offline
- Blue
- Elitni građanin
- Pridružio: 06 Avg 2003
- Poruke: 2214
|
Napisano: 12 Jun 2020 20:26
Pokupio sam neko smece uz program za dijagnostiku automobila ,... natrpao je sigurno neko smece, vidljivo za mene je pustanje muzike u pozadini nasumicno bez pravila , ako moze help za matorog clana...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version 06-06-2020
Ran by Blue (administrator) on DESKTOP-R1I7CJ2 (LENOVO 81V5) (12-06-2020 212150)
Running from C\Users\Blue\Downloads
Loaded Profiles Blue
Platform Windows 10 Pro Version 1903 18362.657 (X64) Language English (United States)
Default browser Chrome
Boot Mode Normal
Tutorial for Farbar Recovery Scan Tool http//www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C\Program Files\DAEMON Tools Lite\DTAgent.exe
(Dolby Laboratories, Inc. -> ) C\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C\Users\Blue\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> ) C\Program Files (x86)\Lenovo\System Update\SUService.exe
(Mechanic & Sound Breeder) [File not signed] C\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Microsoft Corporation) C\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C\Windows\System32\FMAPP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C\Windows\System32\drivers\AdminService.exe
(Nero AG -> Nero AG) C\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run [RtkAudUService] => C\Windows\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run [AvastUI.exe] => "C\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\...\RunOnce [2w1jqcmp5ft] => C\Program Files (x86)\Bod\749095523.exe [567808 2020-06-12] () [File not signed]
HKLM\...\Policies\Explorer [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Restriction <==== ATTENTION
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\Run [utweb] => "C\Users\Blue\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\Run [DAEMON Tools Lite Automount] => C\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\Run [uTorrent] => C\Users\Blue\AppData\Roaming\uTorrent\uTorrent.exe [1893104 2020-05-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\Run [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG -> Nero AG)
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\Run [SettingVCP] => C\Program Files (x86)\SettingVCP\SettingVCP.exe [2839040 2010-09-27] (Drapas) [File not signed]
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\MountPoints2 {5c793eb5-74fb-11ea-a805-1063c86420e0} - "D\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\MountPoints2 {928eb333-7ed2-11ea-a83d-1063c86420e0} - "D\AutoRun.exe"
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\...\MountPoints2 {9b72e8f5-4b5c-11ea-a75f-1063c86420e0} - "H\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-09] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task {04167C8E-B795-49AB-AC64-5903D8F150C1} - System32\Tasks\StartDVR => C\Program Files\AMD\CNext\CNext\dvrcmd.exe [65216 2019-07-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task {08E571BB-2C67-4660-944B-6E33F42EC88E} - System32\Tasks\windowupdate => C\Windows\lsa.exe
