Bitcoin.miner

1

Bitcoin.miner

offline
  • Pridružio: 08 Apr 2012
  • Poruke: 34

Pozdrav,

Imam ogroman problem sa ovim trojancem, potpuno mi je preuzeo računar, CPU ide na 80% kada ništa nije aktivno, grafika je usijana, brawseri se gase i blokiraju čim pokušam da pronađem rešenje za virus (osim iz Safe Moda).

Probala sam da očistm sa malwarebytes, Rkill, Zemana, AdwCleaner, HitmanPro, Super Antispyware, ali se opet vraća ..

Unapred hvala!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.08.2018
Ran by Milena (administrator) on MILENA-PC (02-08-2018 16:33:43)
Running from C:\Users\Milena\Downloads
Loaded Profiles: Milena (Available Profiles: Milena)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-07-17] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-01] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8898480 2018-07-03] (SUPERAntiSpyware)
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\MountPoints2: {47c4638a-c8da-11e7-93de-806e6f6e6963} - H:\setup.exe
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\MountPoints2: {593767c5-c899-11e7-901a-94de800f2cfb} - G:\Autoplay.exe -auto

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{04EF7F64-C9E7-4834-9E2B-96CB4E59C604}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3033977378-3665412441-967778144-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-08-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-13] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-08-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: aw4ypeg2.default
FF ProfilePath: C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default [2018-08-02]
FF user.js: detected! => C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\user.js [2017-06-30]
FF Homepage: Mozilla\Firefox\Profiles\aw4ypeg2.default -> hxxps://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\aw4ypeg2.default -> about:newtab
FF Extension: (German Dictionary) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2018-03-06] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\sp@avast.com.xpi [2018-08-02]
FF Extension: (Avast Online Security) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\wrc@avast.com.xpi [2018-08-01]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-04]
FF Extension: (Adblock Plus) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-31] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-31] ()
FF Plugin-x32: @DVR/npmedia,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npmedia.dll [2015-02-03] ()
FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npTimeGrid.dll [2015-02-03] (Unauthorized copy)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2018-07-21]

