Zdravíčko.. Chcel by som poprosiť o preventívnu kontrolu a pomoc pri čistení USB.. kamarát mal moje USB, dal si ho do NTB a avast začal vykrikovať že zablokoval útok (stále to niečo kopírovalo na moje USB, všetko malo myslím že koncovku .lnk), dokopy to možno aj 200x napísalo že zabránil útoku a teraz sa bojím dať USB do svojho PC, aby som si ho nezavíril.. neviete o niečom ako sandbox pre USB, kde by som mohol bezproblémov vyčistiť USB a nezničiť si PC ? (vo svojom stroji som USB odvtedy ešte nemal)
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Andrej at 2015-01-25 14:59:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (30%) free of 61 GB
Total RAM: 2991 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:59:45, on 25. 1. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Winstep\Nexus.exe
C:\Program Files\eInstruction\Device Manager\Launch.exe
D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
D:\Program Files\Image-Line\FL Studio 10\FL.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\0DOCS\viry.cz\RSIT.exe
C:\Program Files\trend micro\Andrej.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\JAVAVAvava\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\JAVAVAvava\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: eInstruction Device Manager.lnk = C:\Program Files\eInstruction\Device Manager\Launch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\0DOCS\viry.cz\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\0DOCS\viry.cz\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing)
--
End of file - 7709 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4193802647-1336769331-151233365-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4193802647-1336769331-151233365-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4193802647-1336769331-151233365-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4193802647-1336769331-151233365-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\3labhper.default
"ext@VideoPlayerV3beta8012.net"=C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8012\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\Program Files\JAVAVAvava\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\JAVAVAvava\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files\VideoLAN\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\JAVAVAvava\bin\ssv.dll [2014-09-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\JAVAVAvava\bin\jp2ssv.dll [2014-09-26 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2007-09-25 93208]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-09-08 495708]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-12-13 3838800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Google Update"=C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-28 116648]
"Nexus"=C:\Program Files\Winstep\Nexus.exe [2012-03-28 16957056]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
eInstruction Device Manager.lnk - C:\Program Files\eInstruction\Device Manager\Launch.exe
C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-11-26 208384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.X264"=x264vfw.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.VP70"=vp7vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.siren"=sirenacm.dll
"vidc.tscc"=tsccvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"midi2"=xgusb.cpl
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"midi4"=xgusb.cpl
"midi5"=xgusb.cpl
"msacm.vorbis"=vorbis.acm
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-17 13:27:48 ----D---- C:\Program Files\Mozilla Firefox
2015-01-14 17:08:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-01-14 17:08:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:08:29 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:08:29 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 17:08:28 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 17:08:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-11 19:13:50 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-01-11 19:13:49 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-01-11 19:13:49 ----A---- C:\Windows\system32\d3dx10.dll
2015-01-11 19:13:48 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-01-11 19:13:47 ----A---- C:\Windows\system32\xinput1_2.dll
2015-01-11 19:13:47 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-01-11 19:13:47 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-01-11 19:13:46 ----A---- C:\Windows\system32\xinput1_1.dll
2015-01-11 19:13:46 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-01-11 19:13:38 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-01-11 19:13:38 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-01-10 17:14:39 ----D---- C:\Users\Andrej\AppData\Roaming\TeamViewer
2014-12-26 13:33:03 ----D---- C:\Users\Andrej\AppData\Roaming\Xfer
2014-12-26 13:31:44 ----D---- C:\Program Files (x86)
======List of files/folders modified in the last 1 month======
2015-01-25 14:59:45 ----D---- C:\Windows\Prefetch
2015-01-25 14:59:35 ----D---- C:\Program Files\trend micro
2015-01-25 14:59:22 ----D---- C:\Users\Andrej\AppData\Roaming\Skype
2015-01-25 12:43:29 ----D---- C:\Windows\temp
2015-01-25 12:36:01 ----D---- C:\Windows\system32\config
2015-01-25 12:05:20 ----D---- C:\Windows\System32
2015-01-25 12:05:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 12:00:38 ----SHD---- C:\System Volume Information
2015-01-24 11:44:47 ----D---- C:\Users\Andrej\AppData\Roaming\uTorrent
2015-01-23 22:21:25 ----D---- C:\Windows\system32\catroot2
2015-01-23 16:16:03 ----D---- C:\Windows\inf
2015-01-23 16:16:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-22 20:40:38 ----D---- C:\Users\Andrej\AppData\Roaming\vlc
