Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Facebook vírus

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Facebook vírus

#1 Příspěvek od Sanewai »

Zdravím, dnes mi na mail začali chodiť správy že vraj som sa pripojil do 150 skupín, menenie hesla nepomohlo pretože mi na mail stále chodili správy že s nejakej adresu v česku sa generuje nové heslo. Tak som zablokoval pre účet žiadanie nového hesla a zatial bol klud. No ako som vymazával skupiny v ktorých som bol začali sa pridávať do tých skupín správy z mojho účtu typu "14-letí žáci základní školy hráli geniální hru při které 5 studentek otěhotnělo!
promuze.net"

A niekto pod to napísal že som dostal vírus. Preto sa chcem obrátiť na vás či by ste to vedeli vyriešiť.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-09-09 19:18:12
Microsoft Windows 8.1
System drive C: has 780 GB (82%) free of 954 GB
Total RAM: 8140 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:15, on 9.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7601929472
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9142 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {be32ae45-f30e-48c4-9c28ff0758c10860}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" dc65b442-c044-4874-b4c4-e268968a67bb
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Tomáš\AppData\Local\Steam\htmlcache" -steampid 1188 -buildid 1440016726 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2544 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="2544.3.722845143\1200692446" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="3592.6.432649636\1319805157" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3592 "\\.\pipe\gecko-crash-server-pipe.3592" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --proxy-stub-channel=Flash4592.5AD0D388.7728 --host-broker-channel=Flash4592.5AD0D388.19267 --host-pid=4592 --host-npapi-version=28 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_209.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --channel=4612.009BF2F0.1529138826 --proxy-stub-channel=Flash4592.5AD0D388.7728 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_209.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Tomáš\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ha5y9h6q.default

prefs.js - "browser.startup.homepage" - "Google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31 559624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-27 1710568]
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2014-10-29 51200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53661824]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-26 6111824]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"Dare-U mouse"=C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe [2013-01-17 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-09 19:18:12 ----D---- C:\rsit
2015-09-09 19:18:12 ----D---- C:\Program Files\trend micro
2015-09-09 15:32:56 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 15:32:56 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 15:31:34 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 15:31:34 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 15:31:34 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 15:31:29 ----A---- C:\Windows\system32\tzsync.exe
2015-09-06 12:43:13 ----D---- C:\ProgramData\Hewlett-Packard
2015-09-04 02:21:57 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-09-04 02:18:05 ----A---- C:\Windows\system32\nvcuda.dll
2015-09-04 02:18:05 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvopencl.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvoglv64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvmcumd.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvinitx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvIFR64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvFBC64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvdispgenco6435582.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvdispco6435582.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvcuvid.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvcompiler.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvaudcaparm.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\drivers\nvvadarm.sys
2015-09-02 22:21:12 ----D---- C:\Filmy
2015-09-02 22:20:24 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2015-09-02 22:18:47 ----D---- C:\niečo
2015-08-28 16:09:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-26 19:17:14 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-08-26 19:17:14 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-08-19 08:02:46 ----A---- C:\Windows\system32\mshtml.dll
2015-08-19 08:02:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-13 23:01:02 ----A---- C:\Windows\system32\nvdispgenco6435560.dll
2015-08-13 23:01:01 ----A---- C:\Windows\system32\nvdispco6435560.dll
2015-08-13 02:42:03 ----D---- C:\Users\Tomáš\AppData\Roaming\GameRanger
2015-08-12 19:11:32 ----RHD---- C:\Users\Tomáš\AppData\Roaming\SecuROM
2015-08-12 13:47:41 ----D---- C:\ProgramData\X360CE
2015-08-12 01:29:45 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 01:29:45 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 22:50:48 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wups2.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wups.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wudriver.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wucltux.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wuapp.exe
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wuapi.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-11 22:50:46 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\system32\davclnt.dll
2015-08-11 22:50:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-11 22:50:45 ----A---- C:\Windows\system32\ntdll.dll
2015-08-11 22:50:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-11 22:50:44 ----A---- C:\Windows\system32\sysmain.dll
2015-08-11 22:50:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-11 22:50:28 ----A---- C:\Windows\system32\jscript9.dll
2015-08-11 22:50:28 ----A---- C:\Windows\system32\ieframe.dll
2015-08-11 22:50:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-11 22:50:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-11 22:50:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-11 22:50:27 ----A---- C:\Windows\system32\wininet.dll
2015-08-11 22:50:27 ----A---- C:\Windows\system32\ieui.dll
2015-08-11 22:50:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-11 22:50:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-11 22:50:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-11 22:50:26 ----A---- C:\Windows\system32\urlmon.dll
2015-08-11 22:50:26 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-11 22:50:26 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-11 22:50:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-11 22:50:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-11 22:50:25 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-08-11 22:50:25 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-11 22:50:25 ----A---- C:\Windows\system32\webcheck.dll
2015-08-11 22:50:25 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-11 22:50:25 ----A---- C:\Windows\system32\iertutil.dll
2015-08-11 22:50:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-11 22:50:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-11 22:50:24 ----A---- C:\Windows\system32\vbscript.dll
2015-08-11 22:50:24 ----A---- C:\Windows\system32\jscript.dll
2015-08-11 22:50:24 ----A---- C:\Windows\system32\inetcomm.dll
2015-08-11 22:50:24 ----A---- C:\Windows\system32\iepeers.dll
2015-08-11 22:49:33 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-11 22:49:31 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-11 22:49:30 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-11 22:49:15 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-11 22:49:15 ----A---- C:\Windows\system32\basesrv.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\msxml6.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\msxml3.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\mstscax.dll
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\win32k.sys
2015-08-11 22:49:13 ----A---- C:\Windows\system32\notepad.exe
2015-08-11 22:49:13 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\FntCache.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\DWrite.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\atmlib.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\atmfd.dll
2015-08-11 22:49:13 ----A---- C:\Windows\notepad.exe
2015-08-11 15:47:35 ----D---- C:\Program Files (x86)\Adobe