Chrome:
=======
CHR Profile: C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default [2018-08-02]
CHR Extension: (Slides) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-13]
CHR Extension: (Docs) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-13]
CHR Extension: (Google Drive) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-13]
CHR Extension: (YouTube) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-15]
CHR Extension: (Sheets) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-15]
CHR Extension: (Avast Online Security) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-08-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-01] (AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-01] (AVAST Software)
S2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-07-17] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7829784 2018-07-17] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-07] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-11-14] (NVIDIA Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-01] (Nalpeiron Ltd.) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-11-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-11-14] (NVIDIA Corporation)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2896896 2017-09-29] (Microsoft Corporation) [File not signed]
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-04-11] (Wondershare)
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-08-01] (AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-08-01] (AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-08-01] (AVAST Software)
S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-01] (AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-08-01] (AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-08-01] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-08-01] (AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-08-01] (AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-08-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-08-01] (AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-08-01] (AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-08-01] (AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-08-01] (AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-08-01] (AVAST Software)
S1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189544 2018-07-17] (AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [222288 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [194224 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [339048 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51952 2018-07-17] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-07-17] (AVG Technologies CZ, s.r.o.)
S2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [152016 2018-07-17] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [104256 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2018-07-17] (AVG Technologies CZ, s.r.o.)
S1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-07-17] (AVG Technologies CZ, s.r.o.)
S1 avgSP; C:\Windows\System32\drivers\avgSP.sys [458024 2018-07-23] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [203544 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-07-17] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-13] (Disc Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-08-01] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-02] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-14] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-11-14] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-08-01] (Zemana Ltd.)
S1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-08-01] (Zemana Ltd.)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-02 16:33 - 2018-08-02 16:34 - 000021123 _____ C:\Users\Milena\Downloads\FRST.txt
2018-08-02 16:33 - 2018-08-02 16:33 - 002412544 _____ (Farbar) C:\Users\Milena\Downloads\FRST64.exe
2018-08-02 16:33 - 2018-08-02 16:33 - 000000000 ____D C:\FRST
2018-08-02 16:27 - 2018-08-02 16:27 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-02 14:03 - 2018-08-02 14:03 - 000002126 _____ C:\Users\Public\Desktop\Perfect Photo Suite 9.lnk
2018-08-02 12:19 - 2018-08-02 12:19 - 000000000 ____D C:\Users\Milena\Downloads\OnOne Software Perfect Photo Suite 9.5.1.1644 + KeyGen - softasm.com
2018-08-02 12:15 - 2018-08-02 12:15 - 000328192 _____ C:\Windows\SysWOW64\IDR_RCDATA.bin
2018-08-02 12:08 - 2018-08-02 12:12 - 575926484 _____ C:\Users\Milena\Downloads\OnOne Software Perfect Photo Suite 9.5.1.1644 + KeyGen - softasm.com.rar
2018-08-02 11:45 - 2018-08-02 11:45 - 000000000 ____D C:\Users\Milena\Downloads\ONONE PERFECT PHOTO SUITE PREMIUM ED V9.5.0-XFORCE [GloDLS]
2018-08-02 11:42 - 2018-08-02 11:42 - 000000000 ____D C:\Users\Milena\Downloads\Keygen Only onOne Perfect Photo Suite 9021335 Premium Full Keygen
2018-08-02 11:41 - 2018-08-02 11:41 - 001050112 _____ C:\Users\Milena\Downloads\Keygen Only onOne Perfect Photo Suite 9021335 Premium Full Keygen.zip
2018-08-02 11:26 - 2018-08-02 11:26 - 000000000 ____D C:\ProgramData\Nalpeiron
2018-08-01 23:28 - 2018-08-02 01:00 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-08-01 23:25 - 2018-08-02 10:47 - 000328192 _____ C:\Windows\SysWOW64\SelfFolder.idc
2018-08-01 23:12 - 2018-08-02 10:48 - 000000000 ____D C:\Users\Milena\AppData\Local\AVAST Software
2018-08-01 23:12 - 2018-08-01 23:12 - 000001959 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-01 23:12 - 2018-08-01 23:12 - 000000000 ____D C:\Users\Milena\AppData\Roaming\AVAST Software
2018-08-01 23:12 - 2018-08-01 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-08-01 23:11 - 2018-08-02 10:52 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-01 23:11 - 2018-08-01 23:11 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-08-01 23:10 - 2018-08-01 23:24 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-01 23:10 - 2018-08-01 23:10 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-08-01 23:10 - 2018-08-01 23:09 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-01 23:09 - 2018-08-01 23:09 - 000000000 ____D C:\Program Files\AVAST Software
2018-08-01 23:08 - 2018-08-02 13:18 - 000000000 ____D C:\ProgramData\AVAST Software
2018-08-01 23:07 - 2018-08-01 23:08 - 000178320 _____ (AVAST Software) C:\Users\Milena\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2018-08-01 21:31 - 2018-08-01 21:31 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2018-08-01 21:31 - 2018-08-01 21:31 - 000001893 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-08-01 21:31 - 2018-08-01 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-08-01 21:31 - 2018-08-01 21:31 - 000000000 ____D C:\Program Files\HitmanPro
2018-08-01 21:30 - 2018-08-01 22:21 - 000000000 ____D C:\ProgramData\HitmanPro
2018-08-01 21:29 - 2018-08-01 21:29 - 011576808 _____ (SurfRight B.V.) C:\Users\Milena\Downloads\hitmanpro_x64(1).exe
2018-08-01 21:28 - 2018-08-01 21:28 - 011576808 _____ (SurfRight B.V.) C:\Users\Milena\Downloads\hitmanpro_x64.exe
2018-08-01 21:02 - 2018-08-01 21:04 - 576205002 _____ C:\Users\Milena\Downloads\onOne Perfect Photo Suite 9.5.0.1644 Premium Edition.rar
2018-08-01 19:20 - 2018-08-01 19:21 - 007417040 _____ (Malwarebytes) C:\Users\Milena\Downloads\adwcleaner_7.2.2.exe
2018-08-01 19:19 - 2018-08-01 19:23 - 000000000 ____D C:\AdwCleaner
2018-08-01 19:18 - 2018-08-01 19:18 - 007395536 _____ (Malwarebytes) C:\Users\Milena\Downloads\AdwCleaner.exe
2018-08-01 18:19 - 2018-08-02 16:25 - 013313827 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-08-01 18:19 - 2018-08-02 16:25 - 000827429 _____ C:\Windows\ZAM.krnl.trace
2018-08-01 18:19 - 2018-08-01 18:19 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2018-08-01 18:19 - 2018-08-01 18:19 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2018-08-01 18:19 - 2018-08-01 18:19 - 000001185 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-08-01 18:19 - 2018-08-01 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-08-01 18:19 - 2018-08-01 18:19 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-08-01 18:10 - 2018-08-01 18:10 - 006625600 _____ (Zemana Ltd. ) C:\Users\Milena\Downloads\Zemana.AntiMalware.Setup.exe
2018-08-01 18:10 - 2018-08-01 18:10 - 000000000 ____D C:\Users\Milena\AppData\Local\Zemana
2018-08-01 18:06 - 2018-08-01 18:07 - 000004372 _____ C:\Users\Milena\Desktop\Rkill.txt
2018-08-01 18:06 - 2018-08-01 18:06 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Milena\Downloads\rkill.exe
2018-08-01 17:53 - 2018-08-01 21:13 - 000001911 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-01 17:53 - 2018-08-01 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-01 17:53 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-01 16:43 - 2018-08-01 16:43 - 000000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 20ab4298-7b03-44e6-b5e3-56d5e6ed6877.job
2018-08-01 16:43 - 2018-08-01 16:43 - 000000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 07858b2c-aec8-4dd5-b51b-4e5307505292.job
2018-08-01 16:43 - 2018-08-01 16:43 - 000000000 ____D C:\Users\Milena\AppData\Roaming\SUPERAntiSpyware.com
2018-08-01 16:43 - 2018-08-01 16:43 - 000000000 ____D C:\SUPERDelete
2018-08-01 16:42 - 2018-08-01 21:13 - 000001852 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-08-01 16:42 - 2018-08-01 16:43 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-08-01 16:42 - 2018-08-01 16:42 - 034756248 _____ (SUPERAntiSpyware) C:\Users\Milena\Downloads\SUPERAntiSpyware.exe
2018-08-01 16:42 - 2018-08-01 16:42 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2018-08-01 16:42 - 2018-08-01 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-08-01 01:42 - 2018-08-01 01:42 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsigndb1ad0e95193fb20
2018-08-01 01:42 - 2018-08-01 01:42 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign28438edeb0f999ae
2018-07-31 23:45 - 2018-07-31 23:45 - 000000000 ____D C:\Users\Milena\AppData\Local\VideoEditor
2018-07-31 23:45 - 2018-07-31 23:45 - 000000000 ____D C:\Users\Milena\AppData\Local\Movavi
2018-07-31 23:41 - 2018-08-01 21:13 - 000001006 _____ C:\Users\Public\Desktop\Movavi Video Editor 14.lnk
2018-07-31 23:41 - 2018-07-31 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 14
2018-07-31 23:41 - 2018-07-31 23:41 - 000000000 ____D C:\Program Files\Movavi Video Editor 14
2018-07-31 23:40 - 2018-07-31 23:40 - 062662328 _____ (Movavi) C:\Users\Milena\Downloads\MovaviVideoEditorSetupF.exe
2018-07-31 23:40 - 2018-07-31 23:40 - 000005085 _____ C:\ProgramData\ubnmeoaw.nlb
2018-07-31 23:40 - 2018-07-31 23:40 - 000000016 _____ C:\ProgramData\mntemp
2018-07-31 23:40 - 2018-07-31 23:40 - 000000000 ____D C:\ProgramData\Movavi Video Editor 14
2018-07-31 22:15 - 2018-07-31 22:15 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign83643a0f2d6d837d
2018-07-31 22:15 - 2018-07-31 22:15 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign7fe28cc3b5ce5537
2018-07-31 21:29 - 2018-07-31 21:29 - 002354237 _____ C:\Users\Milena\Downloads\animalstickers.ai
2018-07-31 21:02 - 2018-07-31 21:03 - 077131680 _____ (Malwarebytes ) C:\Users\Milena\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.6075.exe
2018-07-31 20:28 - 2018-07-31 20:32 - 234670524 _____ (Pixflow Studio) C:\Users\Milena\Downloads\Motion-Factory-Setup.exe
2018-07-31 20:19 - 2018-07-31 20:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-31 20:19 - 2018-07-31 20:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-31 20:19 - 2018-07-31 20:19 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-31 20:19 - 2018-07-31 20:19 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-31 14:25 - 2018-08-02 12:15 - 000000000 ___HD C:\Users\Milena\AppData\Local\{9A5F1821-1526-1C50-A634-7F84341A2214}
2018-07-31 07:25 - 2018-07-31 07:26 - 006758417 _____ C:\Users\Milena\Downloads\Listing-Presentation-Milena-Proof-Slides.pptx
2018-07-31 00:10 - 2018-07-31 00:10 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignec24a916e99495ef
2018-07-31 00:10 - 2018-07-31 00:10 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsigna74f046f3ff8b752
2018-07-30 23:20 - 2018-07-30 23:20 - 006208940 _____ C:\Users\Milena\Downloads\Milena-Slide-54-56.pptx
2018-07-30 21:42 - 2018-07-30 21:43 - 054113156 _____ C:\Users\Milena\Downloads\Listing-Presentation-Milena-2018.07.30.pptx
2018-07-30 21:32 - 2018-07-30 21:32 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg (3).svg
2018-07-30 21:31 - 2018-07-30 21:32 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg (2).svg
2018-07-30 10:50 - 2018-07-30 10:50 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg (1).svg
2018-07-30 10:44 - 2018-07-30 10:44 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg.svg
2018-07-29 14:21 - 2018-07-29 14:21 - 006030078 _____ C:\Users\Milena\Downloads\Backstage [720p].mp4
2018-07-29 14:20 - 2018-07-29 14:20 - 001774439 _____ C:\Users\Milena\Downloads\Yakitoriya - Zero Gravity [720p].mp4
2018-07-28 22:29 - 2018-07-28 22:29 - 000569988 _____ C:\Users\Milena\Downloads\D3A904D2-E310-42F0-8108-9E3BF65F5F34.jpeg
2018-07-28 17:56 - 2018-07-28 17:56 - 000174029 _____ C:\Users\Milena\Desktop\Jelena.xps
2018-07-28 17:48 - 2018-07-28 17:48 - 008752252 _____ C:\Users\Milena\Downloads\ScriptProposal_25062018.pptx
2018-07-28 17:48 - 2018-07-28 17:48 - 008752252 _____ C:\Users\Milena\Downloads\ScriptProposal_25062018 (1).pptx
2018-07-28 17:48 - 2018-07-28 17:48 - 004789747 _____ C:\Users\Milena\Downloads\ScriptProposal_ver1.2.pdf
2018-07-28 17:20 - 2018-07-28 17:20 - 000203177 _____ C:\Users\Milena\Downloads\AFBBFC64-3C5B-4F6C-B157-9D0E9E232D5A.jpeg
2018-07-28 17:20 - 2018-07-28 17:20 - 000154495 _____ C:\Users\Milena\Downloads\B4C4D398-7F9A-4585-A8CF-18DAE082B858.jpeg
2018-07-28 17:20 - 2018-07-28 17:20 - 000144387 _____ C:\Users\Milena\Downloads\92F00C6E-C5E2-4242-91ED-570202511322.jpeg
2018-07-28 16:47 - 2018-07-28 16:47 - 000048996 _____ C:\Users\Milena\Downloads\Mathematica.pdf
2018-07-28 11:15 - 2018-07-28 11:15 - 000000000 ___HD C:\$AV_AVG
2018-07-28 09:25 - 2018-08-01 18:04 - 000000000 ___HD C:\Users\Milena\AppData\Local\Runtime_WOW64
2018-07-28 02:33 - 2018-07-17 12:33 - 000379120 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-07-28 01:54 - 2018-07-28 01:54 - 1082087266 _____ C:\Windows\MEMORY.DMP
2018-07-28 01:54 - 2018-07-28 01:54 - 000636768 _____ C:\Windows\Minidump\072818-32276-01.dmp
2018-07-27 11:24 - 2018-07-27 11:24 - 000000165 ____H C:\Users\Milena\Downloads\~$Test 3.pptx
2018-07-27 10:15 - 2018-07-27 10:15 - 000000000 ____D C:\ProgramData\MB3Install
2018-07-27 00:25 - 2018-08-01 18:04 - 000000000 ___HD C:\Users\Milena\AppData\Local\Remote NET.Assistance
2018-07-26 23:48 - 2018-07-26 23:48 - 077131680 _____ (Malwarebytes ) C:\Users\Milena\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.6075.exe