2015-01-22 20:28:57 ----D---- C:\efekty
2015-01-21 15:53:28 ----D---- C:\Windows\Microsoft.NET
2015-01-20 23:03:57 ----SHD---- C:\Windows\Installer
2015-01-18 11:40:48 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-01-17 19:45:38 ----RD---- C:\Program Files
2015-01-16 17:50:08 ----A---- C:\Users\Andrej\AppData\Roaming\msvcr90-ruby191.dll
2015-01-15 15:38:34 ----D---- C:\Windows\winsxs
2015-01-14 22:20:02 ----D---- C:\Windows\system32\drivers
2015-01-14 20:11:02 ----D---- C:\Windows\system32\MRT
2015-01-14 20:01:50 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 17:08:20 ----D---- C:\Windows\system32\catroot
2015-01-13 18:04:28 ----D---- C:\Users\Andrej\AppData\Roaming\Winamp
2015-01-11 19:13:46 ----RSD---- C:\Windows\assembly
2015-01-11 19:12:55 ----D---- C:\Windows
2015-01-11 19:08:00 ----HD---- C:\Program Files\InstallShield Installation Information
2015-01-07 16:41:19 ----D---- C:\Program Files\Recuva
2015-01-02 00:02:52 ----RSD---- C:\Windows\Fonts
2014-12-31 12:13:47 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-11-03 45968]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-04-28 477240]
R1 MpKslc3891521;MpKslc3891521; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F729526-5CAD-46BA-9633-E14F83217DBC}\MpKslc3891521.sys [2015-01-25 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-11-02 73216]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28u.sys [2013-07-11 1619760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10301; C:\Windows\system32\DRIVERS\stwrt.sys [2010-09-08 431616]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2007-09-14 19352]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2007-09-14 51608]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-22 1172992]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2012-10-18 1570304]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-11-02 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2013-11-02 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2013-11-02 90368]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2013-11-02 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2013-11-02 181760]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-18 14848]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2012-05-05 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8192cu;TP-LINK 150Mbps Wireless N Nano USB Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2012-03-14 801896]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2007-09-14 29976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2007-09-14 29208]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2007-09-14 14744]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;WSD Scan Support via UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-02 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-12-13 1895760]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-12-02 411920]
R2 MBAMScheduler;MBAMScheduler; D:\0DOCS\viry.cz\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10101; C:\Program Files\IDT\WDM\STacSV.exe [2010-09-08 254034]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Winstep Xtreme Service;Winstep Xtreme Service; C:\Program Files\Winstep\WsxService []
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-31 116648]
S2 MBAMService;MBAMService; D:\0DOCS\viry.cz\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-31 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-17 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-27 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Vopred ďakujem za pomoc.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventívka + help pri čistení USB
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Preventívka + help pri čistení USB
Aplikujte USBFix dle tohoto "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Narfyk
- Vzorný návštěvník
- Příspěvky: 208
- Registrován: 07 čer 2010 17:54
- Bydliště: SK
- Kontaktovat uživatele:
Re: Preventívka + help pri čistení USB
Clean:
############################## | UsbFix V 7.811 | [Clean]
User: Andrej (Administrator) # PROBOOK
Updated 20/01/2015 by El Desaparecido - SosVirus
Started at 15:33:05 | 25/01/2015
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/
################## | System information |
MB: Hewlett-Packard (1411)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 2991 Mo | Free : 1017 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 35.0
################## | Security Information |
AV: Microsoft Security Essentials [(!) Disabled |Updated]
AS: Microsoft Security Essentials [(!) Disabled |Updated]
AS: Windows Defender [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 60 Gb (18 Gb free - 30%) [] # NTFS
D:\ -> Fixed disk # 120 Gb (3 Gb free - 2%) [Data1] # NTFS
E:\ -> Fixed disk # 118 Gb (9 Gb free - 8%) [Data2] # NTFS
G:\ -> CD-ROM # 2 Gb (0 Mb free - 0%) [VIRTUA_TENNIS_3] # UDF
K:\ -> Removable disk # 4 Gb (399 Mb free - 10%) [KINGSTON] # FAT32
################## | Generic Research |
(!) Temporary files deleted. (365.578860282898 MB)
################## | Registry |
Deleted! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Start WingMan Profiler
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04GS - OneNote 2007 Screen Clipper and Launcher.lnk : D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
04GS - eInstruction Device Manager.lnk : C:\Program Files\eInstruction\Device Manager\Launch.exe
################## | UsbFix - Information |
Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/
################## | Hijack |
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\config.sys
[08/08/2012 - 21:18:41 | RASH | 0 Ko] - C:\MSDOS.SYS
[08/08/2012 - 21:18:41 | RASH | 0 Ko] - C:\IO.SYS