Task {1E6074D0-ECE4-42E6-AD0C-47046CBB0D34} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C\Windows\system32\winrmsrv.exe [731136 2020-02-15] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task {2FCB0CE1-8ABA-4CD2-8123-AA9F7347D977} - System32\Tasks\Avast Emergency Update => C\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task {397F08DC-E5B5-48C9-AF4D-AB8169D9B3B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C\Program Files (x86)\Google\Update\GoogleUpdate.exe [1314304 2020-06-12] (Mechanic & Sound Breeder) [File not signed]
Task {4310E034-D615-4273-8E74-32AA91AD1500} - System32\Tasks\TVT\TVSUUpdateTask => C\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-03-31] (Lenovo -> )
Task {54BDC631-3418-45D4-A1B6-C560BD078A9F} - System32\Tasks\Avast Software\Overseer => C\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task {715BE369-B2CB-43B0-ADEB-D5C7792BE9A0} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task {7805A133-02F9-42B4-9469-4481D6456EE6} - System32\Tasks\microsoft\windows\windowsupdate\clean => cmd.exe /c attrib -h -s C\Users\Blue\AppData\Roaming\*.exe & attrib -h -s C\Users\Blue\AppData\Roaming\*.bat & del C\Users\Blue\AppData\Roaming\*.bat & del C\Users\Blue\AppData\Roaming\svchosts.exe
Task {94D42E77-1CF3-477D-B5E3-21D97FE54A80} - System32\Tasks\npcapwatchdog => C\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task {9E8745CF-4E4E-4A27-ABBB-9996A6D313DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C\Program Files (x86)\Google\Update\GoogleUpdate.exe [1314304 2020-06-12] (Mechanic & Sound Breeder) [File not signed]
Task {AA4533FF-943B-4220-80CA-194392BD8462} - System32\Tasks\klcp_update => C\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-02-26] () [File not signed]
Task {AE71387C-0157-4E1B-A016-4515EC5648BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1944725463-1506611765-1627624707-1002 => C\Users\Blue\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87848 2020-06-05] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task {BBFB1C13-5ECA-4BEC-B142-0DA30D726CEA} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-03-31] (Lenovo -> )
Task {CD5EE458-065E-4BF9-8B44-531126916ABB} - System32\Tasks\microsoft\windows\windowsupdate\Windows Update => wscript.exe C\Users\Blue\AppData\Roaming\d.vbs hxxp//usa-m.duckdns.org48565/svchost.ccp C\Users\Blue\AppData\Roaming\svchosts.exe //B
Task {CEDD3CBB-589C-4624-9DDC-F9E4380429AB} - System32\Tasks\StartCN => C\Program Files\AMD\CNext\CNext\cncmd.exe [50368 2019-07-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task {DB071CBD-6D00-4756-B48B-A09EE1AB3F2E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task {DBB9612E-0F95-448B-AF69-0AA3C59B042B} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C\Windows\system32\winlogui.exe [750592 2020-02-15] (Microsoft Corporation) [File not signed]
Task {F4DC70E6-4D7E-4486-8DE5-0C77310B3A66} - System32\Tasks\microsoft\windows\windowsupdate\Windows Update Verifier => wscript.exe C\Users\Blue\AppData\Roaming\h.vbs C\Users\Blue\AppData\Roaming\2.bat //B
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task C\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{9358c612-1577-4912-8325-8e29ce9f476c} [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{a72e1bbf-ba52-4f71-9179-dd870605c79d} [DhcpNameServer] 178.79.42.53 178.79.20.3
Internet Explorer
==================
HKU\S-1-5-21-1944725463-1506611765-1627624707-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps//securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-02-06 061941&bName=