2018-07-26 17:33 - 2018-07-26 17:34 - 024785012 _____ C:\Users\Milena\Downloads\Test 3.pptx
2018-07-26 12:48 - 2018-08-01 23:46 - 000004966 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Milena-PC-Milena Milena-PC
2018-07-26 00:05 - 2018-07-26 00:05 - 000962699 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue (4)(1).pptx
2018-07-26 00:03 - 2018-07-26 00:03 - 000962699 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue (4).pptx
2018-07-25 20:09 - 2018-07-25 20:09 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignf6535ce5f8ea672f
2018-07-25 20:09 - 2018-07-25 20:09 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign105b74c4371a3d36
2018-07-25 12:37 - 2018-07-25 12:37 - 011479965 _____ C:\Users\Milena\Documents\Združena akcija Krov nad glavom - Ustanička 244g – HAPŠENJE AKTIVISTA, PRINUDNO ISELJENJE IZBEGLICA ODLOŽENO _ Facebook.mp4
2018-07-25 12:36 - 2018-07-25 12:36 - 009333382 _____ C:\Users\Milena\Documents\Združena akcija Krov nad glavom - Odbrana zgrade od izbacivanja siromašnih na ulicu - Ustanička 244g.mp4
2018-07-25 11:27 - 2018-07-25 11:27 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign9db65e9786c75a91
2018-07-25 11:27 - 2018-07-25 11:27 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign898989c74cd62908
2018-07-24 11:04 - 2018-07-24 11:05 - 265212094 _____ C:\Users\Milena\Downloads\videoblocks-double-exposure-opener_HPlt34R7z.zip
2018-07-24 10:19 - 2018-07-24 10:20 - 027963837 _____ C:\Users\Milena\Downloads\List-Pres-Slides-To-Design(1).pptx
2018-07-23 23:06 - 2018-07-23 23:06 - 000000000 ____D C:\Users\Milena\Desktop\ON1LutifyMELUTs
2018-07-23 23:05 - 2018-07-23 23:05 - 010318363 _____ C:\Users\Milena\Desktop\ON1LutifyMELUTs.zip
2018-07-23 22:21 - 2018-07-23 22:21 - 001145766 _____ C:\Users\Milena\Downloads\101 Nursery Flyer NEW - Graham.pdf
2018-07-23 22:13 - 2018-07-23 22:13 - 000195259 _____ C:\Users\Milena\Downloads\Emerald Garden Receipt.pdf
2018-07-23 11:52 - 2018-07-23 11:52 - 002588609 _____ C:\Users\Milena\Documents\Thompson održao ustaški čas.mp4
2018-07-23 10:53 - 2018-07-23 10:53 - 026568610 _____ C:\Users\Milena\Documents\ПОЧЕМУ ВОКРУГ ТАК МНОГО ОДИНОКИХ ЛЮДЕЙ_... - Наталья Завьялова.mp4
2018-07-22 14:04 - 2018-07-22 14:04 - 000000000 ____D C:\Users\Milena\AppData\Roaming\Blender Foundation
2018-07-22 14:03 - 2018-07-22 14:03 - 023379272 _____ C:\Users\Milena\Downloads\IMIS-animation-1.blend
2018-07-22 14:02 - 2018-07-22 14:02 - 000000000 ____D C:\Users\Milena\.thumbnails
2018-07-22 14:01 - 2018-07-22 14:01 - 000001117 _____ C:\Users\Milena\Desktop\blender.lnk
2018-07-22 14:01 - 2018-07-22 14:01 - 000000000 ____D C:\Users\Milena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2018-07-22 14:00 - 2018-07-22 14:00 - 000000000 ____D C:\Program Files\Blender Foundation
2018-07-22 13:58 - 2018-07-22 13:59 - 087912376 _____ C:\Users\Milena\Downloads\blender-2.79b-windows64 (1).msi
2018-07-22 12:57 - 2018-07-22 12:57 - 015621235 _____ C:\Users\Milena\Downloads\Example File.pdf
2018-07-22 10:31 - 2018-07-25 00:42 - 000000000 ____D C:\Users\Milena\Desktop\Nale
2018-07-22 00:31 - 2018-07-22 00:31 - 087912376 _____ C:\Users\Milena\Downloads\blender-2.79b-windows64.msi
2018-07-22 00:15 - 2018-07-22 00:15 - 001390142 _____ C:\Users\Milena\Downloads\Photoshop Template.psd
2018-07-21 16:44 - 2018-07-21 16:44 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignf46653a78ef09b37
2018-07-21 16:44 - 2018-07-21 16:44 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignc4474c325593d5c3
2018-07-21 12:26 - 2018-07-21 12:36 - 000000000 ____D C:\ProgramData\ellfService
2018-07-21 12:26 - 2018-07-21 12:26 - 000003636 _____ C:\Windows\System32\Tasks\{DCEA6B3D-DABB-0EAF-C5F9-E57A8B6D5C8B}
2018-07-21 12:25 - 2018-07-21 23:48 - 000000000 ____D C:\Program Files (x86)\Venome
2018-07-21 12:25 - 2018-07-21 12:31 - 000000000 ____D C:\Users\Milena\Downloads\phototools_2
2018-07-21 12:25 - 2018-07-21 12:25 - 000003440 _____ C:\Windows\System32\Tasks\{60923C99-2335-07D5-6B51-0DA7068512DB}
2018-07-21 12:25 - 2018-07-21 12:25 - 000000003 _____ C:\Users\Milena\AppData\Local\wbem.ini
2018-07-21 11:59 - 2018-07-21 11:59 - 000000000 ____D C:\Users\Milena\Downloads\PhotoTools_2.6.3_Free
2018-07-21 11:56 - 2018-07-21 11:56 - 103613620 _____ C:\Users\Milena\Downloads\PhotoTools_2.6.3_Free.zip
2018-07-20 21:39 - 2018-07-20 21:39 - 000476102 _____ C:\Users\Milena\Downloads\SBizhub C2218072014180.pdf
2018-07-20 15:33 - 2018-07-20 15:33 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignb53426a4d5a503b0
2018-07-20 15:33 - 2018-07-20 15:33 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign5e9d7a16f0583dce
2018-07-19 17:25 - 2018-07-19 17:25 - 006157199 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue(1).pptx
2018-07-19 17:24 - 2018-07-19 17:25 - 006157199 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue.pptx
2018-07-19 17:00 - 2018-07-19 17:01 - 002275102 _____ C:\Users\Milena\Downloads\ScrumKarten.pdf
2018-07-18 17:51 - 2018-07-27 00:11 - 000000000 ____D C:\Users\Milena\Desktop\Onone_Phototools_Professional_Edition_2_6
2018-07-18 17:21 - 2018-07-18 17:21 - 000000000 ____D C:\Users\Milena\Downloads\Onone_Phototools_Professional_Edition_2_6
2018-07-18 13:43 - 2018-07-18 13:43 - 000179433 _____ C:\Users\Milena\Downloads\WhatsApp Image 2018-07-18 at 11.37.11.jpeg
2018-07-18 13:25 - 2018-07-18 13:25 - 003863253 _____ C:\Users\Milena\Downloads\Nobel Biocare All-on-4 treatment concept manual.pdf
2018-07-17 23:04 - 2018-07-17 23:04 - 000023354 _____ C:\Users\Milena\Downloads\shape.pdf
2018-07-17 19:12 - 2018-07-17 19:12 - 031841604 _____ C:\Users\Milena\Downloads\Crealto_Brand_Manual_02_2016.pdf
2018-07-17 16:23 - 2018-07-17 16:23 - 000154736 _____ C:\Users\Milena\Downloads\BLK.pdf
2018-07-17 16:23 - 2018-07-17 16:23 - 000153882 _____ C:\Users\Milena\Downloads\Fidelity.pdf
2018-07-17 16:19 - 2018-07-17 16:19 - 001277112 _____ C:\Users\Milena\Downloads\HF.pdf
2018-07-17 16:04 - 2018-07-17 16:04 - 000025788 _____ C:\Users\Milena\Downloads\Lexi Carlitz_resume_3.pdf
2018-07-17 14:31 - 2018-07-17 14:31 - 000134034 _____ C:\Users\Milena\Downloads\Sample.bmp
2018-07-17 11:54 - 2018-07-17 11:54 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignae83ce0ea3c05f79
2018-07-17 11:54 - 2018-07-17 11:54 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign9ac07932b498f55c
2018-07-17 00:12 - 2018-07-17 00:12 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignc888afddabec7302
2018-07-17 00:12 - 2018-07-17 00:12 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign11f383a171f6ca9e
2018-07-16 23:27 - 2018-07-16 23:27 - 001889064 _____ C:\Users\Milena\Downloads\5849718E-2990-48B3-B113-828A162E52E5.jpeg
2018-07-16 18:16 - 2018-07-16 18:17 - 003171676 _____ C:\Users\Milena\Downloads\ImageMagazineTab (1).pdf
2018-07-16 17:08 - 2018-07-16 17:08 - 000327232 _____ C:\Users\Milena\Downloads\ImageDealsSample.pdf
2018-07-16 14:19 - 2018-07-16 14:19 - 000012773 _____ C:\Users\Milena\Downloads\11_8 inch.pdf
2018-07-16 12:52 - 2018-07-16 12:52 - 000058810 _____ C:\Users\Milena\Downloads\Lubalin Graph Regular.ttf
2018-07-16 09:38 - 2018-07-16 09:38 - 002016487 _____ C:\Users\Milena\Downloads\ImageMagazineCover (1).pdf
2018-07-16 09:24 - 2018-07-16 09:24 - 002016487 _____ C:\Users\Milena\Downloads\ImageMagazineCover.pdf
2018-07-16 09:24 - 2018-07-16 09:24 - 001959515 _____ C:\Users\Milena\Downloads\ImageMagazineTab.pdf
2018-07-12 21:06 - 2018-07-12 21:06 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignaa1ec7aea6295a0b
2018-07-12 21:06 - 2018-07-12 21:06 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign5c4ff1ff8a48836a
2018-07-12 16:25 - 2018-07-12 16:25 - 027617000 _____ (Upwork, Inc ) C:\Users\Milena\Downloads\UpworkSetup(1).exe
2018-07-11 12:30 - 2018-07-11 12:30 - 057812744 _____ (Skype Technologies S.A.) C:\Users\Milena\Downloads\Skype-8.25.0.5.exe
2018-07-10 20:53 - 2018-07-10 20:53 - 000000441 _____ C:\Users\Milena\Downloads\mail.php
2018-07-10 20:52 - 2018-07-10 22:36 - 000013370 _____ C:\Users\Milena\Downloads\index.html
2018-07-10 20:13 - 2018-07-10 20:14 - 077567872 _____ C:\Users\Milena\Downloads\MONOPLAY.mp4
2018-07-10 17:44 - 2018-07-12 01:27 - 000000000 ____D C:\Users\Milena\Desktop\html5up-overflow - Copy
2018-07-10 17:15 - 2018-07-10 17:43 - 000000000 ____D C:\Users\Milena\Desktop\html5up-overflow
2018-07-10 17:15 - 2018-07-10 17:15 - 001704667 _____ C:\Users\Milena\Desktop\html5up-overflow.zip
2018-07-08 21:50 - 2018-07-08 21:50 - 000000000 ____D C:\Users\Milena\Downloads\fontawesome-free-5.1.0-web
2018-07-08 20:55 - 2018-07-08 20:55 - 009731899 _____ C:\Users\Milena\Downloads\fontawesome-free-5.1.0-web.zip
2018-07-07 13:11 - 2018-07-30 11:55 - 000000952 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-07-06 19:46 - 2018-07-06 19:46 - 020644589 _____ C:\Users\Milena\Downloads\Deep Purple [720p].mp4
2018-07-06 18:45 - 2018-07-06 18:45 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign5434227f661e5bbe
2018-07-06 18:45 - 2018-07-06 18:45 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign3d995829a1d4c3dd
2018-07-06 11:30 - 2018-07-06 11:30 - 001490081 _____ C:\Users\Milena\Downloads\Python_intezivna_obuka_program.pdf
2018-07-05 10:51 - 2018-07-05 10:52 - 013798026 _____ C:\Users\Milena\Downloads\italiano-2-0-0(1).zip
2018-07-04 18:00 - 2018-07-04 18:00 - 000000000 ____D C:\Users\Milena\Desktop\Za mamu
2018-07-03 13:52 - 2018-07-03 13:52 - 000200252 _____ C:\Users\Milena\Downloads\Livre Blanc - Design (1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-02 16:29 - 2017-11-13 19:13 - 000000000 ____D C:\Users\Milena\AppData\LocalLow\Mozilla
2018-08-02 16:27 - 2018-05-28 18:14 - 000794748 _____ C:\Windows\ntbtlog.txt
2018-08-02 14:03 - 2017-11-20 14:21 - 000000000 ____D C:\ProgramData\onOne Software
2018-08-02 14:03 - 2017-11-20 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2018-08-02 14:02 - 2017-11-20 14:21 - 000000000 ____D C:\Program Files\onOne Software
2018-08-02 14:02 - 2017-11-20 14:21 - 000000000 ____D C:\Program Files (x86)\onOne Software
2018-08-02 12:26 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-02 12:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-02 12:22 - 2017-11-13 20:53 - 000000000 ____D C:\Users\Milena\AppData\Roaming\BitTorrent
2018-08-02 11:43 - 2017-11-20 14:48 - 000000000 ___SD C:\Users\Milena\AppData\LocalLow\Temp
2018-08-02 11:42 - 2017-11-21 19:20 - 000000000 ____D C:\Users\Milena\AppData\Local\CrashDumps
2018-08-02 11:35 - 2017-11-20 14:21 - 000000000 ____D C:\Users\Milena\AppData\Roaming\onOne Software
2018-08-02 11:22 - 2017-11-13 19:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-08-02 10:49 - 2017-11-13 18:34 - 000000000 ____D C:\Users\Milena
2018-08-02 10:43 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-02 10:42 - 2017-11-13 19:58 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-01 19:23 - 2017-11-13 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-08-01 17:53 - 2017-11-13 20:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-01 01:41 - 2017-11-20 16:08 - 000000034 _____ C:\Users\Milena\AppData\Roaming\AdobeWLCMCache.dat
2018-07-31 20:19 - 2017-11-13 21:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-31 20:19 - 2017-11-13 21:42 - 000000000 ____D C:\Users\Milena\AppData\Local\Adobe
2018-07-31 08:02 - 2017-11-13 20:22 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2018-07-30 21:57 - 2009-07-14 06:45 - 007259656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-30 21:50 - 2018-05-16 09:24 - 000000051 _____ C:\Users\Milena\Desktop\Creative Team.txt
2018-07-30 11:55 - 2018-06-01 22:48 - 000000865 _____ C:\Users\Public\Desktop\Trelby.lnk
2018-07-28 22:20 - 2017-11-13 19:22 - 000352200 _____ C:\Users\Milena\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-28 13:58 - 2017-11-15 23:05 - 000000000 ____D C:\Users\Milena\AppData\Roaming\vlc
2018-07-28 02:34 - 2018-01-09 04:31 - 000002013 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-07-28 02:34 - 2017-11-13 19:25 - 000003916 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-07-28 01:54 - 2017-11-26 18:56 - 000000000 ____D C:\Windows\Minidump
2018-07-27 11:08 - 2017-11-13 19:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-25 14:05 - 2017-12-01 17:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-07-25 00:43 - 2017-11-14 01:14 - 000000132 _____ C:\Users\Milena\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-07-23 20:34 - 2017-11-13 19:25 - 000458024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-07-21 12:26 - 2017-11-13 19:19 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-20 14:58 - 2018-05-21 09:15 - 000126976 ___SH C:\Users\Milena\Documents\Thumbs.db
2018-07-18 17:17 - 2017-11-20 15:16 - 000000000 ____D C:\Users\Milena\Downloads\OnOne PhotoTools Professional Edition 2.6.5 Setup + Key
2018-07-17 12:33 - 2017-11-13 19:25 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000203544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000189544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000152016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-07-12 16:26 - 2017-11-15 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Upwork
2018-07-12 16:26 - 2017-11-15 18:04 - 000000000 ____D C:\Program Files (x86)\Upwork
2018-07-12 13:23 - 2018-06-03 21:58 - 000000000 ____D C:\Users\Milena\Desktop\Photoshop Styles
2018-07-11 12:31 - 2017-11-26 21:48 - 000001343 _____ C:\Users\Public\Desktop\Skype.lnk
2018-07-11 12:31 - 2017-11-13 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-10 16:02 - 2017-11-14 01:54 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-10 16:01 - 2017-11-14 01:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-11-18 15:41 - 2017-11-18 15:41 - 000000132 _____ () C:\Users\Milena\AppData\Roaming\Adobe BMP Format CS6 Prefs
2018-03-19 15:14 - 2018-03-19 15:14 - 000000132 _____ () C:\Users\Milena\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2017-11-14 01:14 - 2018-07-25 00:43 - 000000132 _____ () C:\Users\Milena\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-11-20 16:08 - 2018-08-01 01:41 - 000000034 _____ () C:\Users\Milena\AppData\Roaming\AdobeWLCMCache.dat
1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 ____N (Microsoft Corporation) C:\Users\Milena\AppData\Roaming\JvBEUYo.exe
2017-12-05 00:31 - 2017-12-05 00:32 - 000001456 _____ () C:\Users\Milena\AppData\Local\Adobe Save for Web 13.0 Prefs
1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 ____N (Microsoft Corporation) C:\Users\Milena\AppData\Local\USiqjuu.exe
2018-07-21 12:25 - 2018-07-21 12:25 - 000000003 _____ () C:\Users\Milena\AppData\Local\wbem.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 05:24] - [2017-11-13 18:33] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 05:24] - [2017-11-13 18:33] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-27 06:28

