MyCity » Ambulanta » Discord virus se pojavio

Discord virus se pojavio

Napisano na dan: 23.2.2022

Discord virus se pojavio

Idi na vrh

Poslao: 23 Feb 2022 01:06
Idi na vrh
offline
  • Istrazivanje Windowsa
  • Pridružio: 12 Jul 2012
  • Poruke: 1023

Poštovani, evo mene posle nekog vremena. Naime, moj brat je nešto skinuo na njegovom računaru (3d maks ili nešto a zna se i odakle...) i pokupio je neki virus. Sad taj virus je krenuo na njegov discord profil da šalje svima poruke kako ima neku igru i trebaju ljudi da testiraju. On je promenio sve šifre, izbrisao diskord i obrisao i svoj nalog da se više ne može koristiti. E sad problem je što je to zahvatilo bilo i moj nalog (jer sam ostao prijavljen na tom računaru). Sva sreća pa sam to brzo rešio i sve promenio takođe.

Sad je samo pitanje, ako je moguće da pregledate fajlove i vidite da li postoji još nešto što je prikačeno i što ugrožava računar. Skenirano je sa malwarebytes ali za svaki slučaj ako može tim stručnjaka.

Hvala vam mnogo!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Ran by Slavko (administrator) on DESKTOP-PEMFTDL (MSI MS-7996) (23-02-2022 00:31:35)
Running from C:\Users\Slavko\Downloads
Loaded Profiles: Slavko
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1526 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_4679307373cc67bf\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe <2>
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe [1211184 2020-12-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1270988271-3639673157-1172446219-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1270988271-3639673157-1172446219-1001\...\MountPoints2: D - "D:\setup_fallout_new_vegas_1.4.0.525_(12010).exe"
HKU\S-1-5-21-1270988271-3639673157-1172446219-1001\...\MountPoints2: F - "F:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Token Manager.lnk [2022-02-21]
ShortcutTarget: Token Manager.lnk -> C:\Program Files\TrustEdgeID\TokenUtil.exe (NetSeT Global Solutions d.o.o.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11943740-2DD1-40AC-851B-9A64F74685F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-05] (Google LLC -> Google LLC)
Task: {13B7036A-F5E4-41DB-AF90-E460EA9270AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-05] (Google LLC -> Google LLC)
Task: {7FB67DD3-8BBB-46ED-9B6C-CC5AB577978D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {855C9DDA-2F8C-4032-822D-B1CA61C215D0} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {D94B82D8-170A-472F-8608-CC5D4C698E28} - System32\Tasks\RemoteDesktop\Slavko\Remote Desktop Feed Refresh Task => C:\Users\Slavko\AppData\Local\Apps\Remote Desktop\msrdcw.exe [9359272 2022-02-14] (Microsoft Corporation -> Microsoft)
Task: {E1694ED8-B311-4E92-A063-F5C389740425} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 15 C:\Windows\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{d8792909-5506-4e57-b835-cb72139492ad}: [DhcpNameServer] 89.216.1.30 89.216.1.50

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Slavko\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-06]