[24/01/2015 - 11:10:13 | ASH | 2297416 Ko] - C:\hiberfil.sys
[24/01/2015 - 11:10:14 | ASH | 3063224 Ko] - C:\pagefile.sys
[28/01/2014 - 21:15:53 | A | 0 Ko] - C:\extensions.sqlite
[28/01/2014 - 21:15:53 | A | 0 Ko] - C:\extensions.ini
[06/10/2013 - 17:50:03 | SHD] - C:\$RECYCLE.BIN
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\autoexec.bat
[14/07/2009 - 03:37:05 | D] - C:\PerfLogs
[14/07/2009 - 05:53:55 | SHD] - C:\Documents and Settings
[27/04/2012 - 20:08:54 | D] - C:\Recovery
[03/08/2012 - 21:27:06 | D] - C:\SWSetup
[06/01/2014 - 16:03:47 | RD] - C:\Users
[16/03/2014 - 18:53:52 | D] - C:\AdwCleaner
[22/05/2014 - 15:30:36 | D] - C:\rsit
[13/09/2014 - 14:23:09 | D] - C:\Temp
[02/10/2014 - 15:00:46 | D] - C:\Downloads
[31/10/2014 - 18:32:56 | D] - C:\ProgramData
[26/12/2014 - 13:31:44 | D] - C:\Program Files (x86)
[11/01/2015 - 19:12:55 | D] - C:\Windows
[17/01/2015 - 19:45:38 | RD] - C:\Program Files
[22/01/2015 - 20:28:57 | D] - C:\efekty
[25/01/2015 - 15:32:19 | D] - C:\UsbFix
################## | D:\ - Fixed drive (NTFS) |
[25/01/2014 - 18:48:52 | A | 7989 Ko] - D:\re.zip
[10/04/2014 - 18:13:15 | A | 3860 Ko] - D:\better of aleno 2011-2012.zip
[05/02/2014 - 19:55:50 | A | 74 Ko] - D:\CSOBL_CLE_012014.xml
[20/01/2015 - 20:23:31 | A | 827 Ko] - D:\VirtualDJ Local Database v6.xml
[21/02/2014 - 23:32:51 | A | 319 Ko] - D:\punch.wav
[10/07/2014 - 22:47:58 | A | 3920 Ko] - D:\rscre.wav
[17/10/2014 - 21:19:44 | A | 692 Ko] - D:\ts3_recording_14_10_17_22_19_31.wav
[18/12/2014 - 16:55:50 | A | 46310 Ko] - D:\Cyber - A Million Stars (Original Mix).wav
[21/01/2015 - 16:33:56 | A | 45196 Ko] - D:\Stryv - Surge (Original Mix).wav
[07/04/2014 - 17:02:22 | A | 0 Ko] - D:\Sazebník banů.txt
[10/10/2014 - 19:12:20 | A | 189 Ko] - D:\ClownfishVoiceChanger-v1.11.ts3_plugin
[07/05/2014 - 16:16:47 | A | 292 Ko] - D:\9535C621FC2B0116A66883C5BC9743A9F13D590F.torrent
[04/10/2014 - 18:51:31 | A | 55 Ko] - D:\[kickass.to]bonobo.black.sands.mp3.320.2010.torrent
[21/11/2014 - 17:50:53 | A | 27 Ko] - D:\Saw-1-6-CZ.torrent
[21/11/2014 - 18:14:22 | A | 16 Ko] - D:\Červená-čiapočka-horor-cz-dabing.torrent
[15/04/2014 - 20:56:58 | A | 399 Ko] - D:\Benny Hill Theme.mp3.sfk
[21/04/2014 - 20:12:13 | A | 409 Ko] - D:\03 - Flux Pavilion - I Can't Stop.mp3.sfk
[22/05/2014 - 05:49:36 | A | 38394 Ko] - D:\nzemysel.psd
[10/04/2014 - 17:17:06 | A | 1815 Ko] - D:\Narfyk SC LOGO.png
[14/03/2014 - 18:29:50 | A | 385 Ko] - D:\naa.pk
[10/07/2014 - 22:48:10 | A | 46 Ko] - D:\rscre.pk
[18/03/2014 - 21:45:18 | A | 158 Ko] - D:\20120611155842927.pdf
[09/05/2014 - 21:45:11 | A | 82 Ko] - D:\93_2005.pdf
[24/09/2014 - 20:20:48 | A | 344 Ko] - D:\palarik_zm.pdf
[02/11/2014 - 09:58:28 | A | 16 Ko] - D:\78188_00_561632023_2014-11-01.pdf
[23/10/2014 - 20:52:28 | A | 23 Ko] - D:\obn.odt
[23/10/2014 - 21:08:51 | A | 9 Ko] - D:\Pojem.odt
[26/08/2012 - 14:49:57 | N | 8288 Ko] - D:\untitled.mp3
[16/12/2013 - 19:30:37 | A | 1065 Ko] - D:\Showtime.mp3
[28/02/2014 - 12:40:43 | A | 800 Ko] - D:\ID - Little Frog_.mp3
[15/03/2014 - 00:44:45 | A | 358 Ko] - D:\anglina.mp3
[16/03/2014 - 21:57:05 | A | 1067 Ko] - D:\ryťhnus.mp3
[21/03/2014 - 21:39:43 | A | 19195 Ko] - D:\Narfyk - Freedom.mp3
[25/03/2014 - 14:00:55 | A | 402 Ko] - D:\nomuselsom.mp3
[04/04/2014 - 15:48:01 | A | 841 Ko] - D:\majster.mp3
[15/04/2014 - 20:52:05 | A | 7871 Ko] - D:\Benny Hill Theme.mp3
[17/04/2014 - 23:19:26 | A | 4923 Ko] - D:\čilz.mp3
[06/05/2014 - 18:09:46 | A | 4452 Ko] - D:\noidea_3.mp3
[17/05/2014 - 21:34:42 | A | 4475 Ko] - D:\Sennheiser HD 429 test.mp3
[30/05/2014 - 16:14:33 | A | 110 Ko] - D:\converz.mp3
[02/06/2014 - 16:59:17 | A | 3067 Ko] - D:\suchárčok.mp3
[06/06/2014 - 11:37:01 | A | 218 Ko] - D:\ovo.mp3
[09/06/2014 - 20:05:15 | A | 822 Ko] - D:\izotop.mp3
[29/06/2014 - 12:59:34 | A | 4761 Ko] - D:\ňah2.mp3
[29/06/2014 - 22:03:19 | A | 951 Ko] - D:\ňahmén.mp3
[10/07/2014 - 17:26:27 | A | 8992 Ko] - D:\Matt Lange - I Can't Forgive (Direct Remix).mp3
[10/07/2014 - 22:52:38 | A | 624 Ko] - D:\rscre.mp3
[16/07/2014 - 00:32:26 | A | 9564 Ko] - D:\anglinaa.mp3
[20/07/2014 - 19:57:16 | A | 15869 Ko] - D:\dictator_160.mp3
[30/07/2014 - 23:14:43 | A | 2127 Ko] - D:\EXCLUSIVE NIGGER PREVIEW.mp3
[15/08/2014 - 22:52:04 | A | 541 Ko] - D:\zaj.mp3
[18/08/2014 - 13:37:05 | A | 757 Ko] - D:\subzeroskríč_bezmelo.mp3
[02/09/2014 - 14:50:31 | A | 348 Ko] - D:\kickieee.mp3
[02/09/2014 - 14:53:02 | A | 346 Ko] - D:\kickieee2.mp3
[02/09/2014 - 14:56:12 | A | 696 Ko] - D:\kickieee3.mp3
[14/09/2014 - 20:35:32 | A | 1782 Ko] - D:\ICynfzL4HUCk.128.mp3
[25/09/2014 - 15:18:47 | A | 2147 Ko] - D:\Dragged sample_448.mp3
[29/09/2014 - 18:16:55 | A | 259 Ko] - D:\unicorn.mp3
[29/09/2014 - 19:04:03 | A | 4384 Ko] - D:\LOQa.mp3
[01/10/2014 - 19:45:11 | A | 179 Ko] - D:\StartSnd.mp3
[04/10/2014 - 19:29:35 | A | 73219 Ko] - D:\mix.mp3
[17/10/2014 - 15:11:18 | A | 2365 Ko] - D:\Newintroo.mp3
[25/10/2014 - 19:59:03 | A | 1097 Ko] - D:\screep.mp3
[12/11/2014 - 17:19:46 | A | 13252 Ko] - D:\Yea (Mastering).mp3
[15/11/2014 - 22:19:25 | A | 2190 Ko] - D:\Intro.mp3
[20/11/2014 - 19:22:58 | A | 1002 Ko] - D:\BIG HS_3.mp3
[09/12/2014 - 20:14:26 | A | 1194 Ko] - D:\beat_pre_fejka_hnilíka.mp3
[14/12/2014 - 13:55:32 | A | 5816 Ko] - D:\Pi_Jano.mp3
[20/12/2014 - 00:36:36 | A | 729 Ko] - D:\pochutina.mp3
[06/05/2013 - 16:36:34 | N | 3 Ko] - D:\ghiesz_epic_pian.mid
[18/07/2013 - 14:30:22 | N | 1 Ko] - D:\untitled.mid
[28/02/2014 - 18:00:32 | A | 2 Ko] - D:\ewt.mid
[23/12/2014 - 22:07:15 | A | 0 Ko] - D:\stream.ogg.m3u
[19/07/2014 - 21:42:49 | A | 2 Ko] - D:\narpheeek.ksd
[04/10/2012 - 13:23:20 | N | 376 Ko] - D:\SNC02389.jpg
[24/02/2013 - 17:35:05 | N | 38 Ko] - D:\267978_163957280422062_1872753739_n.jpg