BHO Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32 Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32 Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
FireFox
========
FF Plugin @microsoft.com/OfficeAuthz,version=14.0 -> C\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32 @microsoft.com/OfficeAuthz,version=14.0 -> C\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32 @microsoft.com/SharePoint,version=14.0 -> C\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
Chrome
=======
CHR DefaultProfile Default
CHR Profile C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default [2020-06-12]
CHR Notifications Default -> hxxp//127.0.0.1; hxxps//ouo.io; hxxps//tinder.com; hxxps//www.klikdoposla.com; hxxps//www.mojauto.rs
CHR HomePage Default -> hxxp//www.google.com
CHR DefaultSearchURL Default -> hxxps//searchpowerapp.com/results.php?p=9104&v=401&q={searchTerms}&source=default
CHR DefaultSuggestURL Default -> hxxps//searchpowerapp.com/gjson.php?q={searchTerms}
CHR Extension (Pop up blocker for Chrome™ - Poper Blocker) - C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-02-06]
CHR Extension (FromDocToPDF) - C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\doibabjiapabnfibohiinbmjjblnlioi [2020-05-17]
CHR Extension (Secure) - C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegobdgaleabbgedpepjbamjahnbbked [2020-02-09]
CHR Extension (AdBlock — best ad blocker) - C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-12]
CHR Extension (Chrome Web Store Payments) - C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-06]
CHR Extension (Chrome Media Router) - C\Users\Blue\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe [508000 2019-09-19] (Advanced Micro Devices, Inc. -> AMD)
S3 aspnet_state; C\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2003-02-20] (Microsoft Corporation) [File not signed]
R2 AtherosSvc; C\Windows\System32\drivers\AdminService.exe [387192 2019-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Disc Soft Lite Bus Service; C\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
S2 FlexGridService; C\ProgramData\FlexGridService\FlexGridService.exe [1314304 2020-06-12] (Mechanic & Sound Breeder) [File not signed] <==== ATTENTION
R2 FMAPOService; C\Windows\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 gupdate; C\Program Files (x86)\Google\Update\GoogleUpdate.exe [1314304 2020-06-12] (Mechanic & Sound Breeder) [File not signed]
S3 gupdatem; C\Program Files (x86)\Google\Update\GoogleUpdate.exe [1314304 2020-06-12] (Mechanic & Sound Breeder) [File not signed]
R3 NMIndexingService; C\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG -> Nero AG)
R2 QcomWlanSrv; C\Windows\System32\drivers\QcomWlanSrvx64.exe [191768 2019-07-19] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S3 WdNisSvc; C\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 wuauserv; C\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 aswbIDSAgent; "C\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S2 AvastWscReporter; "C\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
S2 Previous Versions Library; C\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C\Windows\INF\PNRPSvc\0409\0301\PNRP.ps1