FireFox:
========
FF DefaultProfile: 5gpg45va.default
FF ProfilePath: C:\Users\Slavko\AppData\Roaming\Mozilla\Firefox\Profiles\5gpg45va.default [2021-11-05]
FF ProfilePath: C:\Users\Slavko\AppData\Roaming\Mozilla\Firefox\Profiles\evntl58s.default-release [2022-02-22]
FF Homepage: Mozilla\Firefox\Profiles\evntl58s.default-release -> hxxps://www.google.com/?gws_rd=ssl
FF Extension: (uBlock Origin) - C:\Users\Slavko\AppData\Roaming\Mozilla\Firefox\Profiles\evntl58s.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-11-25]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default [2022-02-23]
CHR Extension: (Slides) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-05]
CHR Extension: (Docs) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-05]
CHR Extension: (Google Drive) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-05]
CHR Extension: (YouTube) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-05]
CHR Extension: (uBlock Origin) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-02-11]
CHR Extension: (Sheets) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-05]
CHR Extension: (Google Docs Offline) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-05]
CHR Extension: (Gmail) - C:\Users\Slavko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901960 2022-01-13] (BattlEye Innovations e.K. -> )
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-22] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557656 2021-11-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476184 2021-11-24] (Electronic Arts, Inc. -> Electronic Arts)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2021-11-20] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-20] (PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_4679307373cc67bf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdsi.inf_amd64_4679307373cc67bf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221096 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [194480 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-02-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [156792 2022-02-22] (Malwarebytes Inc -> Malwarebytes)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [67072 2021-10-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2522256 2022-01-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 MpKsl5d722527; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8E6A0412-32E3-4383-9330-35E547E4CF91}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-23 00:31 - 2022-02-23 00:33 - 000014516 _____ C:\Users\Slavko\Downloads\FRST.txt
2022-02-23 00:30 - 2022-02-23 00:32 - 000000000 ____D C:\FRST
2022-02-23 00:30 - 2022-02-23 00:30 - 002312192 _____ (Farbar) C:\Users\Slavko\Downloads\FRST64.exe
2022-02-22 23:09 - 2022-02-22 23:09 - 000000000 ____D C:\Users\Slavko\AppData\Local\CrashDumps
2022-02-22 23:08 - 2022-02-22 23:08 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-02-22 23:08 - 2022-02-22 23:08 - 000221096 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-02-22 23:08 - 2022-02-22 23:08 - 000194480 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-02-22 23:08 - 2022-02-22 23:08 - 000156792 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-02-22 23:08 - 2022-02-22 23:08 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-02-22 23:08 - 2022-02-22 23:08 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-22 23:08 - 2022-02-22 23:08 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-22 23:08 - 2022-02-22 23:08 - 000000000 ____D C:\Users\Slavko\AppData\LocalLow\IGDump
2022-02-22 23:08 - 2022-02-22 23:08 - 000000000 ____D C:\Users\Slavko\AppData\Local\mbam
2022-02-22 23:08 - 2022-02-22 23:07 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-02-22 23:08 - 2022-02-22 23:07 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-02-22 23:07 - 2022-02-22 23:07 - 002419896 _____ (Malwarebytes) C:\Users\Slavko\Downloads\MBSetup.exe
2022-02-22 23:07 - 2022-02-22 23:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-22 23:07 - 2022-02-22 23:07 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-22 19:58 - 2022-02-22 19:58 - 000000000 ____D C:\Users\Slavko\Desktop\New folder
2022-02-22 19:18 - 2022-02-22 19:19 - 000000000 ____D C:\Users\Slavko\Desktop\project 1
2022-02-21 21:39 - 2022-02-21 21:39 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-02-21 21:11 - 2022-02-21 21:11 - 000000000 ____D C:\Users\Slavko\Autodesk
2022-02-21 21:11 - 2022-02-21 21:11 - 000000000 ____D C:\Users\Slavko\AppData\Roaming\NVIDIA