[19/05/2013 - 10:45:58 | N | 6416 Ko] - D:\DSC_4939.JPG
[19/05/2013 - 10:46:02 | N | 7266 Ko] - D:\DSC_4940.JPG
[19/05/2013 - 10:46:04 | N | 7508 Ko] - D:\DSC_4941.JPG
[19/05/2013 - 11:09:52 | N | 9791 Ko] - D:\Untitled_Panorama1.jpg
[19/05/2013 - 18:33:56 | N | 222 Ko] - D:\20130519_193355.jpg
[27/05/2013 - 19:41:15 | N | 410 Ko] - D:\DSC_5072.jpg
[27/05/2013 - 19:57:14 | N | 144 Ko] - D:\nnn.jpg
[27/05/2013 - 20:12:35 | N | 143 Ko] - D:\DSC_5076f_.jpg
[27/05/2013 - 20:15:51 | N | 759 Ko] - D:\DSC_5076_.jpg
[06/08/2013 - 11:45:24 | N | 380 Ko] - D:\DSC_5023.jpg
[16/08/2013 - 14:08:39 | N | 732 Ko] - D:\šit.jpg
[22/08/2013 - 16:44:15 | A | 214 Ko] - D:\1817344_range-rover.jpg
[14/09/2013 - 19:21:54 | N | 172 Ko] - D:\DSC_0309.jpg
[22/09/2013 - 19:06:55 | N | 173 Ko] - D:\ňah.jpg
[26/09/2013 - 20:14:14 | N | 102 Ko] - D:\Untitled.jpg
[10/12/2013 - 19:10:46 | A | 39 Ko] - D:\1488145_381417561993181_256251286_n.jpg
[26/02/2014 - 13:36:24 | A | 1249 Ko] - D:\proj.jpg
[26/02/2014 - 13:37:18 | A | 677 Ko] - D:\cover.jpg
[01/03/2014 - 13:26:41 | A | 273 Ko] - D:\ceresrartdfg.jpg
[01/03/2014 - 13:52:26 | A | 149 Ko] - D:\2007-ford-s-max-1_600x0w.jpg
[01/03/2014 - 13:55:54 | A | 239 Ko] - D:\Untitled-1.jpg
[01/03/2014 - 16:20:52 | A | 229 Ko] - D:\ezmaks_rerctt.jpg
[01/03/2014 - 18:55:18 | A | 449 Ko] - D:\ford-s-max2.jpg
[02/03/2014 - 12:16:04 | A | 237 Ko] - D:\ford-s-max.jpg
[02/03/2014 - 12:17:42 | A | 554 Ko] - D:\s-max2_Co.jpg
[06/03/2014 - 21:36:51 | A | 63 Ko] - D:\a4_xfs_013_spain_1-1008x567.jpg
[07/03/2014 - 15:55:23 | A | 364 Ko] - D:\IMG_20140307_135029.jpg
[07/03/2014 - 15:55:23 | A | 350 Ko] - D:\IMG_20140307_135015.jpg
[07/03/2014 - 15:55:23 | A | 323 Ko] - D:\IMG_20140307_135006.jpg
[16/03/2014 - 09:59:53 | A | 415 Ko] - D:\10004678_685573951494948_1965321961_o.jpg
[16/03/2014 - 10:00:03 | A | 411 Ko] - D:\10006839_685573944828282_868917102_o.jpg
[16/03/2014 - 10:02:42 | A | 1109 Ko] - D:\gt.jpg
[18/03/2014 - 21:51:58 | A | 146 Ko] - D:\IMG_5329.jpg
[18/03/2014 - 21:52:00 | A | 44 Ko] - D:\IMG_3685_fhdr.jpg
[22/03/2014 - 13:25:47 | A | 357 Ko] - D:\DSC_5283a.jpg
[22/03/2014 - 13:27:05 | A | 648 Ko] - D:\maco.jpg
[27/03/2014 - 17:56:59 | A | 249 Ko] - D:\back.jpg
[10/04/2014 - 17:46:50 | A | 177 Ko] - D:\10168195_457835361015379_1496994267328955576_n.jpg
[27/04/2014 - 11:15:41 | A | 343 Ko] - D:\Yamaha_DT125X_200512_1600x1200nah_l.jpg
[01/05/2014 - 17:09:34 | N | 172 Ko] - D:\20140501_150846_66266.jpg
[24/05/2014 - 17:32:18 | A | 265 Ko] - D:\10313499_478719742260274_9042848235535227875_n.jpg
[03/06/2014 - 14:46:30 | A | 228 Ko] - D:\lulz.jpg
[05/06/2014 - 14:52:47 | A | 120 Ko] - D:\trollz.jpg
[05/06/2014 - 19:32:47 | A | 466 Ko] - D:\sv.jpg
[27/06/2014 - 18:11:23 | A | 119 Ko] - D:\10488860_10201986037524203_1216364186_n.jpg
[13/07/2014 - 19:45:47 | A | 344 Ko] - D:\meh.jpg
[13/08/2014 - 23:02:41 | A | 280 Ko] - D:\22526-sunset-in-montana-1920x1080-nature-wallpaper.jpg
[13/08/2014 - 23:02:44 | A | 160 Ko] - D:\22526-sunset-in-montana-1366x768-nature-wallpaper.jpg
[13/08/2014 - 23:06:03 | A | 459 Ko] - D:\22526-sunset-in-montana-1920x1080-nature-wallpapear.jpg
[24/09/2014 - 19:09:59 | A | 49 Ko] - D:\10620846_631029807010519_1067591853_n.jpg
[24/09/2014 - 21:41:46 | N | 7 Ko] - D:\AlbumArtSmall.jpg
[24/09/2014 - 21:41:46 | N | 40 Ko] - D:\Folder.jpg
[10/10/2014 - 14:22:59 | A | 64 Ko] - D:\hondavaradero125.jpg
[10/10/2014 - 18:25:38 | A | 254 Ko] - D:\screenšot.jpg
[10/10/2014 - 19:51:57 | A | 104 Ko] - D:\578762_262151527214789_1548161789_n.jpg
[14/10/2014 - 17:47:17 | A | 348 Ko] - D:\šalala.jpg
[14/10/2014 - 17:52:07 | A | 332 Ko] - D:\šalala2.jpg
[21/10/2014 - 21:05:02 | A | 894 Ko] - D:\schliefen.jpg
[24/10/2014 - 15:13:48 | A | 293 Ko] - D:\10517395_843727612324383_6405705469619959147_o.jpg
[24/10/2014 - 15:14:46 | A | 372 Ko] - D:\10714182_844227882274356_6788988311305399286_o.jpg
[11/11/2014 - 20:02:55 | A | 459 Ko] - D:\ničota.jpg
[04/12/2014 - 21:06:41 | A | 128 Ko] - D:\vas_kupon.jpg
[18/12/2014 - 17:58:48 | A | 23 Ko] - D:\A041110_JUP_BACOV_V.JPG
[23/12/2014 - 23:16:24 | A | 465 Ko] - D:\pubertálne_počiny.jpg
[19/07/2013 - 11:56:18 | N | 1 Ko] - D:\elia.fxp
[19/07/2013 - 11:56:12 | N | 504 Ko] - D:\elia.fst
[01/05/2014 - 18:45:11 | A | 2 Ko] - D:\untitled.fsc
[04/03/2014 - 20:27:47 | A | 69 Ko] - D:\fx.flp
[10/04/2014 - 17:56:02 | A | 176 Ko] - D:\better of aleno 2011-2012.flp
[30/07/2014 - 12:08:08 | A | 1639 Ko] - [VirusTotal - (0/57)] - D:\SkypeSetup.exe
[04/08/2014 - 19:33:29 | A | 1055 Ko] - D:\UnityWebPlayer.exe
[18/09/2014 - 15:35:17 | A | 55140 Ko] - D:\mfreeeffectsbundle_8_05_setup.exe
[02/10/2014 - 14:40:37 | A | 5370 Ko] - D:\OrbitDownloaderSetup.exe
[10/10/2014 - 18:48:34 | A | 27456 Ko] - D:\TeamSpeak3-Client-win32-3.0.16.exe
[27/10/2014 - 21:30:52 | A | 239 Ko] - D:\Firefox Setup Stub 33.0.exe
[02/10/2014 - 20:48:32 | A | 15 Ko] - D:\project.docx
[01/12/2014 - 21:31:37 | A | 42 Ko] - D:\Holidays and festivals.doc
[06/10/2013 - 17:50:03 | SHD] - D:\$RECYCLE.BIN
[18/09/2014 - 15:30:03 | D] - D:\Venm 1.3 R2R
[22/01/2015 - 17:11:51 | D] - D:\lik.wong.(1991).cze.1cd.(3900312)
[29/04/2012 - 18:41:16 | D] - D:\0SKOLKA
[05/10/2013 - 11:45:25 | D] - D:\torrentdownloadSurvivers
[06/10/2013 - 18:06:46 | D] - D:\mama
[05/12/2013 - 18:21:31 | D] - D:\torrentdownloadkrek
[04/01/2014 - 00:50:47 | D] - D:\Z_NOKIE
[16/02/2014 - 18:50:14 | D] - D:\f
[18/02/2014 - 22:26:32 | D] - D:\usb
[15/03/2014 - 20:24:36 | D] - D:\PS_efekty
[01/06/2014 - 12:54:05 | D] - D:\hotové_film
[01/07/2014 - 11:20:39 | D] - D:\Testy B,A
[10/07/2014 - 16:37:42 | D] - D:\EDM-2014-Preset-Pack
[18/07/2014 - 22:12:32 | D] - D:\izotope
[29/08/2014 - 22:23:51 | D] - D:\nexus
[30/08/2014 - 09:49:16 | D] - D:\LINKY
[27/09/2014 - 14:24:15 | D] - D:\MUSIC