======List of files/folders modified in the last 1 month======

2015-09-09 19:18:12 ----RD---- C:\Program Files
2015-09-09 19:10:49 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2015-09-09 19:00:00 ----D---- C:\Windows\system32\sru
2015-09-09 18:46:22 ----D---- C:\Windows\Prefetch
2015-09-09 18:34:28 ----D---- C:\Windows\Temp
2015-09-09 16:41:30 ----D---- C:\Program Files (x86)\Steam
2015-09-09 16:28:44 ----D---- C:\Windows\rescache
2015-09-09 16:23:11 ----D---- C:\Windows\Microsoft.NET
2015-09-09 16:22:16 ----RSD---- C:\Windows\assembly
2015-09-09 16:12:31 ----D---- C:\Windows\system32\config
2015-09-09 16:09:08 ----D---- C:\Windows\CbsTemp
2015-09-09 16:09:06 ----D---- C:\Windows\WinSxS
2015-09-09 16:08:41 ----RD---- C:\Windows\System32
2015-09-09 16:08:41 ----D---- C:\Windows\SysWOW64
2015-09-09 16:08:41 ----D---- C:\Program Files\Windows Journal
2015-09-09 16:08:03 ----D---- C:\Windows\system32\MRT
2015-09-09 16:06:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-09-09 16:06:19 ----D---- C:\Windows\system32\sk-SK
2015-09-09 16:06:10 ----D---- C:\Windows\system32\DriverStore
2015-09-09 16:05:53 ----SHD---- C:\System Volume Information
2015-09-09 15:29:24 ----D---- C:\Windows
2015-09-09 15:29:23 ----D---- C:\Windows\system32\catroot2
2015-09-08 15:04:29 ----D---- C:\ProgramData\NVIDIA
2015-09-07 18:10:40 ----D---- C:\Users\Tomáš\AppData\Roaming\TS3Client
2015-09-06 20:46:08 ----A---- C:\Windows\system32\lpcio.dll
2015-09-06 12:43:24 ----D---- C:\Windows\system32\drivers
2015-09-06 12:43:24 ----D---- C:\Windows\Inf
2015-09-06 12:43:13 ----HD---- C:\ProgramData
2015-09-06 09:59:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-06 02:02:20 ----D---- C:\Windows\debug
2015-09-05 22:15:53 ----D---- C:\Windows\AppReadiness
2015-09-05 22:15:51 ----D---- C:\Windows\SoftwareDistribution
2015-09-04 02:22:17 ----D---- C:\ProgramData\NVIDIA Corporation
2015-09-02 21:05:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-02 20:57:46 ----D---- C:\Windows\system32\NDF
2015-08-31 08:23:30 ----D---- C:\ProgramData\Origin
2015-08-30 08:26:04 ----RD---- C:\Program Files (x86)
2015-08-27 02:37:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-08-27 02:37:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-08-27 02:36:47 ----A---- C:\Windows\system32\nvspcap64.dll
2015-08-27 02:36:47 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\OpenCL.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvmcvadgenco64.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvapi64.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvvsvc.exe
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvsvcr.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvsvc64.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvshext.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvmctray.dll
2015-08-25 16:24:19 ----A---- C:\Windows\system32\nvcpl.dll
2015-08-18 22:24:07 ----SHD---- C:\Windows\Installer
2015-08-18 22:24:07 ----D---- C:\ProgramData\Skype
2015-08-16 10:01:48 ----D---- C:\Windows\Logs
2015-08-16 10:01:48 ----D---- C:\Users\Tomáš\AppData\Roaming\uTorrent
2015-08-16 10:01:48 ----D---- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
2015-08-13 02:55:17 ----D---- C:\Program Files (x86)\Origin Games
2015-08-13 02:37:34 ----HD---- C:\Program Files\WindowsApps
2015-08-12 16:21:36 ----D---- C:\ProgramData\Electronic Arts
2015-08-12 03:24:08 ----D---- C:\Program Files\Internet Explorer
2015-08-12 03:24:08 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-12 03:24:07 ----D---- C:\Windows\system32\drivers\en-US
2015-08-12 03:24:07 ----D---- C:\Program Files\Windows Defender
2015-08-12 03:24:07 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-11 15:50:16 ----D---- C:\Windows\system32\Tasks
2015-08-11 15:50:16 ----D---- C:\Program Files (x86)\Common Files
2015-08-11 15:48:41 ----D---- C:\Users\Tomáš\AppData\Roaming\Adobe
2015-08-11 15:47:32 ----D---- C:\ProgramData\Adobe
2015-08-11 06:52:30 ----A---- C:\Windows\system32\nvaudcap64v.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-31 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-31 274808]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-31 115152]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-07-31 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-31 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-13 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-31 447944]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-31 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-31 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-31 150672]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 dtlitescsibus;@oem16.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-07-20 30264]
R3 Ke2200;@oem1.inf,%L1C.Service.DispName%;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 129312]
R3 NVHDA;@oem6.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-25 11089200]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 19576]
R3 nvvad_WaveExtensible;@oem27.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 NVVADARM;@oem28.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\Windows\system32\drivers\nvvadarm.sys [2015-08-25 39032]
S3 dot4;@oem33.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem34.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem33.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 64216]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 USBPNPA;@oem17.inf,%CM108.SvcDesc%;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM10864.sys [2014-03-13 4333568]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-31 146600]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-03-13 20512]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 1155192]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 409376]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-25 937776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-25 410744]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-07-21 1141248]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-07-25 2007048]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.10 2015-09-09 19:18:17