==================== End of FRST.txt ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

Task: {24DBCB85-255C-4E7E-B1C4-15D1133237F5} - System32\Tasks\{DCEA6B3D-DABB-0EAF-C5F9-E57A8B6D5C8B} => C:\Users\Milena\AppData\Local\USiqjuu.exe [1601-01-03] (Microsoft Corporation)
Task: {E9EDFCB8-C50C-4E20-9C91-24D03FABB6A7} - System32\Tasks\{60923C99-2335-07D5-6B51-0DA7068512DB} => C:\Users\Milena\AppData\Roaming\JvBEUYo.exe [1601-01-03] (Microsoft Corporation) <==== ATTENTION
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Public\AppData:CSM [466]
C:\Users\Milena\AppData\Local\USiqjuu.exe
C:\Users\Milena\AppData\Roaming\JvBEUYo.exe
cmd: bitsadmin /reset /allusers
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • Pridružio: 08 Apr 2012
  • Poruke: 34

Morala sam iz Safe Moda jer FRST nije mogao da se pokrene drugačije. Evo rezultata -

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Milena (02-08-2018 19:10:06) Run:1
Running from C:\Users\Milena\Desktop
Loaded Profiles: Milena & (Available Profiles: Milena)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Task: {24DBCB85-255C-4E7E-B1C4-15D1133237F5} - System32\Tasks\{DCEA6B3D-DABB-0EAF-C5F9-E57A8B6D5C8B} => C:\Users\Milena\AppData\Local\USiqjuu.exe [1601-01-03] (Microsoft Corporation)
Task: {E9EDFCB8-C50C-4E20-9C91-24D03FABB6A7} - System32\Tasks\{60923C99-2335-07D5-6B51-0DA7068512DB} => C:\Users\Milena\AppData\Roaming\JvBEUYo.exe [1601-01-03] (Microsoft Corporation) <==== ATTENTION
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Public\AppData:CSM [466]
C:\Users\Milena\AppData\Local\USiqjuu.exe
C:\Users\Milena\AppData\Roaming\JvBEUYo.exe
cmd: bitsadmin /reset /allusers
EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24DBCB85-255C-4E7E-B1C4-15D1133237F5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24DBCB85-255C-4E7E-B1C4-15D1133237F5}" => removed successfully
C:\Windows\System32\Tasks\{DCEA6B3D-DABB-0EAF-C5F9-E57A8B6D5C8B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DCEA6B3D-DABB-0EAF-C5F9-E57A8B6D5C8B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E9EDFCB8-C50C-4E20-9C91-24D03FABB6A7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9EDFCB8-C50C-4E20-9C91-24D03FABB6A7}" => removed successfully
C:\Windows\System32\Tasks\{60923C99-2335-07D5-6B51-0DA7068512DB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60923C99-2335-07D5-6B51-0DA7068512DB}" => removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Milena\AppData\Local\USiqjuu.exe => moved successfully
C:\Users\Milena\AppData\Roaming\JvBEUYo.exe => moved successfully

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
The dependency service or group failed to start.



========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 131938780 B
Java, Flash, Steam htmlcache => 1760 B
Windows/system/drivers => 19593630 B
Edge => 0 B
Chrome => 885516556 B
Firefox => 399421433 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
systemprofile32 => 33058 B
LocalService => 66228 B
NetworkService => 66228 B
Milena => 136295267 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:11:18 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sad stanje?



Preuzmi Malwarebytes Anti-Malware sa ovog ili ovog ili ovog linka i instaliraj aplikaciju.
Pokreni mb3-setup-consumer-{verzija}.exe i isprati uputstva za instalaciju programa. Nakon instalacije, klikni na Finish

Prilikom prvog pokretanja, program će prikazati prozor "dobrodošlice". Slobodno zatvori taj prozor.
Napomena: Premium funkcije programa su već aktivirane i važe 13 dana od trenutka instalacije. Premium funkcije možeš isključiti preko Settings > My Account tab podešavanja.

• Podešavanja skenera - u Settings, klikni na Protection tab. Ispod Scan Options sekcije, uključi "Scan for rootkits" opciju.
• Pripremi podešavanja za Threat Scan - u Dashboard , klikni na Scan Now dugme. MBAM će ažurirati bazu i započeti skeniranje.

Kada se skeniranje završi, ako je infekcija detektovana, obrati pažnju da je sve označeno, pa klikni na Remove Selected. Restartuj računar ako program upita za restart.
• Dostavi log: Pod Reports izaberi trenutni datum izveštaja Scan Report i potom klikni na View Report.

Izvezi log na Desktop;
- Klikni na Export dugme na dnu, pa onda izaberi 'Text file (*.txt)'
# U Save File dijalogu koji se pojavi, klikni na Desktop. U File name: polje, upiši "mbam" (bez navodnika) i klikni na Save.
- Pojaviće se poruka "Your file has been successfully exported", klikni Ok i zatvori prozor.