[04/10/2014 - 11:59:53 | D] - D:\ummm
[04/10/2014 - 19:03:23 | D] - D:\kontakt
[23/10/2014 - 17:37:13 | D] - D:\film
[02/11/2014 - 15:49:55 | D] - D:\FL Pluginy
[17/11/2014 - 19:11:04 | D] - D:\TDR
[28/11/2014 - 23:11:36 | D] - D:\Sample
[07/12/2014 - 20:12:47 | D] - D:\FOTO
[23/12/2014 - 23:17:08 | D] - D:\PS_PROJEKTY
[31/12/2014 - 00:23:52 | D] - D:\backg
[07/01/2015 - 16:34:02 | D] - D:\Tools
[07/01/2015 - 16:54:10 | D] - D:\0foto
[10/01/2015 - 15:08:31 | D] - D:\nahr
[11/01/2015 - 16:44:01 | D] - D:\vymítač restta
[12/01/2015 - 15:59:10 | D] - D:\0DOCS
[13/01/2015 - 18:09:56 | D] - D:\Program Files
[18/01/2015 - 11:51:11 | D] - D:\0MRAVENCI
[23/01/2015 - 23:15:49 | D] - D:\pheysi
[24/01/2015 - 00:15:03 | D] - D:\torrentdownload
[25/01/2015 - 15:11:20 | D] - D:\foťočky
################## | E:\ - Fixed drive (NTFS) |
[20/01/2015 - 20:23:31 | A | 15 Ko] - E:\VirtualDJ Local Database v6.xml
[03/10/2014 - 19:11:45 | A | 394337 Ko] - E:\antitled.wmv
[19/01/2015 - 17:16:03 | A | 9716 Ko] - E:\zhája.wmv
[20/01/2015 - 17:20:38 | A | 39818 Ko] - E:\zhája2.wmv
[22/01/2015 - 22:29:45 | A | 443087 Ko] - E:\zhája_final.wmv
[31/03/2014 - 20:20:13 | A | 35 Ko] - E:\kRO_Renewal_Full_Client_011213.torrent
[01/09/2014 - 18:00:38 | A | 1469579 Ko] - E:\nic-nekrvaca-vecne-official-dvdrip.mp4
[19/11/2014 - 23:13:53 | A | 28350 Ko] - E:\frontliner.mp3
[02/12/2014 - 22:53:20 | A | 2461 Ko] - E:\haťäňové jašoty.mp3
[15/01/2015 - 15:58:15 | A | 503 Ko] - E:\tests.mp3.mp3
[15/01/2015 - 21:42:05 | A | 7731 Ko] - E:\Ďuro - Pusti tú basu.mp3
[21/01/2014 - 14:14:40 | A | 0 Ko] - E:\Data1 (D) - Shortcut.lnk
[03/04/2014 - 18:53:14 | A | 298 Ko] - E:\1795966_433865840081686_1616901988_o.jpg
[03/04/2014 - 19:12:05 | A | 467 Ko] - E:\1795966_433865840081686_1616901988_oa.jpg
[24/12/2014 - 14:32:52 | A | 617 Ko] - E:\ničota.jpg
[31/12/2014 - 23:26:46 | A | 521 Ko] - E:\DSC_6089.jpg
[13/01/2015 - 18:08:43 | A | 2362 Ko] - E:\sc_serv2_win32-latest.exe
[06/10/2013 - 17:50:03 | SHD] - E:\$RECYCLE.BIN
[09/11/2013 - 19:09:54 | D] - E:\torrentdownloadLOTRBFME1
[06/01/2014 - 16:17:54 | D] - E:\Install
[11/01/2014 - 16:09:24 | D] - E:\FNUF
[29/01/2014 - 20:48:46 | D] - E:\torrentdownload?gmod
[04/04/2014 - 22:10:12 | D] - E:\torrentdownloadflsportable
[12/05/2014 - 14:11:47 | D] - E:\Users
[22/06/2014 - 20:43:49 | D] - E:\Backup
[27/11/2014 - 17:52:56 | D] - E:\nezmysle
[24/12/2014 - 12:36:17 | D] - E:\LFS
[11/01/2015 - 19:07:41 | D] - E:\Hry
[13/01/2015 - 19:35:21 | D] - E:\Teamviewer 9
[20/01/2015 - 18:55:00 | D] - E:\vjeci
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
No myslím že som stlačil Clean až moc skoro po zapojení USB a nebolo skontrolované, pretože po skenovaní s antivírom na USB predsalen našlo vírus. Screenshot:
http://imgur.com/g7emB65
Tak som ešte raz preistotu urobil len Research:
############################## | UsbFix V 7.811 | [Research]
User: Andrej (Administrator) # PROBOOK
Updated 20/01/2015 by El Desaparecido - SosVirus
Started at 15:36:56 | 25/01/2015
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/
################## | System information |
MB: Hewlett-Packard (1411)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 2991 Mo | Free : 1526 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 35.0
################## | Security Information |
AV: Microsoft Security Essentials [Enabled |Updated]
AS: Microsoft Security Essentials [Enabled |Updated]
AS: Windows Defender [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 60 Gb (19 Gb free - 31%) [] # NTFS
D:\ -> Fixed disk # 120 Gb (6 Gb free - 5%) [Data1] # NTFS
E:\ -> Fixed disk # 118 Gb (10 Gb free - 8%) [Data2] # NTFS
G:\ -> CD-ROM # 2 Gb (0 Mb free - 0%) [VIRTUA_TENNIS_3] # UDF
K:\ -> Removable disk # 4 Gb (399 Mb free - 10%) [KINGSTON] # FAT32
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04GS - OneNote 2007 Screen Clipper and Launcher.lnk : D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
04GS - eInstruction Device Manager.lnk : C:\Program Files\eInstruction\Device Manager\Launch.exe
################## | Generic Research |
################## | Registry |
################## | UsbFix - Information |
Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/
################## | Hijack |
Hijacked! [SH] K:\Riki-Oh.The.Story.of.Ricky.1991.DVDRip.AC3.XviD-ShitBusters.srt.srt
Hijacked! [SH] K:\Riki-Oh.The.Story.of.Ricky.1991.DVDRip.AC3.XviD-ShitBusters.avi
Hijacked! [SH] K:\zhája_final.wmv
Hijacked! [SH] K:\V zajatí démonov r.2013.avi
Hijacked! [SH] K:\Pár nenormálnych aktivít r.2013.avi
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
############################## | UsbFix V 7.811 | [Clean]
User: Andrej (Administrator) # PROBOOK
Updated 20/01/2015 by El Desaparecido - SosVirus
Started at 15:33:05 | 25/01/2015
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/
################## | System information |
MB: Hewlett-Packard (1411)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 2991 Mo | Free : 1017 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 35.0
################## | Security Information |
AV: Microsoft Security Essentials [(!) Disabled |Updated]
AS: Microsoft Security Essentials [(!) Disabled |Updated]
AS: Windows Defender [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 60 Gb (18 Gb free - 30%) [] # NTFS
D:\ -> Fixed disk # 120 Gb (3 Gb free - 2%) [Data1] # NTFS
E:\ -> Fixed disk # 118 Gb (9 Gb free - 8%) [Data2] # NTFS
G:\ -> CD-ROM # 2 Gb (0 Mb free - 0%) [VIRTUA_TENNIS_3] # UDF
K:\ -> Removable disk # 4 Gb (399 Mb free - 10%) [KINGSTON] # FAT32
################## | Generic Research |
(!) Temporary files deleted. (365.578860282898 MB)
################## | Registry |
Deleted! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Start WingMan Profiler