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A14E37E8300008020210007FEFFFF000800000058707400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->C:\Program Files (x86)\GOG.com\Knights and Merchants TPR\unins000.exe
Adobe Flash Player 18 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_Plugin.exe -maintain plugin
Aslain's XVM WoT Modpack verze 4.6.2-->"C:\Games\World_of_Tanks\unins001.exe"
Avast Pro Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Bandicam-->"C:\Program Files (x86)\Bandicam\uninstall.exe"
Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
Burnout™ Paradise: The Ultimate Box-->"C:\Program Files (x86)\Common Files\EAInstaller\Burnout(TM) Paradise - The Ultimate Box\Cleanup.exe" uninstall_game -autologging
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Command & Conquer 3 Tiberium Wars™-->MsiExec.exe /X{CAC9DCAF-0EA8-442C-97EA-CA6F5755390A}
Command & Conquer™: Generals and Zero Hour-->"C:\Program Files (x86)\Common Files\EAInstaller\Command and Conquer Generals Zero Hour\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Counter-Strike: Global Offensive-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730
CPUID CPU-Z 1.72-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Dark Souls: Prepare to Die Edition-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/211420
DayZ-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/221100
Dead Space™ 3-->"C:\Program Files (x86)\Common Files\EAInstaller\Dead Space 3\Cleanup.exe" uninstall_game -autologging
Dungeon Defenders-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/65800
Gaming Keyboard Driver-->C:\Program Files (x86)\InstallShield Installation Information\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}\setup.exe -runfromtemp -l0x0009 -removeonly
GRID Autosport-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/255220
GX GAMING CAVIMANUS HEADSET-->"C:\Program Files (x86)\InstallShield Installation Information\{71B53BA8-4BE3-49AF-BC3E-07F392006300}\setup.exe" -runfromtemp -l0x0409 -removeonly /Cmicheck
Intel(R) Chipset Device Software-->MsiExec.exe /I{5CA7FC9B-8508-4494-B365-6FBCBAEB8E89}
Intel(R) Management Engine Components-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components-->MsiExec.exe /I{8C791A9C-B26E-4E09-8D87-3348AAE61B4A}
Intel(R) Management Engine Components-->MsiExec.exe /I{9F75A0EC-6773-4116-9D07-ABC427273606}
Intel(R) ME UninstallLegacy-->MsiExec.exe /I{DBC3205C-2A41-490A-8EE4-BE4993FC2EC6}
Intel® Chipset Device Software-->"C:\ProgramData\Package Cache\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}\SetupChipset.exe" /uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}
KaM Remake Full r6720-->"C:\KaM Remake\unins000.exe"
Knights and Merchants - The Peasants Rebellion-->"C:\Program Files (x86)\GOG.com\Knights and Merchants TPR\unins000.exe"
League of Legends-->msiexec.exe /x {79BF4901-1EC4-4726-B3C2-A7859706C6E7}
League of Legends-->MsiExec.exe /X{79BF4901-1EC4-4726-B3C2-A7859706C6E7}
Malwarebytes Anti-Malware verzia 2.1.8.1057-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
Mozilla Firefox 40.0.3 (x86 sk)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSI Gaming APP-->"C:\Program Files (x86)\MSI\MSI Gaming APP\unins000.exe"
NVIDIA 3D Vision radič ovládača 352.65-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA GeForce Experience 2.5.14.5-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Grafický ovládač 355.82-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Ovládač 3D Vision 355.82-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovládač zvuku HD 1.3.34.3-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Virtuálny zvuk Miracast 355.82-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Miracast.VirtualAudio
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
Skype™ 7.7-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
Trine 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/35720
Unigine Valley Benchmark version 1.0-->"C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\unins000.exe"
uRage Illuminated Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F1A273BD-6A9E-41D8-A111-5E56ACD286F8}\setup.exe -runfromtemp -l0x0009 -removeonly
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Vypínač na dobrou noc verze 2.0-->"C:\Program Files (x86)\Vypínač na dobrou noc\unins000.exe"
WinRAR 5.21 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: Tomas
Event Code: 7000
Message: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.
Record Number: 384
Source Name: Service Control Manager
Time Written: 20150720105325.262218-000
Event Type: Error
User:

