____ C:\Users\Bojan\Desktop\FRST.txt
2021-04-11 08:00 - 2021-04-11 15:14 - 000000000 ____D C:\FRST
2021-04-11 07:59 - 2021-04-11 07:59 - 002297856 _____ (Farbar) C:\Users\Bojan\Desktop\FRST64.exe
2021-04-10 23:36 - 2021-04-10 23:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-10 23:28 - 2021-04-10 23:28 - 000159096 _____ (Oracle Corporation) C:\Program Files\hprof.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000150512 _____ C:\Program Files\jp2iexp.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000003712 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 3D4D5FCD8C06D67C
2021-04-10 23:28 - 2021-04-10 23:28 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Lab.lnk
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\ZKISUAGEUH2YIKE7NNVZKXX9U
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\FANIT80PXSYYDJ093DOCD490P
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\ProgramData\F7OOZ3G9MDZEUVINQ56P783P2
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 ____D C:\Program Files (x86)\Picture Lab
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\8498436.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\7154134.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\6683346.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\6555884.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\5428148.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\4427171.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\3828921.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\3171973.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\2973137.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ C:\ProgramData\2472649.exe
2021-04-10 23:25 - 2021-04-10 23:30 - 000000000 __SHD C:\Users\Bojan\AppData\Roaming\Mxmetamux
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files\MSBuild
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-10 23:24 - 2021-04-10 23:24 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-10 23:23 - 2021-04-11 15:08 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\sPiAfuTGyyVOZKeaLf
2021-04-10 23:23 - 2021-04-11 15:08 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\llYHlSDJxbwekicZbE
2021-04-10 23:23 - 2021-04-11 07:43 - 000000000 ___HD C:\ProgramData\Windows Host
2021-04-10 23:23 - 2021-04-10 23:28 - 000141296 _____ (Oracle Corporation) C:\Program Files\dcpr.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000015856 _____ C:\Program Files\jp2native.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000000199 _____ C:\Program Files\unins.vbs
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\Documents\VlcpVideoV1.0.1
2021-04-10 23:23 - 2021-04-10 23:28 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Programma configurater
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 ____D C:\ProgramData\B29WDJHRPDAYVGMC3RYZM8I9E
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 ____D C:\Program Files (x86)\94c45254-6d52-40cc-93fb-b69707383880
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\7524605.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\7210982.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\6710493.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ C:\ProgramData\4484019.exe
2021-04-10 16:18 - 2021-04-10 18:37 - 000000000 ____D C:\Users\Bojan\Desktop\Gume
2021-04-10 16:18 - 2021-04-10 17:43 - 000000000 ____D C:\Users\Bojan\Desktop\Clio
2021-04-10 16:18 - 2021-04-10 16:20 - 000000000 ____D C:\Users\Bojan\Desktop\Golf
2021-04-09 16:12 - 2021-04-09 16:23 - 000000000 ____D C:\ESD
2021-04-09 16:10 - 2021-04-09 16:10 - 000000000 ___HD C:\$Windows.~WS
2021-04-09 16:10 - 2021-04-09 16:10 - 000000000 ____D C:\$WINDOWS.~BT
2021-04-05 19:53 - 2021-04-10 06:19 - 000000000 ____D C:\Users\Bojan\Desktop\Golf 4 VAŽNO
2021-03-31 19:05 - 2021-03-31 19:05 - 000000000 ____D C:\Users\Bojan\AppData\Local\Viber
2021-03-31 16:40 - 2021-03-31 16:41 - 000000000 ____D C:\ProgramData\BlueStacks
2021-03-31 16:40 - 2021-03-31 16:40 - 000000000 ____D C:\Program Files\BlueStacks
2021-03-30 13:06 - 2021-04-09 14:40 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-03-29 21:27 - 2021-03-29 21:27 - 000000000 ____D C:\Users\Bojan\Desktop\Vakcina