• U odgovoru prikači mbam.txt log koristeći "Prikači fajl" opciju.

offline
  • Pridružio: 08 Apr 2012
  • Poruke: 34

Napisano: 02 Avg 2018 20:18

Baš testiram i CPU je sa sve upaljenim programima 2%, zauzeće memorije samo 5GB Very Happy
Izgleda da ga više nema! Hvalaaaaa!!! Sad ću pustiti i Malwarebytes. Ne gase se brawseri i uspela sam da pokrenem Malware.

Dopuna: 02 Avg 2018 21:14

Izgleda da sam se prerano obradovala, opet mogu da startujem programe i brawsere samo iz Safe Moda.

Evo loga malwerbytesa

Malwarebytes
malwarebytes.com

-Log Details-
Scan Date: 8/2/18
Scan Time: 8:21 PM
Log File: cf5d1472-9680-11e8-8523-94de800f2cfb.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.391
Update Package Version: 1.0.6173
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Milena-PC\Milena

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 289615
Threats Detected: 12
Threats Quarantined: 12
Time Elapsed: 13 min, 23 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 9
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{63F335D2-F027-4CE4-8007-B326DF3402E8}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C6916EB1-011E-4DFE-838F-8D1DB1B66E6D}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4D80AA54-7DB9-47DB-BCBD-5909531EE790}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4006591A-8B9D-46AC-9702-6D257B8178C4}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FFDE7451-4B1C-4F5F-B168-86CDCFD253EB}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7B24914C-C61F-4D82-86A4-EAD8264DAF0A}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{78683577-C213-413B-9C66-513CD621C7AB}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{BBD4F578-DE8E-45C8-A6DB-1C82F4FFF0CA}, Quarantined, [3753], [539893],1.0.6173
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ADDDCF55-64DA-4AA3-9751-413708270EEB}, Quarantined, [3753], [539893],1.0.6173

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
Adware.IStartSurf, C:\USERS\MILENA\DOWNLOADS\KEYGEN ONLY ONONE PERFECT PHOTO SUITE 9021335 PREMIUM FULL KEYGEN.ZIP, Quarantined, [599], [546687],1.0.6173
RiskWare.BitCoinMiner, C:\USERS\MILENA\APPDATA\LOCAL\THUNDERBIRDPORTABLE\000001N.ZIP, Quarantined, [929], [467508],1.0.6173
RiskWare.BitCoinMiner, C:\USERS\MILENA\APPDATA\LOCAL\{9A5F1821-1526-1C50-A634-7F84341A2214}\000001N.ZIP, Quarantined, [929], [467508],1.0.6173

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Dopuna: 02 Avg 2018 21:30

Sad više ne mogu da uđem u Win, samo u Safe Mode

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Postavi mi nove FRST izvještaje.

offline
  • Pridružio: 08 Apr 2012
  • Poruke: 34

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Milena (administrator) on MILENA-PC (02-08-2018 10:47:33)
Running from C:\Users\Milena\Desktop
Loaded Profiles: Milena (Available Profiles: Milena)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-07-17] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-01] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8898480 2018-07-03] (SUPERAntiSpyware)
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\MountPoints2: {47c4638a-c8da-11e7-93de-806e6f6e6963} - H:\setup.exe
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\...\MountPoints2: {593767c5-c899-11e7-901a-94de800f2cfb} - G:\Autoplay.exe -auto

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{04EF7F64-C9E7-4834-9E2B-96CB4E59C604}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-3033977378-3665412441-967778144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3033977378-3665412441-967778144-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-08-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-13] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-08-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: aw4ypeg2.default
FF ProfilePath: C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default [2018-08-02]
FF user.js: detected! => C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\user.js [2017-06-30]
FF Homepage: Mozilla\Firefox\Profiles\aw4ypeg2.default -> hxxps://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\aw4ypeg2.default -> about:newtab
FF Extension: (German Dictionary) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2018-03-06] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\sp@avast.com.xpi [2018-08-02]
FF Extension: (Avast Online Security) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\wrc@avast.com.xpi [2018-08-01]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-04]
FF Extension: (Adblock Plus) - C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-31] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-31] ()
FF Plugin-x32: @DVR/npmedia,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npmedia.dll [2015-02-03] ()
FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npTimeGrid.dll [2015-02-03] (Unauthorized copy)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2018-07-21]