Computer Name: Tomas
Event Code: 7009
Message: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).
Record Number: 383
Source Name: Service Control Manager
Time Written: 20150720105325.262218-000
Event Type: Error
User:

Computer Name: Tomas
Event Code: 219
Message: The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{1929e13e-2eca-11e5-824f-d8cb8a5d5942}#0000000000100000.
Record Number: 380
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20150720105131.264313-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Tomas
Event Code: 10010
Message: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Record Number: 341
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20150720105020.145305-000
Event Type: Error
User: Tomas\Tomáš

Computer Name: WIN-2SPNOLGAFMS
Event Code: 10010
Message: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Record Number: 221
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20150716093319.889394-000
Event Type: Error
User: Tomas\Administrator

=====Application event log=====

Computer Name: Tomas
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 237
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20150720103913.168783-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Tomas
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 235
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20150720103913.153158-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Tomas
Event Code: 1534
Message: Profile notification of event Delete for component {DE3F3560-3032-41B4-B6CF-F703B1B95640} failed, error code is ???.


Record Number: 145
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20150720103220.103677-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Tomas
Event Code: 2
Message:
Record Number: 142
Source Name: Microsoft-Windows-Search-ProfileNotify
Time Written: 20150720103220.000000-000
Event Type: Error
User:

Computer Name: Tomas
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 139
Source Name: Microsoft-Windows-Search
Time Written: 20150720103219.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: WIN-2SPNOLGAFMS
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 153
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716093317.133637-000
Event Type: Audit Success
User:

Computer Name: WIN-2SPNOLGAFMS
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-2SPNOLGAFMS$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Type: 5

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x214
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 152
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716093317.132636-000
Event Type: Audit Success
User:

Computer Name: WIN-2SPNOLGAFMS
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 151
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716093315.594158-000
Event Type: Audit Success
User:

Computer Name: WIN-2SPNOLGAFMS
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-2SPNOLGAFMS$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Type: 5

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x214
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 150
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716093315.594158-000
Event Type: Audit Success
User:

Computer Name: WIN-2SPNOLGAFMS
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1529661513-201502828-18231422-500
Account Name: Administrator
Domain Name: WIN-2SPNOLGAFMS
Logon ID: 0x1B5BF
Record Number: 149
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150716093315.950504-000
Event Type: Audit Success
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"Path"=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=3c03

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#3 Příspěvek od Sanewai »

no vírus mi už zmenil heslo od Facebooku aj od mailu, takže som stratil asi oboje... ale tu je log

# AdwCleaner v5.007 - Logfile created 09/09/2015 at 20:04:53
# Updated 08/09/2015 by Xplode
# Database : 2015-09-08.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Tomáš - TOMAS
# Running from : C:\Users\Tomáš\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Tomáš\AppData\Roaming\RHEng

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [658 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#5 Příspěvek od Sanewai »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-09-09 20:11:17
Microsoft Windows 8.1
System drive C: has 781 GB (82%) free of 954 GB
Total RAM: 8140 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:19, on 9.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7601929472
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8555 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe

winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" dc65b442-c044-4874-b4c4-e268968a67bb
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\SearchIndexer.exe /Embedding
dashost.exe {bd65e80d-c39b-40d1-9767dddeb823426f}
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Tomáš\AppData\Local\Steam\htmlcache" -steampid 4568 -buildid 1440016726 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write

"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4416 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="4416.0.1604894266\2142645022" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4416 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="4416.1.2112583725\381740627" /prefetch:673131151
taskeng.exe {61889BA8-5492-4469-A2D7-EA5CEDA32245}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomáš\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ha5y9h6q.default