2021-03-29 16:02 - 2021-03-29 16:03 - 000000000 ____D C:\Users\Bojan\Desktop\Brojila
2021-03-29 14:52 - 2021-03-29 15:07 - 000000000 ____D C:\Users\Bojan\Desktop\HT
2021-03-27 16:46 - 2021-04-11 15:06 - 000000000 ____D C:\Users\Bojan\AppData\Local\CrashDumps
2021-03-27 14:13 - 2021-04-05 19:25 - 000000069 _____ C:\Users\Bojan\Desktop\New Text Document.txt
2021-03-25 16:13 - 2021-03-25 16:13 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-25 16:13 - 2021-03-25 16:13 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-24 16:28 - 2021-03-24 16:28 - 000017625 _____ C:\Users\Bojan\Desktop\Super nova sifra.eml
2021-03-24 16:16 - 2021-04-11 14:48 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-23 21:01 - 2021-03-23 21:20 - 000000000 ____D C:\Users\Bojan\Desktop\Lenovo
2021-03-15 23:46 - 2020-10-22 02:24 - 005936224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-03-15 23:46 - 2020-10-22 02:08 - 042834558 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-03-15 23:46 - 2020-07-23 05:42 - 001138416 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2021-03-15 23:46 - 2020-07-23 05:42 - 000224288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-03-15 23:46 - 2020-07-23 05:41 - 000854120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-03-15 23:46 - 2020-07-23 05:36 - 001145480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-03-15 23:46 - 2020-07-23 05:36 - 000468792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-03-15 23:44 - 2021-03-15 23:51 - 000000000 ____D C:\Users\Bojan\AppData\Local\AMD
2021-03-15 23:44 - 2021-03-15 23:45 - 000000000 ____D C:\AMD
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\AMD
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Local\setup
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Users\Bojan\AppData\Local\cache
2021-03-15 23:44 - 2021-03-15 23:44 - 000000000 ____D C:\Program Files (x86)\AMD
2021-03-15 23:43 - 2021-03-15 23:43 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-03-15 23:41 - 2021-03-15 23:41 - 000000000 ____D C:\Users\Bojan\AppData\Local\RadeonInstaller
2021-03-15 23:28 - 2021-03-15 23:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-03-15 23:28 - 2021-03-15 23:28 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-03-14 17:04 - 2021-03-14 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-03-13 11:12 - 2021-03-13 11:12 - 000000000 ____D C:\Users\Bojan\AppData\Local\Steam
2021-03-13 11:10 - 2021-03-22 08:14 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-13 11:10 - 2021-03-13 11:10 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2021-03-13 11:10 - 2021-03-13 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-12 23:32 - 2021-03-12 23:32 - 000344064 _____ C:\Users\Bojan\Documents\Database2.accdb
2021-03-12 23:28 - 2021-03-12 23:28 - 000344064 _____ C:\Users\Bojan\Documents\Database1.accdb
2021-03-12 23:03 - 2021-03-12 23:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-12 23:01 - 2021-03-12 23:01 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2021-03-12 23:01 - 2021-03-12 23:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2021-03-12 23:00 - 2021-04-11 15:08 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-03-12 23:00 - 2021-03-12 23:01 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\Microsoft Help
2021-03-12 23:00 - 2021-03-12 23:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-03-12 22:59 - 2021-03-12 22:59 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-12 22:24 - 2021-03-12 22:24 - 000000000 ___HD C:\$AV_ASW
2021-03-12 22:01 - 2021-04-10 23:20 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\uTorrent
2021-03-12 22:01 - 2021-03-12 22:03 - 000000000 ____D C:\Users\Bojan\AppData\Local\BitTorrentHelper
2021-03-12 22:01 - 2021-03-12 22:01 - 000000896 _____ C:\Users\Bojan\Desktop\µTorrent.lnk
2021-03-12 22:01 - 2021-03-12 22:01 - 000000876 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2021-03-12 22:00 - 2021-03-12 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\UT008