Chrome:
=======
CHR Profile: C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default [2018-08-02]
CHR Extension: (Slides) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-13]
CHR Extension: (Docs) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-13]
CHR Extension: (Google Drive) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-13]
CHR Extension: (YouTube) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-15]
CHR Extension: (Sheets) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-15]
CHR Extension: (Avast Online Security) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-08-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Milena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-01] (AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-01] (AVAST Software)
S2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-07-17] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7829784 2018-07-17] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-07] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-11-14] (NVIDIA Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-01] (Nalpeiron Ltd.) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-11-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-11-14] (NVIDIA Corporation)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2896896 2017-09-29] (Microsoft Corporation) [File not signed]
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-04-11] (Wondershare)
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-08-01] (AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-08-01] (AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-08-01] (AVAST Software)
S0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-01] (AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-08-01] (AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-08-01] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-08-01] (AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-08-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-08-01] (AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-08-01] (AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-08-01] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-08-01] (AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-08-01] (AVAST Software)
S1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189544 2018-07-17] (AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [222288 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [194224 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [339048 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51952 2018-07-17] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-07-17] (AVG Technologies CZ, s.r.o.)
S2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [152016 2018-07-17] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [104256 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2018-07-17] (AVG Technologies CZ, s.r.o.)
S1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-07-17] (AVG Technologies CZ, s.r.o.)
S1 avgSP; C:\Windows\System32\drivers\avgSP.sys [458024 2018-07-23] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [203544 2018-07-17] (AVG Technologies CZ, s.r.o.)
S0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-07-17] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-13] (Disc Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-08-01] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-02] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-14] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-11-14] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-08-01] (Zemana Ltd.)
S1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-08-01] (Zemana Ltd.)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-02 21:05 - 2018-08-02 21:05 - 000003413 _____ C:\Users\Milena\Desktop\MB.txt
2018-08-02 20:19 - 2018-08-02 20:19 - 000001904 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-02 20:19 - 2018-08-02 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-02 20:19 - 2018-08-02 10:45 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-02 20:19 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-02 20:17 - 2018-08-02 20:18 - 078389256 _____ (Malwarebytes ) C:\Users\Milena\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.6153.exe
2018-08-02 19:10 - 2018-08-02 19:11 - 000003444 _____ C:\Users\Milena\Desktop\Fixlog.txt
2018-08-02 19:07 - 2018-08-02 19:07 - 000000000 ____D C:\Users\Milena\Desktop\FRST-OlderVersion
2018-08-02 17:45 - 2018-08-02 17:45 - 000328192 _____ C:\Windows\SysWOW64\IDR_RCDATA.bin
2018-08-02 17:39 - 2018-08-02 17:45 - 000000000 ___HD C:\Users\Milena\AppData\Local\ThunderbirdPortable
2018-08-02 16:35 - 2018-08-02 16:35 - 000075879 _____ C:\Users\Milena\Desktop\Addition.txt
2018-08-02 16:33 - 2018-08-02 19:07 - 002412544 _____ (Farbar) C:\Users\Milena\Desktop\FRST64.exe
2018-08-02 16:33 - 2018-08-02 10:48 - 000020781 _____ C:\Users\Milena\Desktop\FRST.txt
2018-08-02 16:33 - 2018-08-02 10:47 - 000000000 ____D C:\FRST
2018-08-02 14:03 - 2018-08-02 14:03 - 000002126 _____ C:\Users\Public\Desktop\Perfect Photo Suite 9.lnk
2018-08-02 12:19 - 2018-08-02 12:19 - 000000000 ____D C:\Users\Milena\Downloads\OnOne Software Perfect Photo Suite 9.5.1.1644 + KeyGen - softasm.com
2018-08-02 12:15 - 2018-08-02 17:39 - 000328192 _____ C:\Windows\SysWOW64\SelfFolder.idc
2018-08-02 12:08 - 2018-08-02 12:12 - 575926484 _____ C:\Users\Milena\Downloads\OnOne Software Perfect Photo Suite 9.5.1.1644 + KeyGen - softasm.com.rar
2018-08-02 11:45 - 2018-08-02 11:45 - 000000000 ____D C:\Users\Milena\Downloads\ONONE PERFECT PHOTO SUITE PREMIUM ED V9.5.0-XFORCE [GloDLS]
2018-08-02 11:42 - 2018-08-02 11:42 - 000000000 ____D C:\Users\Milena\Downloads\Keygen Only onOne Perfect Photo Suite 9021335 Premium Full Keygen
2018-08-02 11:26 - 2018-08-02 11:26 - 000000000 ____D C:\ProgramData\Nalpeiron
2018-08-01 23:28 - 2018-08-02 01:00 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-08-01 23:12 - 2018-08-02 21:01 - 000000000 ____D C:\Users\Milena\AppData\Local\AVAST Software
2018-08-01 23:12 - 2018-08-01 23:12 - 000001959 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-01 23:12 - 2018-08-01 23:12 - 000000000 ____D C:\Users\Milena\AppData\Roaming\AVAST Software
2018-08-01 23:12 - 2018-08-01 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-08-01 23:11 - 2018-08-02 19:25 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-01 23:11 - 2018-08-01 23:11 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-08-01 23:10 - 2018-08-01 23:24 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-01 23:10 - 2018-08-01 23:10 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-01 23:10 - 2018-08-01 23:10 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-08-01 23:10 - 2018-08-01 23:09 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-01 23:10 - 2018-08-01 23:09 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-01 23:09 - 2018-08-01 23:09 - 000000000 ____D C:\Program Files\AVAST Software
2018-08-01 23:08 - 2018-08-02 13:18 - 000000000 ____D C:\ProgramData\AVAST Software
2018-08-01 23:07 - 2018-08-01 23:08 - 000178320 _____ (AVAST Software) C:\Users\Milena\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2018-08-01 21:31 - 2018-08-01 21:31 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2018-08-01 21:31 - 2018-08-01 21:31 - 000001893 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-08-01 21:31 - 2018-08-01 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-08-01 21:31 - 2018-08-01 21:31 - 000000000 ____D C:\Program Files\HitmanPro
2018-08-01 21:30 - 2018-08-01 22:21 - 000000000 ____D C:\ProgramData\HitmanPro
2018-08-01 21:29 - 2018-08-01 21:29 - 011576808 _____ (SurfRight B.V.) C:\Users\Milena\Downloads\hitmanpro_x64(1).exe
2018-08-01 21:28 - 2018-08-01 21:28 - 011576808 _____ (SurfRight B.V.) C:\Users\Milena\Downloads\hitmanpro_x64.exe
2018-08-01 21:02 - 2018-08-01 21:04 - 576205002 _____ C:\Users\Milena\Downloads\onOne Perfect Photo Suite 9.5.0.1644 Premium Edition.rar
2018-08-01 19:20 - 2018-08-01 19:21 - 007417040 _____ (Malwarebytes) C:\Users\Milena\Downloads\adwcleaner_7.2.2.exe
2018-08-01 19:19 - 2018-08-01 19:23 - 000000000 ____D C:\AdwCleaner
2018-08-01 19:18 - 2018-08-01 19:18 - 007395536 _____ (Malwarebytes) C:\Users\Milena\Downloads\AdwCleaner.exe
2018-08-01 18:19 - 2018-08-02 22:06 - 000020133 _____ C:\Windows\ZAM.krnl.trace
2018-08-01 18:19 - 2018-08-02 22:06 - 000000475 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-08-01 18:19 - 2018-08-01 18:19 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2018-08-01 18:19 - 2018-08-01 18:19 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2018-08-01 18:19 - 2018-08-01 18:19 - 000001185 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-08-01 18:19 - 2018-08-01 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-08-01 18:19 - 2018-08-01 18:19 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-08-01 18:10 - 2018-08-01 18:10 - 006625600 _____ (Zemana Ltd. ) C:\Users\Milena\Downloads\Zemana.AntiMalware.Setup.exe
2018-08-01 18:10 - 2018-08-01 18:10 - 000000000 ____D C:\Users\Milena\AppData\Local\Zemana
2018-08-01 18:06 - 2018-08-01 18:07 - 000004372 _____ C:\Users\Milena\Desktop\Rkill.txt
2018-08-01 18:06 - 2018-08-01 18:06 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Milena\Downloads\rkill.exe
2018-08-01 16:43 - 2018-08-01 16:43 - 000000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 20ab4298-7b03-44e6-b5e3-56d5e6ed6877.job
2018-08-01 16:43 - 2018-08-01 16:43 - 000000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 07858b2c-aec8-4dd5-b51b-4e5307505292.job
2018-08-01 16:43 - 2018-08-01 16:43 - 000000000 ____D C:\Users\Milena\AppData\Roaming\SUPERAntiSpyware.com
2018-08-01 16:43 - 2018-08-01 16:43 - 000000000 ____D C:\SUPERDelete
2018-08-01 16:42 - 2018-08-01 21:13 - 000001852 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-08-01 16:42 - 2018-08-01 16:43 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-08-01 16:42 - 2018-08-01 16:42 - 034756248 _____ (SUPERAntiSpyware) C:\Users\Milena\Downloads\SUPERAntiSpyware.exe
2018-08-01 16:42 - 2018-08-01 16:42 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2018-08-01 16:42 - 2018-08-01 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-08-01 01:42 - 2018-08-01 01:42 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsigndb1ad0e95193fb20
2018-08-01 01:42 - 2018-08-01 01:42 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign28438edeb0f999ae
2018-07-31 23:45 - 2018-07-31 23:45 - 000000000 ____D C:\Users\Milena\AppData\Local\VideoEditor
2018-07-31 23:45 - 2018-07-31 23:45 - 000000000 ____D C:\Users\Milena\AppData\Local\Movavi
2018-07-31 23:41 - 2018-08-01 21:13 - 000001006 _____ C:\Users\Public\Desktop\Movavi Video Editor 14.lnk
2018-07-31 23:41 - 2018-07-31 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 14
2018-07-31 23:41 - 2018-07-31 23:41 - 000000000 ____D C:\Program Files\Movavi Video Editor 14
2018-07-31 23:40 - 2018-07-31 23:40 - 062662328 _____ (Movavi) C:\Users\Milena\Downloads\MovaviVideoEditorSetupF.exe
2018-07-31 23:40 - 2018-07-31 23:40 - 000005085 _____ C:\ProgramData\ubnmeoaw.nlb
2018-07-31 23:40 - 2018-07-31 23:40 - 000000016 _____ C:\ProgramData\mntemp
2018-07-31 23:40 - 2018-07-31 23:40 - 000000000 ____D C:\ProgramData\Movavi Video Editor 14
2018-07-31 22:15 - 2018-07-31 22:15 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign83643a0f2d6d837d
2018-07-31 22:15 - 2018-07-31 22:15 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign7fe28cc3b5ce5537
2018-07-31 21:29 - 2018-07-31 21:29 - 002354237 _____ C:\Users\Milena\Downloads\animalstickers.ai
2018-07-31 21:02 - 2018-07-31 21:03 - 077131680 _____ (Malwarebytes ) C:\Users\Milena\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.6075.exe
2018-07-31 20:28 - 2018-07-31 20:32 - 234670524 _____ (Pixflow Studio) C:\Users\Milena\Downloads\Motion-Factory-Setup.exe
2018-07-31 20:19 - 2018-07-31 20:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-31 20:19 - 2018-07-31 20:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-31 20:19 - 2018-07-31 20:19 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-31 20:19 - 2018-07-31 20:19 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-31 14:25 - 2018-08-02 20:56 - 000000000 ___HD C:\Users\Milena\AppData\Local\{9A5F1821-1526-1C50-A634-7F84341A2214}
2018-07-31 07:25 - 2018-07-31 07:26 - 006758417 _____ C:\Users\Milena\Downloads\Listing-Presentation-Milena-Proof-Slides.pptx
2018-07-31 00:10 - 2018-07-31 00:10 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignec24a916e99495ef
2018-07-31 00:10 - 2018-07-31 00:10 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsigna74f046f3ff8b752
2018-07-30 23:20 - 2018-07-30 23:20 - 006208940 _____ C:\Users\Milena\Downloads\Milena-Slide-54-56.pptx
2018-07-30 21:42 - 2018-07-30 21:43 - 054113156 _____ C:\Users\Milena\Downloads\Listing-Presentation-Milena-2018.07.30.pptx
2018-07-30 21:32 - 2018-07-30 21:32 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg (3).svg
2018-07-30 21:31 - 2018-07-30 21:32 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg (2).svg
2018-07-30 10:50 - 2018-07-30 10:50 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg (1).svg
2018-07-30 10:44 - 2018-07-30 10:44 - 000000521 _____ C:\Users\Milena\Downloads\a10 svg.svg
2018-07-29 14:21 - 2018-07-29 14:21 - 006030078 _____ C:\Users\Milena\Downloads\Backstage [720p].mp4
2018-07-29 14:20 - 2018-07-29 14:20 - 001774439 _____ C:\Users\Milena\Downloads\Yakitoriya - Zero Gravity [720p].mp4
2018-07-28 22:29 - 2018-07-28 22:29 - 000569988 _____ C:\Users\Milena\Downloads\D3A904D2-E310-42F0-8108-9E3BF65F5F34.jpeg
2018-07-28 17:56 - 2018-07-28 17:56 - 000174029 _____ C:\Users\Milena\Desktop\Jelena.xps
2018-07-28 17:48 - 2018-07-28 17:48 - 008752252 _____ C:\Users\Milena\Downloads\ScriptProposal_25062018.pptx
2018-07-28 17:48 - 2018-07-28 17:48 - 008752252 _____ C:\Users\Milena\Downloads\ScriptProposal_25062018 (1).pptx
2018-07-28 17:48 - 2018-07-28 17:48 - 004789747 _____ C:\Users\Milena\Downloads\ScriptProposal_ver1.2.pdf
2018-07-28 17:20 - 2018-07-28 17:20 - 000203177 _____ C:\Users\Milena\Downloads\AFBBFC64-3C5B-4F6C-B157-9D0E9E232D5A.jpeg
2018-07-28 17:20 - 2018-07-28 17:20 - 000154495 _____ C:\Users\Milena\Downloads\B4C4D398-7F9A-4585-A8CF-18DAE082B858.jpeg
2018-07-28 17:20 - 2018-07-28 17:20 - 000144387 _____ C:\Users\Milena\Downloads\92F00C6E-C5E2-4242-91ED-570202511322.jpeg
2018-07-28 16:47 - 2018-07-28 16:47 - 000048996 _____ C:\Users\Milena\Downloads\Mathematica.pdf
2018-07-28 11:15 - 2018-07-28 11:15 - 000000000 ___HD C:\$AV_AVG
2018-07-28 09:25 - 2018-08-01 18:04 - 000000000 ___HD C:\Users\Milena\AppData\Local\Runtime_WOW64
2018-07-28 02:33 - 2018-07-17 12:33 - 000379120 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-07-28 01:54 - 2018-07-28 01:54 - 1082087266 _____ C:\Windows\MEMORY.DMP
2018-07-28 01:54 - 2018-07-28 01:54 - 000636768 _____ C:\Windows\Minidump\072818-32276-01.dmp
2018-07-27 11:24 - 2018-07-27 11:24 - 000000165 ____H C:\Users\Milena\Downloads\~$Test 3.pptx