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04GS - OneNote 2007 Screen Clipper and Launcher.lnk : D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
04GS - eInstruction Device Manager.lnk : C:\Program Files\eInstruction\Device Manager\Launch.exe
################## | UsbFix - Information |
Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/
################## | Hijack |
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\config.sys
[08/08/2012 - 21:18:41 | RASH | 0 Ko] - C:\MSDOS.SYS
[08/08/2012 - 21:18:41 | RASH | 0 Ko] - C:\IO.SYS
[24/01/2015 - 11:10:13 | ASH | 2297416 Ko] - C:\hiberfil.sys
[24/01/2015 - 11:10:14 | ASH | 3063224 Ko] - C:\pagefile.sys
[28/01/2014 - 21:15:53 | A | 0 Ko] - C:\extensions.sqlite
[28/01/2014 - 21:15:53 | A | 0 Ko] - C:\extensions.ini
[06/10/2013 - 17:50:03 | SHD] - C:\$RECYCLE.BIN
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\autoexec.bat
[14/07/2009 - 03:37:05 | D] - C:\PerfLogs
[14/07/2009 - 05:53:55 | SHD] - C:\Documents and Settings
[27/04/2012 - 20:08:54 | D] - C:\Recovery
[03/08/2012 - 21:27:06 | D] - C:\SWSetup
[06/01/2014 - 16:03:47 | RD] - C:\Users
[16/03/2014 - 18:53:52 | D] - C:\AdwCleaner
[22/05/2014 - 15:30:36 | D] - C:\rsit
[13/09/2014 - 14:23:09 | D] - C:\Temp
[02/10/2014 - 15:00:46 | D] - C:\Downloads
[31/10/2014 - 18:32:56 | D] - C:\ProgramData
[26/12/2014 - 13:31:44 | D] - C:\Program Files (x86)
[11/01/2015 - 19:12:55 | D] - C:\Windows
[17/01/2015 - 19:45:38 | RD] - C:\Program Files
[22/01/2015 - 20:28:57 | D] - C:\efekty
[25/01/2015 - 15:32:19 | D] - C:\UsbFix
################## | D:\ - Fixed drive (NTFS) |
[25/01/2014 - 18:48:52 | A | 7989 Ko] - D:\re.zip
[10/04/2014 - 18:13:15 | A | 3860 Ko] - D:\better of aleno 2011-2012.zip
[05/02/2014 - 19:55:50 | A | 74 Ko] - D:\CSOBL_CLE_012014.xml
[20/01/2015 - 20:23:31 | A | 827 Ko] - D:\VirtualDJ Local Database v6.xml
[21/02/2014 - 23:32:51 | A | 319 Ko] - D:\punch.wav
[10/07/2014 - 22:47:58 | A | 3920 Ko] - D:\rscre.wav
[17/10/2014 - 21:19:44 | A | 692 Ko] - D:\ts3_recording_14_10_17_22_19_31.wav
[18/12/2014 - 16:55:50 | A | 46310 Ko] - D:\Cyber - A Million Stars (Original Mix).wav
[21/01/2015 - 16:33:56 | A | 45196 Ko] - D:\Stryv - Surge (Original Mix).wav
[07/04/2014 - 17:02:22 | A | 0 Ko] - D:\Sazebník banů.txt
[10/10/2014 - 19:12:20 | A | 189 Ko] - D:\ClownfishVoiceChanger-v1.11.ts3_plugin
[07/05/2014 - 16:16:47 | A | 292 Ko] - D:\9535C621FC2B0116A66883C5BC9743A9F13D590F.torrent
[04/10/2014 - 18:51:31 | A | 55 Ko] - D:\[kickass.to]bonobo.black.sands.mp3.320.2010.torrent
[21/11/2014 - 17:50:53 | A | 27 Ko] - D:\Saw-1-6-CZ.torrent
[21/11/2014 - 18:14:22 | A | 16 Ko] - D:\Červená-čiapočka-horor-cz-dabing.torrent
[15/04/2014 - 20:56:58 | A | 399 Ko] - D:\Benny Hill Theme.mp3.sfk
[21/04/2014 - 20:12:13 | A | 409 Ko] - D:\03 - Flux Pavilion - I Can't Stop.mp3.sfk
[22/05/2014 - 05:49:36 | A | 38394 Ko] - D:\nzemysel.psd
[10/04/2014 - 17:17:06 | A | 1815 Ko] - D:\Narfyk SC LOGO.png
[14/03/2014 - 18:29:50 | A | 385 Ko] - D:\naa.pk
[10/07/2014 - 22:48:10 | A | 46 Ko] - D:\rscre.pk
[18/03/2014 - 21:45:18 | A | 158 Ko] - D:\20120611155842927.pdf
[09/05/2014 - 21:45:11 | A | 82 Ko] - D:\93_2005.pdf
[24/09/2014 - 20:20:48 | A | 344 Ko] - D:\palarik_zm.pdf
[02/11/2014 - 09:58:28 | A | 16 Ko] - D:\78188_00_561632023_2014-11-01.pdf
[23/10/2014 - 20:52:28 | A | 23 Ko] - D:\obn.odt
[23/10/2014 - 21:08:51 | A | 9 Ko] - D:\Pojem.odt
[26/08/2012 - 14:49:57 | N | 8288 Ko] - D:\untitled.mp3
[16/12/2013 - 19:30:37 | A | 1065 Ko] - D:\Showtime.mp3
[28/02/2014 - 12:40:43 | A | 800 Ko] - D:\ID - Little Frog_.mp3
[15/03/2014 - 00:44:45 | A | 358 Ko] - D:\anglina.mp3
[16/03/2014 - 21:57:05 | A | 1067 Ko] - D:\ryťhnus.mp3
[21/03/2014 - 21:39:43 | A | 19195 Ko] - D:\Narfyk - Freedom.mp3
[25/03/2014 - 14:00:55 | A | 402 Ko] - D:\nomuselsom.mp3
[04/04/2014 - 15:48:01 | A | 841 Ko] - D:\majster.mp3
[15/04/2014 - 20:52:05 | A | 7871 Ko] - D:\Benny Hill Theme.mp3
[17/04/2014 - 23:19:26 | A | 4923 Ko] - D:\čilz.mp3
[06/05/2014 - 18:09:46 | A | 4452 Ko] - D:\noidea_3.mp3
[17/05/2014 - 21:34:42 | A | 4475 Ko] - D:\Sennheiser HD 429 test.mp3
[30/05/2014 - 16:14:33 | A | 110 Ko] - D:\converz.mp3
[02/06/2014 - 16:59:17 | A | 3067 Ko] - D:\suchárčok.mp3
[06/06/2014 - 11:37:01 | A | 218 Ko] - D:\ovo.mp3
[09/06/2014 - 20:05:15 | A | 822 Ko] - D:\izotop.mp3
[29/06/2014 - 12:59:34 | A | 4761 Ko] - D:\ňah2.mp3
[29/06/2014 - 22:03:19 | A | 951 Ko] - D:\ňahmén.mp3
[10/07/2014 - 17:26:27 | A | 8992 Ko] - D:\Matt Lange - I Can't Forgive (Direct Remix).mp3
[10/07/2014 - 22:52:38 | A | 624 Ko] - D:\rscre.mp3
[16/07/2014 - 00:32:26 | A | 9564 Ko] - D:\anglinaa.mp3
[20/07/2014 - 19:57:16 | A | 15869 Ko] - D:\dictator_160.mp3
[30/07/2014 - 23:14:43 | A | 2127 Ko] - D:\EXCLUSIVE NIGGER PREVIEW.mp3
[15/08/2014 - 22:52:04 | A | 541 Ko] - D:\zaj.mp3
[18/08/2014 - 13:37:05 | A | 757 Ko] - D:\subzeroskríč_bezmelo.mp3
[02/09/2014 - 14:50:31 | A | 348 Ko] - D:\kickieee.mp3
[02/09/2014 - 14:53:02 | A | 346 Ko] - D:\kickieee2.mp3
[02/09/2014 - 14:56:12 | A | 696 Ko] - D:\kickieee3.mp3
[14/09/2014 - 20:35:32 | A | 1782 Ko] - D:\ICynfzL4HUCk.128.mp3
[25/09/2014 - 15:18:47 | A | 2147 Ko] - D:\Dragged sample_448.mp3
[29/09/2014 - 18:16:55 | A | 259 Ko] - D:\unicorn.mp3
[29/09/2014 - 19:04:03 | A | 4384 Ko] - D:\LOQa.mp3
[01/10/2014 - 19:45:11 | A | 179 Ko] - D:\StartSnd.mp3
[04/10/2014 - 19:29:35 | A | 73219 Ko] - D:\mix.mp3
[17/10/2014 - 15:11:18 | A | 2365 Ko] - D:\Newintroo.mp3
[25/10/2014 - 19:59:03 | A | 1097 Ko] - D:\screep.mp3
[12/11/2014 - 17:19:46 | A | 13252 Ko] - D:\Yea (Mastering).mp3
[15/11/2014 - 22:19:25 | A | 2190 Ko] - D:\Intro.mp3
[20/11/2014 - 19:22:58 | A | 1002 Ko] - D:\BIG HS_3.mp3
[09/12/2014 - 20:14:26 | A | 1194 Ko] - D:\beat_pre_fejka_hnilíka.mp3