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdacpbus; C\Windows\System32\drivers\amdacpbus.sys [1368696 2019-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdacpksl; C\Windows\system32\drivers\amdacpksl.sys [351536 2019-09-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504 2019-09-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-09-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C\Windows\System32\drivers\amdpsp.sys [138064 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C\Windows\System32\drivers\aswArDisk.sys [37616 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C\Windows\System32\drivers\aswArPot.sys [204824 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C\Windows\System32\drivers\aswbidsdriver.sys [274456 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C\Windows\System32\drivers\aswbidsh.sys [209552 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C\Windows\System32\drivers\aswbuniv.sys [65120 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C\Windows\System32\drivers\aswElam.sys [16304 2020-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C\Windows\System32\drivers\aswHdsKe.sys [276952 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C\Windows\System32\drivers\aswKbd.sys [42736 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C\Windows\System32\drivers\aswMonFlt.sys [161544 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C\Windows\System32\drivers\aswRdr2.sys [110320 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C\Windows\System32\drivers\aswRvrt.sys [83792 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C\Windows\System32\drivers\aswSnx.sys [848432 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C\Windows\System32\drivers\aswSP.sys [460448 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C\Windows\System32\drivers\aswStm.sys [236024 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C\Windows\System32\drivers\aswVmm.sys [316528 2020-02-06] (AVAST Software s.r.o. -> AVAST Software)
S3 athur; C\Windows\System32\drivers\athuw8x.sys [3744256 2012-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 BtFilter; C\Windows\System32\drivers\btfilter.sys [83432 2019-11-04] (Qualcomm Atheros -> Qualcomm)
R3 dtlitescsibus; C\Windows\System32\drivers\dtlitescsibus.sys [42256 2020-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C\Windows\System32\drivers\dtliteusbbus.sys [59360 2020-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ETDHCF; C\Windows\System32\drivers\ETDHCF.sys [30144 2019-09-25] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R1 npcap; C\Windows\system32\DRIVERS\npcap.sys [69952 2020-02-03] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 Qcamain10x64; C\Windows\System32\drivers\Qcamain10x64.sys [2432488 2019-07-19] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
S3 WdBoot; C\Windows\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C\Windows\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath
S3 TDKLIB; \??\C\Users\Blue\AppData\Local\Temp\TdkLib64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-12 2120 - 2020-06-12 2120 - 002289152 _____ (Farbar) C\Users\Blue\Downloads\FRST64 (1).exe
2020-06-12 2118 - 2020-06-12 2118 - 000032012 _____ C\Users\Blue\Downloads\Addition.txt
2020-06-12 2117 - 2020-06-12 2122 - 000020474 _____ C\Users\Blue\Downloads\FRST.txt
2020-06-12 2117 - 2020-06-12 2122 - 000000000 ____D C\FRST
2020-06-12 2116 - 2020-06-12 2117 - 002289152 _____ (Farbar) C\Users\Blue\Downloads\FRST64.exe