prefs.js - "browser.startup.homepage" - "Google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31 559624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-27 1710568]
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2014-10-29 51200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53661824]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-26 6111824]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"Dare-U mouse"=C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe [2013-01-17 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-09 20:04:00 ----D---- C:\AdwCleaner
2015-09-09 19:18:12 ----D---- C:\rsit
2015-09-09 19:18:12 ----D---- C:\Program Files\trend micro
2015-09-09 15:33:31 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 15:32:56 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 15:32:56 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 15:32:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 15:32:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 15:32:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 15:32:52 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 15:32:51 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 15:32:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 15:32:50 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 15:32:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 15:32:49 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 15:32:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 15:32:49 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 15:32:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 15:32:48 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 15:32:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 15:32:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 15:32:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-09-09 15:32:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-09-09 15:32:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\webcheck.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 15:32:00 ----A---- C:\Windows\system32\taskeng.exe
2015-09-09 15:32:00 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 15:31:59 ----A---- C:\Windows\system32\schtasks.exe
2015-09-09 15:31:57 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2015-09-09 15:31:56 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2015-09-09 15:31:35 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 15:31:35 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2015-09-09 15:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\shacct.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\SettingSync.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\authui.dll
2015-09-09 15:31:34 ----A---- C:\Windows\SYSWOW64\shacct.dll
2015-09-09 15:31:34 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 15:31:34 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 15:31:34 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 15:31:33 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 15:31:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 15:31:33 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 15:31:33 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 15:31:33 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 15:31:29 ----A---- C:\Windows\system32\tzsync.exe
2015-09-06 12:43:13 ----D---- C:\ProgramData\Hewlett-Packard
2015-09-04 02:21:57 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-09-04 02:18:05 ----A---- C:\Windows\system32\nvcuda.dll
2015-09-04 02:18:05 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvopencl.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvoglv64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvmcumd.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvinitx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvIFR64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvFBC64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvdispgenco6435582.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvdispco6435582.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvcuvid.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvcompiler.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvaudcaparm.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\drivers\nvvadarm.sys
2015-09-02 22:21:12 ----D---- C:\Filmy
2015-09-02 22:20:24 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2015-09-02 22:18:47 ----D---- C:\niečo
2015-08-28 16:09:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-26 19:17:14 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-08-26 19:17:14 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-08-13 23:01:02 ----A---- C:\Windows\system32\nvdispgenco6435560.dll
2015-08-13 23:01:01 ----A---- C:\Windows\system32\nvdispco6435560.dll
2015-08-13 02:42:03 ----D---- C:\Users\Tomáš\AppData\Roaming\GameRanger
2015-08-12 19:11:32 ----RHD---- C:\Users\Tomáš\AppData\Roaming\SecuROM
2015-08-12 13:47:41 ----D---- C:\ProgramData\X360CE
2015-08-12 01:29:45 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 01:29:45 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wups2.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wups.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-11 22:50:46 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\system32\davclnt.dll
2015-08-11 22:50:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-11 22:50:45 ----A---- C:\Windows\system32\ntdll.dll
2015-08-11 22:50:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-11 22:50:44 ----A---- C:\Windows\system32\sysmain.dll
2015-08-11 22:50:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-11 22:50:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-11 22:50:27 ----A---- C:\Windows\system32\ieui.dll
2015-08-11 22:50:26 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-11 22:50:25 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-11 22:50:24 ----A---- C:\Windows\system32\iepeers.dll
2015-08-11 22:49:33 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-11 22:49:31 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-11 22:49:30 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-11 22:49:15 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-11 22:49:15 ----A---- C:\Windows\system32\basesrv.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\msxml6.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\msxml3.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\mstscax.dll
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\notepad.exe
2015-08-11 22:49:13 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\FntCache.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\DWrite.dll
2015-08-11 22:49:13 ----A---- C:\Windows\notepad.exe
2015-08-11 15:47:35 ----D---- C:\Program Files (x86)\Adobe