2018-07-27 10:15 - 2018-07-27 10:15 - 000000000 ____D C:\ProgramData\MB3Install
2018-07-27 00:25 - 2018-08-01 18:04 - 000000000 ___HD C:\Users\Milena\AppData\Local\Remote NET.Assistance
2018-07-26 23:48 - 2018-07-26 23:48 - 077131680 _____ (Malwarebytes ) C:\Users\Milena\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.6075.exe
2018-07-26 17:33 - 2018-07-26 17:34 - 024785012 _____ C:\Users\Milena\Downloads\Test 3.pptx
2018-07-26 12:48 - 2018-08-02 21:04 - 000004966 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Milena-PC-Milena Milena-PC
2018-07-26 00:05 - 2018-07-26 00:05 - 000962699 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue (4)(1).pptx
2018-07-26 00:03 - 2018-07-26 00:03 - 000962699 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue (4).pptx
2018-07-25 20:09 - 2018-07-25 20:09 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignf6535ce5f8ea672f
2018-07-25 20:09 - 2018-07-25 20:09 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign105b74c4371a3d36
2018-07-25 12:37 - 2018-07-25 12:37 - 011479965 _____ C:\Users\Milena\Documents\Združena akcija Krov nad glavom - Ustanička 244g – HAPŠENJE AKTIVISTA, PRINUDNO ISELJENJE IZBEGLICA ODLOŽENO _ Facebook.mp4
2018-07-25 12:36 - 2018-07-25 12:36 - 009333382 _____ C:\Users\Milena\Documents\Združena akcija Krov nad glavom - Odbrana zgrade od izbacivanja siromašnih na ulicu - Ustanička 244g.mp4
2018-07-25 11:27 - 2018-07-25 11:27 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign9db65e9786c75a91
2018-07-25 11:27 - 2018-07-25 11:27 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign898989c74cd62908
2018-07-24 11:04 - 2018-07-24 11:05 - 265212094 _____ C:\Users\Milena\Downloads\videoblocks-double-exposure-opener_HPlt34R7z.zip
2018-07-24 10:19 - 2018-07-24 10:20 - 027963837 _____ C:\Users\Milena\Downloads\List-Pres-Slides-To-Design(1).pptx
2018-07-23 23:06 - 2018-07-23 23:06 - 000000000 ____D C:\Users\Milena\Desktop\ON1LutifyMELUTs
2018-07-23 23:05 - 2018-07-23 23:05 - 010318363 _____ C:\Users\Milena\Desktop\ON1LutifyMELUTs.zip
2018-07-23 22:21 - 2018-07-23 22:21 - 001145766 _____ C:\Users\Milena\Downloads\101 Nursery Flyer NEW - Graham.pdf
2018-07-23 22:13 - 2018-07-23 22:13 - 000195259 _____ C:\Users\Milena\Downloads\Emerald Garden Receipt.pdf
2018-07-23 11:52 - 2018-07-23 11:52 - 002588609 _____ C:\Users\Milena\Documents\Thompson održao ustaški čas.mp4
2018-07-23 10:53 - 2018-07-23 10:53 - 026568610 _____ C:\Users\Milena\Documents\ПОЧЕМУ ВОКРУГ ТАК МНОГО ОДИНОКИХ ЛЮДЕЙ_... - Наталья Завьялова.mp4
2018-07-22 14:04 - 2018-07-22 14:04 - 000000000 ____D C:\Users\Milena\AppData\Roaming\Blender Foundation
2018-07-22 14:03 - 2018-07-22 14:03 - 023379272 _____ C:\Users\Milena\Downloads\IMIS-animation-1.blend
2018-07-22 14:02 - 2018-07-22 14:02 - 000000000 ____D C:\Users\Milena\.thumbnails
2018-07-22 14:01 - 2018-07-22 14:01 - 000001117 _____ C:\Users\Milena\Desktop\blender.lnk
2018-07-22 14:01 - 2018-07-22 14:01 - 000000000 ____D C:\Users\Milena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2018-07-22 14:00 - 2018-07-22 14:00 - 000000000 ____D C:\Program Files\Blender Foundation
2018-07-22 13:58 - 2018-07-22 13:59 - 087912376 _____ C:\Users\Milena\Downloads\blender-2.79b-windows64 (1).msi
2018-07-22 12:57 - 2018-07-22 12:57 - 015621235 _____ C:\Users\Milena\Downloads\Example File.pdf
2018-07-22 10:31 - 2018-07-25 00:42 - 000000000 ____D C:\Users\Milena\Desktop\Nale
2018-07-22 00:31 - 2018-07-22 00:31 - 087912376 _____ C:\Users\Milena\Downloads\blender-2.79b-windows64.msi
2018-07-22 00:15 - 2018-07-22 00:15 - 001390142 _____ C:\Users\Milena\Downloads\Photoshop Template.psd
2018-07-21 16:44 - 2018-07-21 16:44 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignf46653a78ef09b37
2018-07-21 16:44 - 2018-07-21 16:44 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignc4474c325593d5c3
2018-07-21 12:26 - 2018-07-21 12:36 - 000000000 ____D C:\ProgramData\ellfService
2018-07-21 12:25 - 2018-07-21 23:48 - 000000000 ____D C:\Program Files (x86)\Venome
2018-07-21 12:25 - 2018-07-21 12:31 - 000000000 ____D C:\Users\Milena\Downloads\phototools_2
2018-07-21 12:25 - 2018-07-21 12:25 - 000000003 _____ C:\Users\Milena\AppData\Local\wbem.ini
2018-07-21 11:59 - 2018-07-21 11:59 - 000000000 ____D C:\Users\Milena\Downloads\PhotoTools_2.6.3_Free
2018-07-21 11:56 - 2018-07-21 11:56 - 103613620 _____ C:\Users\Milena\Downloads\PhotoTools_2.6.3_Free.zip
2018-07-20 21:39 - 2018-07-20 21:39 - 000476102 _____ C:\Users\Milena\Downloads\SBizhub C2218072014180.pdf
2018-07-20 15:33 - 2018-07-20 15:33 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignb53426a4d5a503b0
2018-07-20 15:33 - 2018-07-20 15:33 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign5e9d7a16f0583dce
2018-07-19 17:25 - 2018-07-19 17:25 - 006157199 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue(1).pptx
2018-07-19 17:24 - 2018-07-19 17:25 - 006157199 _____ C:\Users\Milena\Downloads\ListingPresentation_RoyalBlue.pptx
2018-07-19 17:00 - 2018-07-19 17:01 - 002275102 _____ C:\Users\Milena\Downloads\ScrumKarten.pdf
2018-07-18 17:51 - 2018-07-27 00:11 - 000000000 ____D C:\Users\Milena\Desktop\Onone_Phototools_Professional_Edition_2_6
2018-07-18 17:21 - 2018-07-18 17:21 - 000000000 ____D C:\Users\Milena\Downloads\Onone_Phototools_Professional_Edition_2_6
2018-07-18 13:43 - 2018-07-18 13:43 - 000179433 _____ C:\Users\Milena\Downloads\WhatsApp Image 2018-07-18 at 11.37.11.jpeg
2018-07-18 13:25 - 2018-07-18 13:25 - 003863253 _____ C:\Users\Milena\Downloads\Nobel Biocare All-on-4 treatment concept manual.pdf
2018-07-17 23:04 - 2018-07-17 23:04 - 000023354 _____ C:\Users\Milena\Downloads\shape.pdf
2018-07-17 19:12 - 2018-07-17 19:12 - 031841604 _____ C:\Users\Milena\Downloads\Crealto_Brand_Manual_02_2016.pdf
2018-07-17 16:23 - 2018-07-17 16:23 - 000154736 _____ C:\Users\Milena\Downloads\BLK.pdf
2018-07-17 16:23 - 2018-07-17 16:23 - 000153882 _____ C:\Users\Milena\Downloads\Fidelity.pdf
2018-07-17 16:19 - 2018-07-17 16:19 - 001277112 _____ C:\Users\Milena\Downloads\HF.pdf
2018-07-17 16:04 - 2018-07-17 16:04 - 000025788 _____ C:\Users\Milena\Downloads\Lexi Carlitz_resume_3.pdf
2018-07-17 14:31 - 2018-07-17 14:31 - 000134034 _____ C:\Users\Milena\Downloads\Sample.bmp
2018-07-17 11:54 - 2018-07-17 11:54 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignae83ce0ea3c05f79
2018-07-17 11:54 - 2018-07-17 11:54 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign9ac07932b498f55c
2018-07-17 00:12 - 2018-07-17 00:12 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignc888afddabec7302
2018-07-17 00:12 - 2018-07-17 00:12 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign11f383a171f6ca9e
2018-07-16 23:27 - 2018-07-16 23:27 - 001889064 _____ C:\Users\Milena\Downloads\5849718E-2990-48B3-B113-828A162E52E5.jpeg
2018-07-16 18:16 - 2018-07-16 18:17 - 003171676 _____ C:\Users\Milena\Downloads\ImageMagazineTab (1).pdf
2018-07-16 17:08 - 2018-07-16 17:08 - 000327232 _____ C:\Users\Milena\Downloads\ImageDealsSample.pdf
2018-07-16 14:19 - 2018-07-16 14:19 - 000012773 _____ C:\Users\Milena\Downloads\11_8 inch.pdf
2018-07-16 12:52 - 2018-07-16 12:52 - 000058810 _____ C:\Users\Milena\Downloads\Lubalin Graph Regular.ttf
2018-07-16 09:38 - 2018-07-16 09:38 - 002016487 _____ C:\Users\Milena\Downloads\ImageMagazineCover (1).pdf
2018-07-16 09:24 - 2018-07-16 09:24 - 002016487 _____ C:\Users\Milena\Downloads\ImageMagazineCover.pdf
2018-07-16 09:24 - 2018-07-16 09:24 - 001959515 _____ C:\Users\Milena\Downloads\ImageMagazineTab.pdf
2018-07-12 21:06 - 2018-07-12 21:06 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsignaa1ec7aea6295a0b
2018-07-12 21:06 - 2018-07-12 21:06 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign5c4ff1ff8a48836a
2018-07-12 16:25 - 2018-07-12 16:25 - 027617000 _____ (Upwork, Inc ) C:\Users\Milena\Downloads\UpworkSetup(1).exe
2018-07-11 12:30 - 2018-07-11 12:30 - 057812744 _____ (Skype Technologies S.A.) C:\Users\Milena\Downloads\Skype-8.25.0.5.exe
2018-07-10 20:53 - 2018-07-10 20:53 - 000000441 _____ C:\Users\Milena\Downloads\mail.php
2018-07-10 20:52 - 2018-07-10 22:36 - 000013370 _____ C:\Users\Milena\Downloads\index.html
2018-07-10 20:13 - 2018-07-10 20:14 - 077567872 _____ C:\Users\Milena\Downloads\MONOPLAY.mp4
2018-07-10 17:44 - 2018-07-12 01:27 - 000000000 ____D C:\Users\Milena\Desktop\html5up-overflow - Copy
2018-07-10 17:15 - 2018-07-10 17:43 - 000000000 ____D C:\Users\Milena\Desktop\html5up-overflow
2018-07-10 17:15 - 2018-07-10 17:15 - 001704667 _____ C:\Users\Milena\Desktop\html5up-overflow.zip
2018-07-08 21:50 - 2018-07-08 21:50 - 000000000 ____D C:\Users\Milena\Downloads\fontawesome-free-5.1.0-web
2018-07-08 20:55 - 2018-07-08 20:55 - 009731899 _____ C:\Users\Milena\Downloads\fontawesome-free-5.1.0-web.zip
2018-07-07 13:11 - 2018-07-30 11:55 - 000000952 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-07-06 19:46 - 2018-07-06 19:46 - 020644589 _____ C:\Users\Milena\Downloads\Deep Purple [720p].mp4
2018-07-06 18:45 - 2018-07-06 18:45 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign5434227f661e5bbe
2018-07-06 18:45 - 2018-07-06 18:45 - 000000000 ____D C:\Users\Milena\AppData\Local\Tempzxpsign3d995829a1d4c3dd
2018-07-06 11:30 - 2018-07-06 11:30 - 001490081 _____ C:\Users\Milena\Downloads\Python_intezivna_obuka_program.pdf
2018-07-05 10:51 - 2018-07-05 10:52 - 013798026 _____ C:\Users\Milena\Downloads\italiano-2-0-0(1).zip
2018-07-04 18:00 - 2018-07-04 18:00 - 000000000 ____D C:\Users\Milena\Desktop\Za mamu
2018-07-03 13:52 - 2018-07-03 13:52 - 000200252 _____ C:\Users\Milena\Downloads\Livre Blanc - Design (1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-02 22:43 - 2017-09-02 22:11 - 000000000 ____D C:\Organic LF 2017
2018-08-02 22:05 - 2017-11-13 19:13 - 000000000 ____D C:\Users\Milena\AppData\LocalLow\Mozilla
2018-08-02 21:25 - 2017-11-14 03:22 - 000289507 ____N C:\Windows\Minidump\080218-21933-01.dmp
2018-08-02 21:20 - 2017-11-14 03:22 - 000289507 ____N C:\Windows\Minidump\080218-21715-01.dmp
2018-08-02 21:17 - 2017-11-14 03:22 - 000289507 _____ C:\DUMP28d4.tmp
2018-08-02 21:05 - 2017-11-21 19:20 - 000000000 ____D C:\Users\Milena\AppData\Local\CrashDumps
2018-08-02 20:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-02 20:56 - 2017-11-13 19:58 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-02 20:19 - 2017-11-13 20:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-02 19:25 - 2017-11-13 19:25 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-08-02 19:11 - 2017-11-20 14:48 - 000000000 ___SD C:\Users\Milena\AppData\LocalLow\Temp
2018-08-02 18:26 - 2017-11-20 14:21 - 000000000 ____D C:\Users\Milena\AppData\Roaming\onOne Software
2018-08-02 14:03 - 2017-11-20 14:21 - 000000000 ____D C:\ProgramData\onOne Software
2018-08-02 14:03 - 2017-11-20 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2018-08-02 14:02 - 2017-11-20 14:21 - 000000000 ____D C:\Program Files\onOne Software
2018-08-02 14:02 - 2017-11-20 14:21 - 000000000 ____D C:\Program Files (x86)\onOne Software
2018-08-02 12:26 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-02 12:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-02 12:22 - 2017-11-13 20:53 - 000000000 ____D C:\Users\Milena\AppData\Roaming\BitTorrent
2018-08-02 11:22 - 2017-11-13 19:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-08-02 10:49 - 2017-11-13 18:34 - 000000000 ____D C:\Users\Milena
2018-08-02 10:45 - 2018-05-28 18:14 - 001367858 _____ C:\Windows\ntbtlog.txt
2018-08-02 10:45 - 2017-11-26 18:56 - 000000000 ____D C:\Windows\Minidump
2018-08-02 10:45 - 2017-11-14 03:22 - 000289507 ____N C:\Windows\Minidump\080218-21278-01.dmp
2018-08-01 19:23 - 2017-11-13 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-08-01 01:41 - 2017-11-20 16:08 - 000000034 _____ C:\Users\Milena\AppData\Roaming\AdobeWLCMCache.dat
2018-07-31 20:19 - 2017-11-13 21:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-31 20:19 - 2017-11-13 21:42 - 000000000 ____D C:\Users\Milena\AppData\Local\Adobe
2018-07-31 08:02 - 2017-11-13 20:22 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2018-07-30 21:57 - 2009-07-14 06:45 - 007259656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-30 21:50 - 2018-05-16 09:24 - 000000051 _____ C:\Users\Milena\Desktop\Creative Team.txt
2018-07-30 11:55 - 2018-06-01 22:48 - 000000865 _____ C:\Users\Public\Desktop\Trelby.lnk
2018-07-28 22:20 - 2017-11-13 19:22 - 000352200 _____ C:\Users\Milena\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-28 13:58 - 2017-11-15 23:05 - 000000000 ____D C:\Users\Milena\AppData\Roaming\vlc
2018-07-28 02:34 - 2018-01-09 04:31 - 000002013 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-07-27 11:08 - 2017-11-13 19:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-25 14:05 - 2017-12-01 17:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-07-25 00:43 - 2017-11-14 01:14 - 000000132 _____ C:\Users\Milena\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-07-23 20:34 - 2017-11-13 19:25 - 000458024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-07-21 12:26 - 2017-11-13 19:19 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-20 14:58 - 2018-05-21 09:15 - 000126976 ___SH C:\Users\Milena\Documents\Thumbs.db
2018-07-18 17:17 - 2017-11-20 15:16 - 000000000 ____D C:\Users\Milena\Downloads\OnOne PhotoTools Professional Edition 2.6.5 Setup + Key
2018-07-17 12:33 - 2017-11-13 19:25 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000203544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000189544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000152016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-07-17 12:33 - 2017-11-13 19:25 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-07-12 16:26 - 2017-11-15 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Upwork
2018-07-12 16:26 - 2017-11-15 18:04 - 000000000 ____D C:\Program Files (x86)\Upwork
2018-07-12 13:23 - 2018-06-03 21:58 - 000000000 ____D C:\Users\Milena\Desktop\Photoshop Styles
2018-07-11 12:31 - 2017-11-26 21:48 - 000001343 _____ C:\Users\Public\Desktop\Skype.lnk
2018-07-11 12:31 - 2017-11-13 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-10 16:02 - 2017-11-14 01:54 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-10 16:01 - 2017-11-14 01:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-11-18 15:41 - 2017-11-18 15:41 - 000000132 _____ () C:\Users\Milena\AppData\Roaming\Adobe BMP Format CS6 Prefs
2018-03-19 15:14 - 2018-03-19 15:14 - 000000132 _____ () C:\Users\Milena\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2017-11-14 01:14 - 2018-07-25 00:43 - 000000132 _____ () C:\Users\Milena\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-11-20 16:08 - 2018-08-01 01:41 - 000000034 _____ () C:\Users\Milena\AppData\Roaming\AdobeWLCMCache.dat
2017-12-05 00:31 - 2017-12-05 00:32 - 000001456 _____ () C:\Users\Milena\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-07-21 12:25 - 2018-07-21 12:25 - 000000003 _____ () C:\Users\Milena\AppData\Local\wbem.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 05:24] - [2017-11-13 18:33] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 05:24] - [2017-11-13 18:33] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-27 06:28