[14/12/2014 - 13:55:32 | A | 5816 Ko] - D:\Pi_Jano.mp3
[20/12/2014 - 00:36:36 | A | 729 Ko] - D:\pochutina.mp3
[06/05/2013 - 16:36:34 | N | 3 Ko] - D:\ghiesz_epic_pian.mid
[18/07/2013 - 14:30:22 | N | 1 Ko] - D:\untitled.mid
[28/02/2014 - 18:00:32 | A | 2 Ko] - D:\ewt.mid
[23/12/2014 - 22:07:15 | A | 0 Ko] - D:\stream.ogg.m3u
[19/07/2014 - 21:42:49 | A | 2 Ko] - D:\narpheeek.ksd
[04/10/2012 - 13:23:20 | N | 376 Ko] - D:\SNC02389.jpg
[24/02/2013 - 17:35:05 | N | 38 Ko] - D:\267978_163957280422062_1872753739_n.jpg
[19/05/2013 - 10:45:58 | N | 6416 Ko] - D:\DSC_4939.JPG
[19/05/2013 - 10:46:02 | N | 7266 Ko] - D:\DSC_4940.JPG
[19/05/2013 - 10:46:04 | N | 7508 Ko] - D:\DSC_4941.JPG
[19/05/2013 - 11:09:52 | N | 9791 Ko] - D:\Untitled_Panorama1.jpg
[19/05/2013 - 18:33:56 | N | 222 Ko] - D:\20130519_193355.jpg
[27/05/2013 - 19:41:15 | N | 410 Ko] - D:\DSC_5072.jpg
[27/05/2013 - 19:57:14 | N | 144 Ko] - D:\nnn.jpg
[27/05/2013 - 20:12:35 | N | 143 Ko] - D:\DSC_5076f_.jpg
[27/05/2013 - 20:15:51 | N | 759 Ko] - D:\DSC_5076_.jpg
[06/08/2013 - 11:45:24 | N | 380 Ko] - D:\DSC_5023.jpg
[16/08/2013 - 14:08:39 | N | 732 Ko] - D:\šit.jpg
[22/08/2013 - 16:44:15 | A | 214 Ko] - D:\1817344_range-rover.jpg
[14/09/2013 - 19:21:54 | N | 172 Ko] - D:\DSC_0309.jpg
[22/09/2013 - 19:06:55 | N | 173 Ko] - D:\ňah.jpg
[26/09/2013 - 20:14:14 | N | 102 Ko] - D:\Untitled.jpg
[10/12/2013 - 19:10:46 | A | 39 Ko] - D:\1488145_381417561993181_256251286_n.jpg
[26/02/2014 - 13:36:24 | A | 1249 Ko] - D:\proj.jpg
[26/02/2014 - 13:37:18 | A | 677 Ko] - D:\cover.jpg
[01/03/2014 - 13:26:41 | A | 273 Ko] - D:\ceresrartdfg.jpg
[01/03/2014 - 13:52:26 | A | 149 Ko] - D:\2007-ford-s-max-1_600x0w.jpg
[01/03/2014 - 13:55:54 | A | 239 Ko] - D:\Untitled-1.jpg
[01/03/2014 - 16:20:52 | A | 229 Ko] - D:\ezmaks_rerctt.jpg
[01/03/2014 - 18:55:18 | A | 449 Ko] - D:\ford-s-max2.jpg
[02/03/2014 - 12:16:04 | A | 237 Ko] - D:\ford-s-max.jpg
[02/03/2014 - 12:17:42 | A | 554 Ko] - D:\s-max2_Co.jpg
[06/03/2014 - 21:36:51 | A | 63 Ko] - D:\a4_xfs_013_spain_1-1008x567.jpg
[07/03/2014 - 15:55:23 | A | 364 Ko] - D:\IMG_20140307_135029.jpg
[07/03/2014 - 15:55:23 | A | 350 Ko] - D:\IMG_20140307_135015.jpg
[07/03/2014 - 15:55:23 | A | 323 Ko] - D:\IMG_20140307_135006.jpg
[16/03/2014 - 09:59:53 | A | 415 Ko] - D:\10004678_685573951494948_1965321961_o.jpg
[16/03/2014 - 10:00:03 | A | 411 Ko] - D:\10006839_685573944828282_868917102_o.jpg
[16/03/2014 - 10:02:42 | A | 1109 Ko] - D:\gt.jpg
[18/03/2014 - 21:51:58 | A | 146 Ko] - D:\IMG_5329.jpg
[18/03/2014 - 21:52:00 | A | 44 Ko] - D:\IMG_3685_fhdr.jpg
[22/03/2014 - 13:25:47 | A | 357 Ko] - D:\DSC_5283a.jpg
[22/03/2014 - 13:27:05 | A | 648 Ko] - D:\maco.jpg
[27/03/2014 - 17:56:59 | A | 249 Ko] - D:\back.jpg
[10/04/2014 - 17:46:50 | A | 177 Ko] - D:\10168195_457835361015379_1496994267328955576_n.jpg
[27/04/2014 - 11:15:41 | A | 343 Ko] - D:\Yamaha_DT125X_200512_1600x1200nah_l.jpg
[01/05/2014 - 17:09:34 | N | 172 Ko] - D:\20140501_150846_66266.jpg
[24/05/2014 - 17:32:18 | A | 265 Ko] - D:\10313499_478719742260274_9042848235535227875_n.jpg
[03/06/2014 - 14:46:30 | A | 228 Ko] - D:\lulz.jpg
[05/06/2014 - 14:52:47 | A | 120 Ko] - D:\trollz.jpg
[05/06/2014 - 19:32:47 | A | 466 Ko] - D:\sv.jpg
[27/06/2014 - 18:11:23 | A | 119 Ko] - D:\10488860_10201986037524203_1216364186_n.jpg
[13/07/2014 - 19:45:47 | A | 344 Ko] - D:\meh.jpg
[13/08/2014 - 23:02:41 | A | 280 Ko] - D:\22526-sunset-in-montana-1920x1080-nature-wallpaper.jpg
[13/08/2014 - 23:02:44 | A | 160 Ko] - D:\22526-sunset-in-montana-1366x768-nature-wallpaper.jpg
[13/08/2014 - 23:06:03 | A | 459 Ko] - D:\22526-sunset-in-montana-1920x1080-nature-wallpapear.jpg
[24/09/2014 - 19:09:59 | A | 49 Ko] - D:\10620846_631029807010519_1067591853_n.jpg
[24/09/2014 - 21:41:46 | N | 7 Ko] - D:\AlbumArtSmall.jpg
[24/09/2014 - 21:41:46 | N | 40 Ko] - D:\Folder.jpg
[10/10/2014 - 14:22:59 | A | 64 Ko] - D:\hondavaradero125.jpg
[10/10/2014 - 18:25:38 | A | 254 Ko] - D:\screenšot.jpg
[10/10/2014 - 19:51:57 | A | 104 Ko] - D:\578762_262151527214789_1548161789_n.jpg
[14/10/2014 - 17:47:17 | A | 348 Ko] - D:\šalala.jpg
[14/10/2014 - 17:52:07 | A | 332 Ko] - D:\šalala2.jpg
[21/10/2014 - 21:05:02 | A | 894 Ko] - D:\schliefen.jpg
[24/10/2014 - 15:13:48 | A | 293 Ko] - D:\10517395_843727612324383_6405705469619959147_o.jpg
[24/10/2014 - 15:14:46 | A | 372 Ko] - D:\10714182_844227882274356_6788988311305399286_o.jpg
[11/11/2014 - 20:02:55 | A | 459 Ko] - D:\ničota.jpg
[04/12/2014 - 21:06:41 | A | 128 Ko] - D:\vas_kupon.jpg
[18/12/2014 - 17:58:48 | A | 23 Ko] - D:\A041110_JUP_BACOV_V.JPG
[23/12/2014 - 23:16:24 | A | 465 Ko] - D:\pubertálne_počiny.jpg
[19/07/2013 - 11:56:18 | N | 1 Ko] - D:\elia.fxp
[19/07/2013 - 11:56:12 | N | 504 Ko] - D:\elia.fst
[01/05/2014 - 18:45:11 | A | 2 Ko] - D:\untitled.fsc
[04/03/2014 - 20:27:47 | A | 69 Ko] - D:\fx.flp
[10/04/2014 - 17:56:02 | A | 176 Ko] - D:\better of aleno 2011-2012.flp
[30/07/2014 - 12:08:08 | A | 1639 Ko] - [VirusTotal - (0/57)] - D:\SkypeSetup.exe
[04/08/2014 - 19:33:29 | A | 1055 Ko] - D:\UnityWebPlayer.exe
[18/09/2014 - 15:35:17 | A | 55140 Ko] - D:\mfreeeffectsbundle_8_05_setup.exe
[02/10/2014 - 14:40:37 | A | 5370 Ko] - D:\OrbitDownloaderSetup.exe
[10/10/2014 - 18:48:34 | A | 27456 Ko] - D:\TeamSpeak3-Client-win32-3.0.16.exe
[27/10/2014 - 21:30:52 | A | 239 Ko] - D:\Firefox Setup Stub 33.0.exe
[02/10/2014 - 20:48:32 | A | 15 Ko] - D:\project.docx
[01/12/2014 - 21:31:37 | A | 42 Ko] - D:\Holidays and festivals.doc
[06/10/2013 - 17:50:03 | SHD] - D:\$RECYCLE.BIN
[18/09/2014 - 15:30:03 | D] - D:\Venm 1.3 R2R
[22/01/2015 - 17:11:51 | D] - D:\lik.wong.(1991).cze.1cd.(3900312)
[29/04/2012 - 18:41:16 | D] - D:\0SKOLKA
[05/10/2013 - 11:45:25 | D] - D:\torrentdownloadSurvivers