2020-06-12 2116 - 2020-06-12 2116 - 001802704 _____ (Bleeping Computer, LLC) C\Users\Blue\Downloads\rkill.exe
2020-06-12 2116 - 2020-06-12 2116 - 000002252 _____ C\Users\Blue\Desktop\Rkill.txt
2020-06-12 2107 - 2020-06-12 2108 - 000000000 ____D C\AdwCleaner
2020-06-12 2107 - 2020-06-12 2107 - 008402608 _____ (Malwarebytes) C\Users\Blue\Downloads\AdwCleaner.exe
2020-06-12 2103 - 2020-06-12 2122 - 000000004 _____ C\ProgramData\rc.dat
2020-06-12 2102 - 2020-06-12 2116 - 000000004 _____ C\ProgramData\lock.dat
2020-06-12 2102 - 2020-06-12 2112 - 000000020 _____ C\ProgramData\irw.atsd
2020-06-12 2102 - 2020-06-12 2102 - 000000008 _____ C\ProgramData\ts.dat
2020-06-12 2059 - 2020-06-12 2059 - 000000000 ____D C\ProgramData\FlexGridService
2020-06-12 2057 - 2020-06-12 2106 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\Musicnizer
2020-06-12 2057 - 2020-06-12 2057 - 000000000 ____D C\Users\Blue\Documents\Musicnizer
2020-06-12 2057 - 2020-06-12 2057 - 000000000 ____D C\Users\Blue\AppData\Roaming\Musicnizer
2020-06-12 2057 - 2020-06-12 2057 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\Abyssmedia
2020-06-12 2057 - 2020-06-12 2057 - 000000000 ____D C\Program Files (x86)\Musicnizer
2020-06-12 2057 - 2020-06-12 2057 - 000000000 ____D C\Program Files (x86)\Bod
2020-06-12 2057 - 2020-06-12 2057 - 000000000 ____D C\Program Files (x86)\Abyssmedia
2020-06-12 2056 - 2020-06-12 2056 - 005022637 _____ C\Users\Blue\Downloads\setup_vw software obd2_9222246210.zip
2020-06-12 2052 - 2020-06-12 2103 - 000000000 ____D C\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBD-II Software
2020-06-12 2051 - 2020-06-12 2051 - 000001064 _____ C\Users\Public\Desktop\FORScan.lnk
2020-06-12 2051 - 2020-06-12 2051 - 000001064 _____ C\ProgramData\Desktop\FORScan.lnk
2020-06-12 2051 - 2020-06-12 2051 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\FORScan
2020-06-12 2051 - 2020-06-12 2051 - 000000000 ____D C\Program Files (x86)\FORScan
2020-06-12 2050 - 2020-06-12 2050 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\SettingVCP
2020-06-12 2050 - 2020-06-12 2050 - 000000000 ____D C\Program Files (x86)\SettingVCP
2020-06-12 2049 - 2020-06-12 2049 - 000000000 ____D C\Users\Blue\Desktop\New folder
2020-06-12 2045 - 2020-06-12 2045 - 003874544 _____ C\Users\Blue\Downloads\CP210x_VCP_Windows.zip
2020-06-12 2045 - 2020-06-12 2045 - 000000000 ____D C\Users\Blue\Desktop\CP210x_VCP_Windows
2020-06-12 1905 - 2020-06-12 1905 - 000002260 _____ C\Users\Blue\Desktop\OBD-II ScanMaster Freeware.lnk
2020-06-12 1905 - 2020-06-12 1905 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\OBD-II ScanMaster Freeware Edition
2020-06-12 1905 - 2020-06-12 1905 - 000000000 ____D C\Program Files (x86)\WGSoft
2020-06-12 1905 - 2005-08-10 2057 - 000813356 _____ (WGSoft.de ) C\Users\Blue\Desktop\ScanMasterFree0.4.0.0.exe
2020-06-12 1903 - 2020-06-12 2050 - 000000000 ____D C\Users\Blue\AppData\Local\ApplicationHistory
2020-06-12 1903 - 2020-06-12 1903 - 000828496 _____ C\Windows\SysWOW64\PerfStringBackup.INI
2020-06-12 1903 - 2020-06-12 1903 - 000002139 _____ C\Users\Public\Desktop\Digimoto 3.7.lnk
2020-06-12 1903 - 2020-06-12 1903 - 000002139 _____ C\ProgramData\Desktop\Digimoto 3.7.lnk
2020-06-12 1903 - 2020-06-12 1903 - 000000092 _____ C\Users\Blue\AppData\Local\fusioncache.dat
2020-06-12 1903 - 2020-06-12 1903 - 000000000 ____D C\Windows\Downloaded Installations