2022-02-21 21:08 - 2022-02-21 21:08 - 000000000 ____D C:\ProgramData\FLEXnet
2022-02-21 21:05 - 2022-02-22 19:19 - 000000000 ____D C:\Users\Slavko\Documents\3dsMax
2022-02-21 21:04 - 2022-02-21 21:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2017.0
2022-02-21 21:04 - 2022-02-21 21:04 - 000000000 ____D C:\Program Files (x86)\Autodesk
2022-02-21 21:01 - 2022-02-21 21:01 - 000002039 _____ C:\Users\Public\Desktop\3ds Max 2017.lnk
2022-02-21 21:01 - 2022-02-21 21:01 - 000000000 ____D C:\Program Files\Autodesk
2022-02-21 20:58 - 2022-02-21 21:05 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2022-02-21 20:58 - 2022-02-21 20:58 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2022-02-21 20:57 - 2022-02-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2022-02-21 20:55 - 2022-02-21 21:11 - 000000000 ____D C:\Users\Slavko\AppData\Roaming\Autodesk
2022-02-21 20:55 - 2022-02-21 21:10 - 000000000 ____D C:\ProgramData\Autodesk
2022-02-21 20:31 - 2022-02-21 20:31 - 000000000 ____D C:\Users\Slavko\AppData\Local\Yandex
2022-02-21 20:27 - 2022-02-21 21:11 - 000000000 ____D C:\Users\Slavko\AppData\Local\Autodesk
2022-02-21 15:19 - 2022-02-21 16:18 - 000000010 _____ C:\Users\Slavko\Desktop\New Text Document (3).txt
2022-02-21 11:50 - 2022-02-21 11:51 - 000321123 _____ C:\Users\Slavko\Downloads\Slavko Radic Annex 3.pdf
2022-02-21 11:47 - 2022-02-21 11:47 - 003686400 _____ C:\Users\Slavko\Downloads\TrustEdgeID_x64.msi
2022-02-21 11:47 - 2022-02-21 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrustEdgeID
2022-02-21 11:47 - 2022-02-21 11:47 - 000000000 ____D C:\Program Files\TrustEdgeID
2022-02-21 11:46 - 2022-02-21 11:46 - 013152985 _____ C:\Users\Slavko\Downloads\Visual+C+++2015-2019+x64.7z
2022-02-21 11:42 - 2022-02-21 11:42 - 000267622 _____ C:\Users\Slavko\Downloads\Slavko Radic Offer for Annex 3 (1).pdf
2022-02-21 11:42 - 2022-02-21 11:42 - 000000000 ____D C:\Users\Slavko\AppData\LocalLow\Adobe
2022-02-21 11:42 - 2022-02-21 11:42 - 000000000 ____D C:\Users\Slavko\AppData\Local\SolidDocuments
2022-02-21 11:39 - 2022-02-21 11:39 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-02-21 11:38 - 2022-02-21 11:42 - 000000000 ____D C:\ProgramData\Adobe
2022-02-21 11:38 - 2022-02-21 11:38 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-02-21 11:38 - 2022-02-21 11:38 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-02-21 11:38 - 2022-02-21 11:38 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-02-21 11:38 - 2022-02-21 11:38 - 000000000 ____D C:\Program Files\Adobe
2022-02-21 11:36 - 2022-02-21 15:29 - 000000000 ____D C:\Users\Slavko\AppData\Local\Adobe
2022-02-21 11:35 - 2022-02-21 11:49 - 000311167 _____ C:\Users\Slavko\Downloads\Slavko Radic Offer for Annex 3.pdf
2022-02-21 11:34 - 2022-02-21 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUP RS
2022-02-21 11:34 - 2022-02-21 11:34 - 000000000 ____D C:\Program Files\MUP RS
2022-02-21 11:33 - 2022-02-21 11:33 - 002826240 _____ C:\Users\Slavko\Downloads\Celik64bit.msi
2022-02-17 12:17 - 2022-02-17 12:17 - 000000004 _____ C:\Users\Slavko\Desktop\lk.txt
2022-02-11 09:24 - 2022-02-11 09:24 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-02-11 09:24 - 2022-02-11 09:24 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2022-02-11 09:24 - 2022-02-11 09:24 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-02-11 09:24 - 2022-02-11 09:24 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-02-11 09:24 - 2022-02-11 09:24 - 000011813 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-02-11 09:19 - 2022-02-11 09:19 - 000000000 ___HD C:\$WinREAgent
2022-02-09 12:55 - 2022-02-09 13:21 - 000000022 _____ C:\Users\Slavko\Desktop\New Text Document (2).txt
2022-02-04 11:55 - 2022-02-19 09:31 - 000000000 ____D C:\Users\Slavko\AppData\Roaming\Spotify
2022-02-04 11:55 - 2022-02-19 08:09 - 000000000 ____D C:\Users\Slavko\AppData\Local\Spotify
2022-02-04 11:55 - 2022-02-04 11:55 - 000726552 _____ (Spotify Ltd) C:\Users\Slavko\Downloads\SpotifySetup.exe
2022-02-04 11:55 - 2022-02-04 11:55 - 000001855 _____ C:\Users\Slavko\Desktop\Spotify.lnk
2022-02-04 11:55 - 2022-02-04 11:55 - 000001841 _____ C:\Users\Slavko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-23 00:10 - 2021-11-05 14:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-22 23:55 - 2021-11-05 15:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-02-22 23:27 - 2021-11-05 14:30 - 000000000 ____D C:\Users\Slavko\AppData\LocalLow\Mozilla