==================== End of FRST.txt ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Deinstaliraj AVG i ostali zaštitni softver tako da ti na kraju ostane samo Avast, MBAM i Zemana. Kad to obaviš uradi sljedeće:

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

FF user.js: detected! => C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\user.js [2017-06-30]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{04EF7F64-C9E7-4834-9E2B-96CB4E59C604}: [DhcpNameServer] 192.168.1.1 0.0.0.0



U okviru Notepad-a klikni na File --> Save As
Pod Encoding izaberi UTF-8.
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

offline
  • Pridružio: 08 Apr 2012
  • Poruke: 34

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Milena (02-08-2018 12:10:57) Run:2
Running from C:\Users\Milena\Desktop
Loaded Profiles: Milena (Available Profiles: Milena)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
FF user.js: detected! => C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\user.js [2017-06-30]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{04EF7F64-C9E7-4834-9E2B-96CB4E59C604}: [DhcpNameServer] 192.168.1.1 0.0.0.0
*****************

C:\Users\Milena\AppData\Roaming\Mozilla\Firefox\Profiles\aw4ypeg2.default\user.js => moved successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{04EF7F64-C9E7-4834-9E2B-96CB4E59C604}\\DhcpNameServer" => removed successfully

==== End of Fixlog 12:11:22 ====

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Kakvo je sad stanje?

Ko je trenutno na forumu
 

Ukupno su 542 korisnika na forumu :: 6 registrovanih, 1 sakriven i 535 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Ageofloneliness, bigfoot, Nobunaga, samsung, SlaKoj, voja64