[06/10/2013 - 18:06:46 | D] - D:\mama
[05/12/2013 - 18:21:31 | D] - D:\torrentdownloadkrek
[04/01/2014 - 00:50:47 | D] - D:\Z_NOKIE
[16/02/2014 - 18:50:14 | D] - D:\f
[18/02/2014 - 22:26:32 | D] - D:\usb
[15/03/2014 - 20:24:36 | D] - D:\PS_efekty
[01/06/2014 - 12:54:05 | D] - D:\hotové_film
[01/07/2014 - 11:20:39 | D] - D:\Testy B,A
[10/07/2014 - 16:37:42 | D] - D:\EDM-2014-Preset-Pack
[18/07/2014 - 22:12:32 | D] - D:\izotope
[29/08/2014 - 22:23:51 | D] - D:\nexus
[30/08/2014 - 09:49:16 | D] - D:\LINKY
[27/09/2014 - 14:24:15 | D] - D:\MUSIC
[04/10/2014 - 11:59:53 | D] - D:\ummm
[04/10/2014 - 19:03:23 | D] - D:\kontakt
[23/10/2014 - 17:37:13 | D] - D:\film
[02/11/2014 - 15:49:55 | D] - D:\FL Pluginy
[17/11/2014 - 19:11:04 | D] - D:\TDR
[28/11/2014 - 23:11:36 | D] - D:\Sample
[07/12/2014 - 20:12:47 | D] - D:\FOTO
[23/12/2014 - 23:17:08 | D] - D:\PS_PROJEKTY
[31/12/2014 - 00:23:52 | D] - D:\backg
[07/01/2015 - 16:34:02 | D] - D:\Tools
[07/01/2015 - 16:54:10 | D] - D:\0foto
[10/01/2015 - 15:08:31 | D] - D:\nahr
[11/01/2015 - 16:44:01 | D] - D:\vymítač restta
[12/01/2015 - 15:59:10 | D] - D:\0DOCS
[13/01/2015 - 18:09:56 | D] - D:\Program Files
[18/01/2015 - 11:51:11 | D] - D:\0MRAVENCI
[23/01/2015 - 23:15:49 | D] - D:\pheysi
[24/01/2015 - 00:15:03 | D] - D:\torrentdownload
[25/01/2015 - 15:11:20 | D] - D:\foťočky
################## | E:\ - Fixed drive (NTFS) |
[20/01/2015 - 20:23:31 | A | 15 Ko] - E:\VirtualDJ Local Database v6.xml
[03/10/2014 - 19:11:45 | A | 394337 Ko] - E:\antitled.wmv
[19/01/2015 - 17:16:03 | A | 9716 Ko] - E:\zhája.wmv
[20/01/2015 - 17:20:38 | A | 39818 Ko] - E:\zhája2.wmv
[22/01/2015 - 22:29:45 | A | 443087 Ko] - E:\zhája_final.wmv
[31/03/2014 - 20:20:13 | A | 35 Ko] - E:\kRO_Renewal_Full_Client_011213.torrent
[01/09/2014 - 18:00:38 | A | 1469579 Ko] - E:\nic-nekrvaca-vecne-official-dvdrip.mp4
[19/11/2014 - 23:13:53 | A | 28350 Ko] - E:\frontliner.mp3
[02/12/2014 - 22:53:20 | A | 2461 Ko] - E:\haťäňové jašoty.mp3
[15/01/2015 - 15:58:15 | A | 503 Ko] - E:\tests.mp3.mp3
[15/01/2015 - 21:42:05 | A | 7731 Ko] - E:\Ďuro - Pusti tú basu.mp3
[21/01/2014 - 14:14:40 | A | 0 Ko] - E:\Data1 (D) - Shortcut.lnk
[03/04/2014 - 18:53:14 | A | 298 Ko] - E:\1795966_433865840081686_1616901988_o.jpg
[03/04/2014 - 19:12:05 | A | 467 Ko] - E:\1795966_433865840081686_1616901988_oa.jpg
[24/12/2014 - 14:32:52 | A | 617 Ko] - E:\ničota.jpg
[31/12/2014 - 23:26:46 | A | 521 Ko] - E:\DSC_6089.jpg
[13/01/2015 - 18:08:43 | A | 2362 Ko] - E:\sc_serv2_win32-latest.exe
[06/10/2013 - 17:50:03 | SHD] - E:\$RECYCLE.BIN
[09/11/2013 - 19:09:54 | D] - E:\torrentdownloadLOTRBFME1
[06/01/2014 - 16:17:54 | D] - E:\Install
[11/01/2014 - 16:09:24 | D] - E:\FNUF
[29/01/2014 - 20:48:46 | D] - E:\torrentdownload?gmod
[04/04/2014 - 22:10:12 | D] - E:\torrentdownloadflsportable
[12/05/2014 - 14:11:47 | D] - E:\Users
[22/06/2014 - 20:43:49 | D] - E:\Backup
[27/11/2014 - 17:52:56 | D] - E:\nezmysle
[24/12/2014 - 12:36:17 | D] - E:\LFS
[11/01/2015 - 19:07:41 | D] - E:\Hry
[13/01/2015 - 19:35:21 | D] - E:\Teamviewer 9
[20/01/2015 - 18:55:00 | D] - E:\vjeci
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
No myslím že som stlačil Clean až moc skoro po zapojení USB a nebolo skontrolované, pretože po skenovaní s antivírom na USB predsalen našlo vírus. Screenshot:
http://imgur.com/g7emB65
Tak som ešte raz preistotu urobil len Research:
############################## | UsbFix V 7.811 | [Research]
User: Andrej (Administrator) # PROBOOK
Updated 20/01/2015 by El Desaparecido - SosVirus
Started at 15:36:56 | 25/01/2015
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/
################## | System information |
MB: Hewlett-Packard (1411)
CPU: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
RAM -> [Total : 2991 Mo | Free : 1526 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 35.0
################## | Security Information |
AV: Microsoft Security Essentials [Enabled |Updated]
AS: Microsoft Security Essentials [Enabled |Updated]
AS: Windows Defender [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 60 Gb (19 Gb free - 31%) [] # NTFS
D:\ -> Fixed disk # 120 Gb (6 Gb free - 5%) [Data1] # NTFS
E:\ -> Fixed disk # 118 Gb (10 Gb free - 8%) [Data2] # NTFS
G:\ -> CD-ROM # 2 Gb (0 Mb free - 0%) [VIRTUA_TENNIS_3] # UDF
K:\ -> Removable disk # 4 Gb (399 Mb free - 10%) [KINGSTON] # FAT32
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Google Update] "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-4193802647-1336769331-151233365-1000\..\Run : [Nexus] C:\Program Files\Winstep\Nexus.exe autostart
04GS - OneNote 2007 Screen Clipper and Launcher.lnk : D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
04GS - eInstruction Device Manager.lnk : C:\Program Files\eInstruction\Device Manager\Launch.exe
################## | Generic Research |
################## | Registry |
################## | UsbFix - Information |
Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/
################## | Hijack |
Hijacked! [SH] K:\Riki-Oh.The.Story.of.Ricky.1991.DVDRip.AC3.XviD-ShitBusters.srt.srt
Hijacked! [SH] K:\Riki-Oh.The.Story.of.Ricky.1991.DVDRip.AC3.XviD-ShitBusters.avi
Hijacked! [SH] K:\zhája_final.wmv
Hijacked! [SH] K:\V zajatí démonov r.2013.avi
Hijacked! [SH] K:\Pár nenormálnych aktivít r.2013.avi
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
Re: Preventívka + help pri čistení USB
Projedte PC MBAMem http://forum.viry.cz/viewtopic.php?f=29&t=137928
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Narfyk
- Vzorný návštěvník
- Příspěvky: 208
- Registrován: 07 čer 2010 17:54
- Bydliště: SK
- Kontaktovat uživatele:
Re: Preventívka + help pri čistení USB
Skontrolované, nenašiel nič. 
Přispějete na provoz fóra?