2020-06-12 1903 - 2020-06-12 1903 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\Digimoto
2020-06-12 1903 - 2020-06-12 1903 - 000000000 ____D C\Program Files (x86)\Digimoto
2020-06-12 1902 - 2020-06-12 1902 - 000000000 ____D C\Windows\SysWOW64\URTTEMP
2020-06-12 1859 - 2020-06-12 2055 - 000003066 _____ C\Users\Blue\scanxlpro.cfg
2020-06-12 1856 - 2020-06-12 2052 - 000000000 ____D C\Users\Blue\Desktop\ScanXL™ Professional v3.5.1
2020-06-12 1856 - 2020-06-12 2048 - 000000000 ____D C\Program Files (x86)\ScanXLPro
2020-06-12 1856 - 2020-06-12 1857 - 000009216 _____ C\ProgramData\ppe_fleetdb.vdb
2020-06-12 1856 - 2020-06-12 1856 - 000000000 ____D C\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScanXL Professional
2020-06-12 1120 - 2020-06-12 1120 - 000053845 _____ C\Users\Blue\Downloads\admiraly_rajona_.2020.torrent
2020-06-12 1120 - 2020-06-12 1120 - 000028258 _____ C\Users\Blue\Downloads\mir_druzhba_zhvachka_2020.torrent
2020-06-12 1120 - 2020-06-12 1120 - 000016049 _____ C\Users\Blue\Downloads\mertvue.lastochki.2018.torrent
2020-06-12 1113 - 2020-06-12 1113 - 000015083 _____ C\Users\Blue\Downloads\Hard Anal Workout XXX DVDRip x264-CiCXXX-[rarbg.to].torrent
2020-06-12 1112 - 2020-06-12 1112 - 000029788 _____ C\Users\Blue\Downloads\Infamous.2020.720p.WEB-DL.XviD.AC3-FGT-[rarbg.to].torrent
2020-06-12 1112 - 2020-06-12 1112 - 000022557 _____ C\Users\Blue\Downloads\Maids on Duty 2 [Private 2020] XXX WEB-DL SPLIT SCENES-[rarbg.to].torrent
2020-06-12 1021 - 2020-06-12 1021 - 000019760 _____ C\Users\Blue\Downloads\The Lord of the Rings The Return of the King (2003) [1080p] [BluRay] [YTS.MX].torrent
2020-06-12 1021 - 2020-06-12 1021 - 000016287 _____ C\Users\Blue\Downloads\The Lord of the Rings The Two Towers (2002) [1080p] [BluRay] [YTS.MX].torrent
2020-06-12 0723 - 2020-06-12 0723 - 000000000 ____D C\Users\Blue\AppData\LocalLow\uTorrent
2020-06-12 0721 - 2020-06-12 0721 - 000049623 _____ C\Users\Blue\Downloads\The.King.of.Staten.Island.2020.1080p.AMZN.WEBRip.DDP5.1.x264-NTG-[rarbg.to].torrent
2020-06-12 0721 - 2020-06-12 0721 - 000033860 _____ C\Users\Blue\Downloads\Anderson.Falls.2020.720p.WEB-DL.XviD.AC3-FGT-[rarbg.to].torrent
2020-06-11 1854 - 2020-06-11 1854 - 000013181 _____ C\Users\Blue\Downloads\The Lord of the Rings The Fellowship of the Ring (2001) [1080p] [BluRay] [YTS.MX].torrent
2020-06-10 1656 - 2020-06-10 1656 - 000040342 _____ C\Users\Blue\Downloads\Gods of Egypt (2016) [1080p] [BluRay] [YTS.MX].torrent
2020-06-10 1334 - 2020-06-10 1334 - 000000000 ____D C\Users\Blue\AppData\Local\ElevatedDiagnostics
2020-06-10 1333 - 2020-06-12 1917 - 000001303 _____ C\Users\Blue\pcmscan.cfg
2020-06-10 1333 - 2020-06-10 1333 - 000001198 _____ C\Users\Blue\Desktop\PCMSCAN.lnk
2020-06-10 1331 - 2020-06-10 1334 - 000000000 ____D C\Program Files (x86)\PCMSCAN
2020-06-10 1331 - 2020-06-10 1331 - 000000000 ____D C\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCMSCAN
2020-06-10 1330 - 2012-10-16 1053 - 000000000 ____D C\Users\Blue\Desktop\ELM327
2020-06-10 0629 - 2020-06-10 0629 - 000037545 _____ C\Users\Blue\Downloads\Burden.2018.720p.WEB-DL.XviD.AC3-FGT-[rarbg.to].torrent
2020-06-10 0628 - 2020-06-10 0628 - 000025186 _____ C\Users\Blue\Downloads\Outback.2019.720p.WEB-DL.XviD.AC3-FGT-[rarbg.to].torrent