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 14:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-11 14:54 - 2020-11-19 09:54 - 000841126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-11 14:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-11 14:51 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-11 14:50 - 2021-03-09 20:37 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-11 14:49 - 2021-03-09 21:16 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\eM Client
2021-04-11 14:48 - 2021-03-09 21:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-11 14:48 - 2020-11-19 09:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-11 13:42 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-11 13:35 - 2020-11-19 09:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-11 11:42 - 2021-03-09 19:02 - 000000000 ____D C:\Users\Bojan\AppData\Local\D3DSCache
2021-04-11 07:43 - 2021-03-09 21:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-11 07:43 - 2021-03-09 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-10 23:36 - 2021-03-09 21:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-10 23:36 - 2021-03-09 21:11 - 000000000 ____D C:\Users\Bojan\AppData\LocalLow\Mozilla
2021-04-10 23:36 - 2021-03-09 21:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-10 23:31 - 2021-03-09 18:31 - 000000000 ____D C:\Users\Bojan\AppData\Local\Packages
2021-04-10 23:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-10 23:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-10 23:30 - 2021-03-09 18:33 - 000000000 ____D C:\Users\Bojan\AppData\Local\PlaceholderTileLogoFolder
2021-04-10 23:28 - 2021-03-09 18:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-10 23:28 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-10 23:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-10 18:29 - 2021-03-10 19:12 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\ProMod
2021-04-10 16:58 - 2020-11-19 09:46 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-09 16:23 - 2021-03-09 21:07 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-09 14:40 - 2021-03-09 21:16 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-04-09 13:49 - 2021-03-09 18:50 - 000000000 ____D C:\Users\Bojan\Documents\ViberDownloads
2021-04-07 11:35 - 2021-03-09 21:52 - 000004158 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1615316300
2021-04-07 11:35 - 2021-03-09 20:58 - 000001409 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-04-07 07:26 - 2021-03-09 22:22 - 000003926 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-04-06 06:12 - 2021-03-09 21:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-02 06:46 - 2021-03-09 18:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 06:16 - 2021-03-09 19:02 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-04-02 06:16 - 2021-03-09 19:02 - 000000000 ____D C:\Games
2021-03-31 21:06 - 2021-03-09 18:50 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\ViberPC
2021-03-31 19:18 - 2021-03-09 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\BlueStacksSetup
2021-03-31 16:41 - 2021-03-09 22:02 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2021-03-31 16:41 - 2021-03-09 22:02 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2021-03-31 16:41 - 2021-03-09 22:02 - 000001912 _____ C:\ProgramData\Desktop\BlueStacks.lnk
2021-03-31 16:40 - 2021-03-09 22:00 - 000000000 ____D C:\Users\Bojan\AppData\Local\Bluestacks
2021-03-28 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-27 17:42 - 2021-03-11 20:05 - 000000029 _____ C:\Users\Bojan\Desktop\Banka.txt
2021-03-25 16:13 - 2021-03-09 20:38 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-25 16:13 - 2021-03-09 20:38 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-16 01:25 - 2020-11-19 09:48 - 000000000 ____D C:\ProgramData\Packages
2021-03-15 23:42 - 2021-03-09 19:34 - 000000000 ____D C:\Program Files\AMD
2021-03-15 20:59 - 2021-03-09 21:52 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3910170956-1247854177-3012191338-1001
2021-03-15 20:59 - 2021-03-09 21:49 - 000002367 _____ C:\Users\Bojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 20:59 - 2021-03-09 18:33 - 000000000 ___RD C:\Users\Bojan\OneDrive