======List of files/folders modified in the last 1 month======

2015-09-09 20:09:37 ----D---- C:\Program Files (x86)\Steam
2015-09-09 20:08:44 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2015-09-09 20:06:37 ----D---- C:\Windows\Prefetch
2015-09-09 20:06:13 ----D---- C:\Windows\Temp
2015-09-09 20:05:42 ----D---- C:\ProgramData\NVIDIA
2015-09-09 20:00:00 ----D---- C:\Windows\system32\sru
2015-09-09 19:45:28 ----D---- C:\Windows\system32\config
2015-09-09 19:45:27 ----D---- C:\Windows\WinSxS
2015-09-09 19:45:09 ----D---- C:\Windows
2015-09-09 19:43:02 ----RD---- C:\Windows\System32
2015-09-09 19:43:02 ----D---- C:\Windows\SysWOW64
2015-09-09 19:43:02 ----D---- C:\Windows\system32\sk-SK
2015-09-09 19:43:02 ----D---- C:\Program Files\Internet Explorer
2015-09-09 19:43:02 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 19:43:01 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 19:42:31 ----D---- C:\Windows\SoftwareDistribution
2015-09-09 19:37:35 ----D---- C:\Windows\Inf
2015-09-09 19:37:35 ----D---- C:\Windows\debug
2015-09-09 19:18:12 ----RD---- C:\Program Files
2015-09-09 16:28:44 ----D---- C:\Windows\rescache
2015-09-09 16:23:11 ----D---- C:\Windows\Microsoft.NET
2015-09-09 16:22:16 ----RSD---- C:\Windows\assembly
2015-09-09 16:09:08 ----D---- C:\Windows\CbsTemp
2015-09-09 16:08:41 ----D---- C:\Program Files\Windows Journal
2015-09-09 16:08:03 ----D---- C:\Windows\system32\MRT
2015-09-09 16:06:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-09-09 16:06:10 ----D---- C:\Windows\system32\DriverStore
2015-09-09 16:05:53 ----SHD---- C:\System Volume Information
2015-09-09 15:29:23 ----D---- C:\Windows\system32\catroot2
2015-09-07 18:10:40 ----D---- C:\Users\Tomáš\AppData\Roaming\TS3Client
2015-09-06 20:46:08 ----A---- C:\Windows\system32\lpcio.dll
2015-09-06 12:43:24 ----D---- C:\Windows\system32\drivers
2015-09-06 12:43:13 ----HD---- C:\ProgramData
2015-09-06 09:59:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-05 22:15:53 ----D---- C:\Windows\AppReadiness
2015-09-04 02:22:17 ----D---- C:\ProgramData\NVIDIA Corporation
2015-09-02 21:05:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-02 20:57:46 ----D---- C:\Windows\system32\NDF
2015-08-31 08:23:30 ----D---- C:\ProgramData\Origin
2015-08-30 08:26:04 ----RD---- C:\Program Files (x86)
2015-08-27 02:37:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-08-27 02:37:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-08-27 02:36:47 ----A---- C:\Windows\system32\nvspcap64.dll
2015-08-27 02:36:47 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\OpenCL.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvmcvadgenco64.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvapi64.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvvsvc.exe
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvsvcr.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvsvc64.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvshext.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvmctray.dll
2015-08-25 16:24:19 ----A---- C:\Windows\system32\nvcpl.dll
2015-08-18 22:24:07 ----SHD---- C:\Windows\Installer
2015-08-18 22:24:07 ----D---- C:\ProgramData\Skype
2015-08-16 10:01:48 ----D---- C:\Windows\Logs
2015-08-16 10:01:48 ----D---- C:\Users\Tomáš\AppData\Roaming\uTorrent
2015-08-16 10:01:48 ----D---- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
2015-08-13 02:55:17 ----D---- C:\Program Files (x86)\Origin Games
2015-08-13 02:37:34 ----HD---- C:\Program Files\WindowsApps
2015-08-12 16:21:36 ----D---- C:\ProgramData\Electronic Arts
2015-08-12 03:24:07 ----D---- C:\Windows\system32\drivers\en-US
2015-08-12 03:24:07 ----D---- C:\Program Files\Windows Defender
2015-08-12 03:24:07 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-11 15:50:16 ----D---- C:\Windows\system32\Tasks
2015-08-11 15:50:16 ----D---- C:\Program Files (x86)\Common Files
2015-08-11 15:48:41 ----D---- C:\Users\Tomáš\AppData\Roaming\Adobe
2015-08-11 15:47:32 ----D---- C:\ProgramData\Adobe
2015-08-11 06:52:30 ----A---- C:\Windows\system32\nvaudcap64v.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-31 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-31 274808]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-31 115152]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-07-31 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-31 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-13 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-31 447944]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-31 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-31 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-31 150672]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 dtlitescsibus;@oem16.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-07-20 30264]
R3 Ke2200;@oem1.inf,%L1C.Service.DispName%;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 129312]
R3 NVHDA;@oem6.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-25 11089200]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 19576]
R3 nvvad_WaveExtensible;@oem27.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 NVVADARM;@oem28.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\Windows\system32\drivers\nvvadarm.sys [2015-08-25 39032]
S3 dot4;@oem33.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem34.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem33.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 64216]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 USBPNPA;@oem17.inf,%CM108.SvcDesc%;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM10864.sys [2014-03-13 4333568]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-31 146600]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-03-13 20512]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 1155192]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 409376]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-25 937776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-25 410744]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-07-21 1141248]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-07-25 2007048]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#7 Příspěvek od Sanewai »

pridávam log aj z OTM

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tomáš
->Temp folder emptied: 4151451 bytes
->Temporary Internet Files folder emptied: 6640635 bytes
->FireFox cache emptied: 82533886 bytes
->Flash cache emptied: 717 bytes

User: Tom��

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 1434675 bytes

Total Files Cleaned = 90,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Tomáš
->Flash cache emptied: 0 bytes

User: Tom��

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09092015_214758

Files moved on Reboot...
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


log z RSIT


Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-09-09 21:51:09
Microsoft Windows 8.1
System drive C: has 781 GB (82%) free of 954 GB
Total RAM: 8140 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:11, on 9.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Tomáš\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7601929472
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8583 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {7eff0b60-1dac-41e9-879969282cf8185d}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" dc65b442-c044-4874-b4c4-e268968a67bb
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\Tomáš\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Tomáš\AppData\Local\Steam\htmlcache" -steampid 4704 -buildid 1440016726 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomáš\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ha5y9h6q.default