2020-06-09 1945 - 2020-06-09 1945 - 000032246 _____ C\Users\Blue\Downloads\The.Russian.Bride.2019.720p.BRRip.XviD.AC3-XVID-[rarbg.to].torrent
2020-06-09 1855 - 2020-06-09 1855 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2020-06-09 1855 - 2020-06-09 1855 - 000000000 ____D C\Program Files (x86)\Lenovo
2020-06-08 1413 - 2020-06-08 1413 - 000030465 _____ C\Users\Blue\Downloads\Legacy.2020.720p.WEB-DL.XviD.AC3-FGT-[rarbg.to].torrent
2020-06-06 1948 - 2020-06-06 1948 - 000040182 _____ C\Users\Blue\Downloads\Becky.2020.1080p.AMZN.WEBRip.DDP5.1.x264-NTG-[rarbg.to].torrent
2020-06-06 1917 - 2020-06-06 1917 - 000038986 _____ C\Users\Blue\Downloads\Shirley.2020.1080p.AMZN.WEBRip.DDP5.1.x264-NTG-[rarbg.to].torrent
2020-06-06 1916 - 2018-04-15 2005 - 000000000 ____D C\Users\Blue\Desktop\ScanMaster-ELM v2.1
2020-06-06 1915 - 2020-06-06 1915 - 017032684 _____ C\Users\Blue\Downloads\ScanMaster-ELM v2.1.rar
2020-06-06 1911 - 2020-06-06 1911 - 000000000 ____D C\Users\Blue\AppData\Local\obdautodoctor
2020-06-06 1909 - 2020-06-06 1909 - 020872488 _____ (Creosys ) C\Users\Blue\Downloads\obd-auto-doctor_3.7.2.exe
2020-06-06 1909 - 2020-06-06 1909 - 000001154 _____ C\Users\Public\Desktop\OBD Auto Doctor.lnk
2020-06-06 1909 - 2020-06-06 1909 - 000001154 _____ C\ProgramData\Desktop\OBD Auto Doctor.lnk
2020-06-06 1909 - 2020-06-06 1909 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\OBD Auto Doctor
2020-06-06 1909 - 2020-06-06 1909 - 000000000 ____D C\Program Files (x86)\OBD Auto Doctor
2020-06-06 1903 - 2020-06-12 2045 - 000000000 ____D C\Program Files\DIFX
2020-06-06 1903 - 2020-06-06 1903 - 000000729 _____ C\Users\Blue\Desktop\VCDS Release 20.4.lnk
2020-06-06 1903 - 2020-06-06 1903 - 000000000 ____D C\ProgramData\Microsoft\Windows\Start Menu\Programs\VCDS
2020-06-06 1901 - 2020-06-06 1901 - 051047744 _____ (Ross-Tech, LLC) C\Users\Blue\Downloads\VCDS-Release-20.4.1-Installer.exe
2020-06-06 1901 - 2020-06-06 1901 - 000000000 ____D C\Ross-Tech
2020-06-06 1841 - 2020-06-06 1841 - 000050245 _____ C\Users\Blue\Downloads\The.Last.Days.of.American.Crime.2020.720p.WEBRip.XviD.AC3-FGT-[rarbg.to].torrent
2020-06-04 2025 - 2020-06-04 2025 - 000000000 ____D C\Users\Blue\Desktop\podaci 2
2020-05-29 2102 - 2020-05-29 2102 - 000000000 ____D C\Users\Blue\AppData\Roaming\AC3Filter
2020-05-29 0711 - 2020-05-29 0711 - 000000000 ____D C\Program Files\UNP
2020-05-19 0608 - 2020-05-19 0608 - 000002253 _____ C\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-05-19 0608 - 2020-05-19 0608 - 000002241 _____ C\Users\Public\Desktop\Google Earth Pro.lnk
2020-05-19 0608 - 2020-05-19 0608 - 000002241 _____ C\ProgramData\Desktop\Google Earth Pro.lnk
2020-05-19 0608 - 2020-05-19 0608 - 000000000 ____D C\Program Files\Google
2020-05-14 1724 - 2020-05-14 1726 - 000000000 ____D C\Users\Blue\Documents\Assassin's Creed IV Black Flag
2020-05-14 1652 - 2020-06-04 2019 - 000000000 ____D C\Program Files (x86)\R.G. Mechanics
2020-05-13 2102 - 2020-05-19 0635 - 000000000 ____D C\Program Files (x86)\Hard Disk Sentinel
2020-05-13 2102 - 2020-05-13 2102 - 000000000 ____D C\Users\Blue\AppData\Roaming\Hard Disk Sentinel
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-12 2109 - 2019-03-19 0652 - 000000000 ____D C\ProgramData\regid.1991-06.com.microsoft
2020-06-12 2108 - 2020-02-06 2006 - 000000134 _____ C\Windows\system32\regtest.txt
2020-06-12 2108 - 2019-07-18 2307 - 000000006 ____H C\Windows\Tasks\SA.DAT