2021-03-14 16:57 - 2021-03-09 21:49 - 000000000 ____D C:\Users\Bojan
2021-03-14 00:51 - 2021-03-10 00:53 - 000000517 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-03-13 18:21 - 2021-03-09 22:29 - 000000246 _____ C:\Users\Bojan\Desktop\Brawl.txt
2021-03-12 23:31 - 2021-03-09 18:47 - 000000000 ____D C:\Users\Bojan\AppData\Roaming\Skype
2021-03-12 23:19 - 2020-11-19 09:43 - 000437696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 23:05 - 2018-09-15 09:31 - 000000167 _____ C:\WINDOWS\win.ini
2021-03-12 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\2472649.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\2973137.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\3171973.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\3828921.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\4427171.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\4484019.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\5428148.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\6555884.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\6683346.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\6710493.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\7154134.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\7210982.exe
2021-04-10 23:23 - 2021-04-10 23:23 - 000000000 _____ () C:\ProgramData\7524605.exe
2021-04-10 23:28 - 2021-04-10 23:28 - 000000000 _____ () C:\ProgramData\8498436.exe
2021-04-10 23:23 - 2021-04-10 23:28 - 000022848 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-convert-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000023360 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000024896 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-string-l1-1-0.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000141296 _____ (Oracle Corporation) C:\Program Files\dcpr.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000159096 _____ (Oracle Corporation) C:\Program Files\hprof.dll
2021-04-10 23:28 - 2021-04-10 23:28 - 000150512 _____ () C:\Program Files\jp2iexp.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000015856 _____ () C:\Program Files\jp2native.dll
2021-04-10 23:23 - 2021-04-10 23:28 - 000000199 _____ () C:\Program Files\unins.vbs
2021-03-09 21:32 - 2021-03-09 23:20 - 000000114 _____ () C:\Users\Bojan\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-03-09 21:08 - 2021-03-09 21:08 - 000000017 _____ () C:\Users\Bojan\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
mycity.rs/must-login.png

Poslao: 11 Apr 2021 14:37
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {8C200A54-6734-4960-886C-92F11E2F5C6A} - System32\Tasks\Firefox Default Browser Agent 3D4D5FCD8C06D67C => C:\Users\Bojan\AppData\Roaming\hahchfg.exe <==== ATTENTION
C:\Users\Bojan\AppData\Roaming\hahchfg.exe
C:\ProgramData\7210982.exe
C:\ProgramData\6710493.exe
C:\ProgramData\4484019.exe
C:\ProgramData\B29WDJHRPDAYVGMC3RYZM8I9E
C:\Program Files (x86)\94c45254-6d52-40cc-93fb-b69707383880
C:\Users\Bojan\AppData\Roaming\sPiAfuTGyyVOZKeaLf
C:\Users\Bojan\AppData\Roaming\llYHlSDJxbwekicZbE
C:\ProgramData\8498436.exe
C:\ProgramData\7154134.exe
C:\ProgramData\6683346.exe
C:\ProgramData\6555884.exe
C:\ProgramData\5428148.exe
C:\ProgramData\4427171.exe
C:\ProgramData\3828921.exe
C:\ProgramData\3171973.exe
C:\ProgramData\2973137.exe
C:\ProgramData\2472649.exe
C:\ProgramData\ZKISUAGEUH2YIKE7NNVZKXX9U
C:\ProgramData\FANIT80PXSYYDJ093DOCD490P
C:\ProgramData\F7OOZ3G9MDZEUVINQ56P783P2
C:\Users\Bojan\Documents\VlcpVideoV1.0.1
C:\Users\Bojan\AppData\Roaming\Mxmetamux
C:\Users\Bojan\AppData\Roaming\Programma configurater


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

MyCity » Ambulanta » Virusi provera

Ko je trenutno na forumu
 

Ukupno su 859 korisnika na forumu :: 31 registrovanih, 5 sakrivenih i 823 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Battlehammer, bojank, Boris90, DonRumataEstorski, DPera, dragoljub11987, esx66, ivan1973, Jahorina, JOntra, laurusri, Leonov, Lucije Kvint, MB120mm, mercedesamg, mikrimaus, milutin134, mrav pesadinac, nebojsag, Nemanja.M, nemkea71, nesa1962, nikoladim, nuke92, ozzy, pein, Romibrat, vathra, vlajkox, voja64