prefs.js - "browser.startup.homepage" - "Google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-31 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-31 559624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-27 1710568]
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2014-10-29 51200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53661824]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-26 6111824]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"Dare-U mouse"=C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe [2013-01-17 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-09 21:45:46 ----D---- C:\_OTM
2015-09-09 20:04:00 ----D---- C:\AdwCleaner
2015-09-09 19:18:12 ----D---- C:\rsit
2015-09-09 19:18:12 ----D---- C:\Program Files\trend micro
2015-09-09 15:33:31 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 15:33:30 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 15:33:30 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 15:32:56 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 15:32:56 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 15:32:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 15:32:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 15:32:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 15:32:52 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 15:32:51 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 15:32:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 15:32:50 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 15:32:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 15:32:49 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 15:32:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 15:32:49 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 15:32:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 15:32:48 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 15:32:48 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 15:32:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 15:32:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 15:32:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-09-09 15:32:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-09-09 15:32:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\webcheck.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-09-09 15:32:46 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 15:32:00 ----A---- C:\Windows\system32\taskeng.exe
2015-09-09 15:32:00 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 15:31:59 ----A---- C:\Windows\system32\schtasks.exe
2015-09-09 15:31:57 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2015-09-09 15:31:56 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2015-09-09 15:31:35 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 15:31:35 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2015-09-09 15:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\shacct.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\SettingSync.dll
2015-09-09 15:31:35 ----A---- C:\Windows\system32\authui.dll
2015-09-09 15:31:34 ----A---- C:\Windows\SYSWOW64\shacct.dll
2015-09-09 15:31:34 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 15:31:34 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 15:31:34 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 15:31:33 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 15:31:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 15:31:33 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 15:31:33 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 15:31:33 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 15:31:29 ----A---- C:\Windows\system32\tzsync.exe
2015-09-06 12:43:13 ----D---- C:\ProgramData\Hewlett-Packard
2015-09-04 02:21:57 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-09-04 02:18:05 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-09-04 02:18:05 ----A---- C:\Windows\system32\nvcuda.dll
2015-09-04 02:18:05 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-09-04 02:18:03 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvopencl.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvoglv64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvmcumd.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvinitx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvIFR64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\NvFBC64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvdispgenco6435582.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvdispco6435582.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvcuvid.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvcompiler.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\nvaudcaparm.dll
2015-09-04 02:18:03 ----A---- C:\Windows\system32\drivers\nvvadarm.sys
2015-09-02 22:21:12 ----D---- C:\Filmy
2015-09-02 22:20:24 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2015-09-02 22:18:47 ----D---- C:\niečo
2015-08-28 16:09:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-26 19:17:14 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-08-26 19:17:14 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-08-13 23:01:02 ----A---- C:\Windows\system32\nvdispgenco6435560.dll
2015-08-13 23:01:01 ----A---- C:\Windows\system32\nvdispco6435560.dll
2015-08-13 02:42:03 ----D---- C:\Users\Tomáš\AppData\Roaming\GameRanger
2015-08-12 19:11:32 ----RHD---- C:\Users\Tomáš\AppData\Roaming\SecuROM
2015-08-12 13:47:41 ----D---- C:\ProgramData\X360CE
2015-08-12 01:29:45 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 01:29:45 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 22:50:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wups2.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\wups.dll
2015-08-11 22:50:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-11 22:50:46 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-11 22:50:46 ----A---- C:\Windows\system32\davclnt.dll
2015-08-11 22:50:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-11 22:50:45 ----A---- C:\Windows\system32\ntdll.dll
2015-08-11 22:50:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-11 22:50:44 ----A---- C:\Windows\system32\sysmain.dll
2015-08-11 22:50:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-11 22:50:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-11 22:50:27 ----A---- C:\Windows\system32\ieui.dll
2015-08-11 22:50:26 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-11 22:50:25 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-11 22:50:24 ----A---- C:\Windows\system32\iepeers.dll
2015-08-11 22:49:33 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-11 22:49:31 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-11 22:49:30 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-11 22:49:15 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-11 22:49:15 ----A---- C:\Windows\system32\basesrv.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-11 22:49:14 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\msxml6.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\msxml3.dll
2015-08-11 22:49:14 ----A---- C:\Windows\system32\mstscax.dll
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-11 22:49:13 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\notepad.exe
2015-08-11 22:49:13 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\FntCache.dll
2015-08-11 22:49:13 ----A---- C:\Windows\system32\DWrite.dll
2015-08-11 22:49:13 ----A---- C:\Windows\notepad.exe
2015-08-11 15:47:35 ----D---- C:\Program Files (x86)\Adobe