2020-06-12 2108 - 2019-03-19 0637 - 000524288 _____ C\Windows\system32\config\BBI
2020-06-12 2059 - 2020-02-17 1544 - 000000000 ____D C\Users\Blue\AppData\Local\CrashDumps
2020-06-12 2045 - 2019-03-19 0650 - 000000000 ____D C\Windows\INF
2020-06-12 2011 - 2020-02-06 2005 - 000000000 ____D C\Users\Blue\AppData\Local\D3DSCache
2020-06-12 1904 - 2020-02-07 0140 - 000000000 ____D C\Users\Blue\AppData\Local\VirtualStore
2020-06-12 1903 - 2019-03-19 0652 - 000000000 ____D C\Windows\Registration
2020-06-12 1859 - 2020-02-07 0140 - 000000000 ____D C\Users\Blue
2020-06-12 1238 - 2020-03-12 0835 - 000000000 ____D C\Users\Blue\AppData\Roaming\uTorrent
2020-06-12 1121 - 2020-02-06 2019 - 000000000 ____D C\Users\Blue\Desktop\torrent
2020-06-12 1117 - 2020-02-06 2016 - 000000000 ____D C\Users\Blue\AppData\Local\BitTorrentHelper
2020-06-12 1004 - 2019-07-18 2307 - 000000000 ____D C\Windows\system32\SleepStudy
2020-06-12 0720 - 2020-02-07 1306 - 000000000 ____D C\Program Files (x86)\Far Cry Primal
2020-06-11 1659 - 2020-02-17 1640 - 000000012 _____ C\Windows\system32\perfdish001.dat
2020-06-10 1827 - 2020-03-22 1305 - 000000000 ___RD C\Users\Blue\Desktop\podaci
2020-06-10 0656 - 2020-02-06 2004 - 000000000 ____D C\ProgramData\Lenovo
2020-06-09 1855 - 2020-02-12 1734 - 000000555 _____ C\Windows\SysWOW64\InstallUtil.InstallLog
2020-06-09 1855 - 2020-02-12 1734 - 000000000 ____D C\Windows\TempInst
2020-06-09 1855 - 2020-02-06 2004 - 000000000 ____D C\Windows\system32\Tasks\TVT
2020-06-09 1855 - 2020-02-06 2000 - 000002301 _____ C\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-09 1855 - 2020-02-06 2000 - 000002260 _____ C\Users\Public\Desktop\Google Chrome.lnk
2020-06-09 1855 - 2020-02-06 2000 - 000002260 _____ C\ProgramData\Desktop\Google Chrome.lnk
2020-06-09 1853 - 2020-02-06 2004 - 000000000 ____D C\Users\Blue\AppData\Local\LenovoServiceBridge
2020-06-07 1832 - 2020-04-03 1512 - 000000000 ____D C\Users\Blue\Desktop\oglasi
2020-06-06 1910 - 2020-02-06 2016 - 000000000 ____D C\ProgramData\Package Cache
2020-06-06 1823 - 2019-03-19 0652 - 000000000 ____D C\Windows\LiveKernelReports
2020-06-04 1716 - 2020-02-07 0142 - 000003378 _____ C\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1944725463-1506611765-1627624707-1002
2020-06-04 1716 - 2020-02-07 0142 - 000000000 ___RD C\Users\Blue\OneDrive
2020-06-04 1716 - 2020-02-07 0140 - 000002364 _____ C\Users\Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-28 1155 - 2019-08-17 0705 - 000795992 _____ C\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories ========
2020-06-12 2102 - 2020-06-12 2116 - 000000004 _____ () C\ProgramData\lock.dat
2020-06-12 2103 - 2020-06-12 2122 - 000000004 _____ () C\ProgramData\rc.dat
2020-06-12 2102 - 2020-06-12 2102 - 000000008 _____ () C\ProgramData\ts.dat
2020-02-10 0102 - 2020-02-10 0102 - 000000447 ___SH () C\Users\Blue\AppData\Roaming\d.vbs
2019-04-08 2140 - 2019-04-08 2140 - 000000338 ___SH () C\Users\Blue\AppData\Roaming\h.vbs
2020-04-03 0318 - 2020-04-03 0318 - 616369232 _____ () C\Users\Blue\AppData\Roaming\re3.exe
2020-06-12 1903 - 2020-06-12 1903 - 000000092 _____ () C\Users\Blue\AppData\Local\fusioncache.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
http//fotkica.com/uploads2N/356_687419144_Addition.txt
Dopuna: 12 Jun 2020 20:39
Kad otvorm chrome onda pusta muziku nasumicno
|