2022-02-22 23:26 - 2021-11-09 06:04 - 000000000 ____D C:\Users\Slavko\AppData\Local\rdclientwpf
2022-02-22 23:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-02-22 21:40 - 2021-11-08 08:52 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-22 20:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-22 14:02 - 2021-11-05 14:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-21 23:00 - 2021-11-05 15:41 - 000000000 ____D C:\Users\Slavko\AppData\Roaming\qBittorrent
2022-02-21 23:00 - 2021-11-05 14:23 - 000000000 ____D C:\Users\Slavko
2022-02-21 20:28 - 2021-11-15 12:37 - 000000000 ____D C:\Users\Slavko\AppData\Roaming\Code
2022-02-21 15:09 - 2021-11-05 14:23 - 000845274 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-21 15:09 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-02-21 15:04 - 2021-11-05 15:35 - 000000000 ____D C:\ProgramData\VMware
2022-02-21 15:04 - 2021-11-05 15:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-21 15:04 - 2021-11-05 15:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-21 11:42 - 2021-11-05 14:24 - 000000000 ____D C:\Users\Slavko\AppData\Roaming\Adobe
2022-02-21 11:42 - 2021-11-05 14:24 - 000000000 ____D C:\Users\Slavko\AppData\Local\Packages
2022-02-19 06:30 - 2021-11-05 14:24 - 000000000 ____D C:\Users\Slavko\AppData\Local\D3DSCache
2022-02-19 06:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-02-19 05:56 - 2021-11-05 21:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-18 23:49 - 2021-11-05 15:17 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-18 23:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-16 21:25 - 2021-12-12 23:59 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1270988271-3639673157-1172446219-1001
2022-02-16 21:25 - 2021-11-05 14:26 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270988271-3639673157-1172446219-1001
2022-02-16 21:25 - 2021-11-05 14:23 - 000002386 _____ C:\Users\Slavko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-16 00:50 - 2021-11-09 06:04 - 000002473 _____ C:\Users\Slavko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop.lnk
2022-02-16 00:50 - 2021-11-09 06:04 - 000000000 ____D C:\Users\Slavko\AppData\Local\Apps\Remote Desktop
2022-02-15 00:31 - 2021-11-05 14:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-15 00:31 - 2021-11-05 14:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-11 15:45 - 2021-11-05 15:16 - 000360256 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-11 15:45 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-02-11 15:44 - 2019-12-07 15:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-02-11 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-02-11 15:44 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2022-02-11 09:27 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-02-11 09:24 - 2021-11-05 14:20 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-02-11 09:19 - 2021-11-05 20:56 - 000000000 ____D C:\Windows\system32\MRT
2022-02-11 09:17 - 2021-11-05 20:56 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-02-11 06:32 - 2021-11-08 07:08 - 000002373 _____ C:\Users\Slavko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-02-11 06:32 - 2021-11-08 07:08 - 000002365 _____ C:\Users\Slavko\Desktop\Microsoft Teams.lnk
2022-02-11 01:41 - 2021-11-05 15:15 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-10 23:53 - 2021-12-25 15:29 - 000000000 ____D C:\Users\Slavko\Documents\The Witcher 3
2022-02-10 08:05 - 2021-11-05 15:17 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-01-28 05:59 - 2021-11-05 15:17 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 05:59 - 2021-11-05 15:17 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-24 01:39 - 2021-11-08 18:52 - 000000000 ____D C:\Program Files\Common Files\PUBG

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


https://www.mycity.rs/must-login.png

Poslao: 24 Feb 2022 15:23
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo,

nista sporno ne vidim.

Pozdrav.

Poslao: 24 Feb 2022 18:02
Idi na vrh
offline
  • Istrazivanje Windowsa
  • Pridružio: 12 Jul 2012
  • Poruke: 1023

Hvala na pomoći, sad znam da sam čist.

MyCity » Ambulanta » Discord virus se pojavio

Ko je trenutno na forumu
 

Ukupno su 568 korisnika na forumu :: 14 registrovanih, 0 sakrivenih i 554 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, A.R.Chafee.Jr., bojcistv, dekan.m, Georgius, Istman, kihot, MB120mm, ruso, samsung, SR-3m, yrraf, zziko