======List of files/folders modified in the last 1 month======

2015-09-09 21:50:19 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2015-09-09 21:49:41 ----D---- C:\Program Files (x86)\Steam
2015-09-09 21:49:16 ----D---- C:\Windows\Temp
2015-09-09 21:48:59 ----D---- C:\ProgramData\NVIDIA
2015-09-09 21:46:58 ----D---- C:\Windows\Prefetch
2015-09-09 21:01:44 ----D---- C:\Windows\Inf
2015-09-09 21:00:00 ----D---- C:\Windows\system32\sru
2015-09-09 19:45:28 ----D---- C:\Windows\system32\config
2015-09-09 19:45:27 ----D---- C:\Windows\WinSxS
2015-09-09 19:45:09 ----D---- C:\Windows
2015-09-09 19:43:02 ----RD---- C:\Windows\System32
2015-09-09 19:43:02 ----D---- C:\Windows\SysWOW64
2015-09-09 19:43:02 ----D---- C:\Windows\system32\sk-SK
2015-09-09 19:43:02 ----D---- C:\Program Files\Internet Explorer
2015-09-09 19:43:02 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 19:43:01 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 19:42:31 ----D---- C:\Windows\SoftwareDistribution
2015-09-09 19:37:35 ----D---- C:\Windows\debug
2015-09-09 19:18:12 ----RD---- C:\Program Files
2015-09-09 16:28:44 ----D---- C:\Windows\rescache
2015-09-09 16:23:11 ----D---- C:\Windows\Microsoft.NET
2015-09-09 16:22:16 ----RSD---- C:\Windows\assembly
2015-09-09 16:09:08 ----D---- C:\Windows\CbsTemp
2015-09-09 16:08:41 ----D---- C:\Program Files\Windows Journal
2015-09-09 16:08:03 ----D---- C:\Windows\system32\MRT
2015-09-09 16:06:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-09-09 16:06:10 ----D---- C:\Windows\system32\DriverStore
2015-09-09 16:05:53 ----SHD---- C:\System Volume Information
2015-09-09 15:29:23 ----D---- C:\Windows\system32\catroot2
2015-09-07 18:10:40 ----D---- C:\Users\Tomáš\AppData\Roaming\TS3Client
2015-09-06 20:46:08 ----A---- C:\Windows\system32\lpcio.dll
2015-09-06 12:43:24 ----D---- C:\Windows\system32\drivers
2015-09-06 12:43:13 ----HD---- C:\ProgramData
2015-09-06 09:59:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-05 22:15:53 ----D---- C:\Windows\AppReadiness
2015-09-04 02:22:17 ----D---- C:\ProgramData\NVIDIA Corporation
2015-09-02 21:05:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-02 20:57:46 ----D---- C:\Windows\system32\NDF
2015-08-31 08:23:30 ----D---- C:\ProgramData\Origin
2015-08-30 08:26:04 ----RD---- C:\Program Files (x86)
2015-08-27 02:37:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-08-27 02:37:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-08-27 02:36:47 ----A---- C:\Windows\system32\nvspcap64.dll
2015-08-27 02:36:47 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-08-25 20:46:21 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\OpenCL.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvmcvadgenco64.dll
2015-08-25 20:46:21 ----A---- C:\Windows\system32\nvapi64.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvvsvc.exe
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvsvcr.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvsvc64.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvshext.dll
2015-08-25 16:24:20 ----A---- C:\Windows\system32\nvmctray.dll
2015-08-25 16:24:19 ----A---- C:\Windows\system32\nvcpl.dll
2015-08-18 22:24:07 ----SHD---- C:\Windows\Installer
2015-08-18 22:24:07 ----D---- C:\ProgramData\Skype
2015-08-16 10:01:48 ----D---- C:\Windows\Logs
2015-08-16 10:01:48 ----D---- C:\Users\Tomáš\AppData\Roaming\uTorrent
2015-08-16 10:01:48 ----D---- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
2015-08-13 02:55:17 ----D---- C:\Program Files (x86)\Origin Games
2015-08-13 02:37:34 ----HD---- C:\Program Files\WindowsApps
2015-08-12 16:21:36 ----D---- C:\ProgramData\Electronic Arts
2015-08-12 03:24:07 ----D---- C:\Windows\system32\drivers\en-US
2015-08-12 03:24:07 ----D---- C:\Program Files\Windows Defender
2015-08-12 03:24:07 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-11 15:50:16 ----D---- C:\Windows\system32\Tasks
2015-08-11 15:50:16 ----D---- C:\Program Files (x86)\Common Files
2015-08-11 15:48:41 ----D---- C:\Users\Tomáš\AppData\Roaming\Adobe
2015-08-11 15:47:32 ----D---- C:\ProgramData\Adobe
2015-08-11 06:52:30 ----A---- C:\Windows\system32\nvaudcap64v.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-31 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-31 274808]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-31 115152]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-07-31 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-31 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-13 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-31 447944]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-31 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-31 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-31 150672]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 dtlitescsibus;@oem16.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-07-20 30264]
R3 Ke2200;@oem1.inf,%L1C.Service.DispName%;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 129312]
R3 NVHDA;@oem6.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-25 11089200]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 19576]
R3 nvvad_WaveExtensible;@oem27.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 NVVADARM;@oem28.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\Windows\system32\drivers\nvvadarm.sys [2015-08-25 39032]
S3 dot4;@oem33.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem34.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem33.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 64216]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 NTIOLib_MB;NTIOLib_MB; \??\C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-03-13 13808]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 USBPNPA;@oem17.inf,%CM108.SvcDesc%;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM10864.sys [2014-03-13 4333568]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-31 146600]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-03-13 20512]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 1155192]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 409376]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-25 937776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-25 410744]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-07-21 1141248]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-07-25 2007048]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#9 Příspěvek od Sanewai »

Bohužial ma na Facebooku stále automaticky pridáva do nejakých skupín. Heslo od emailu je zmenené stále, o požiadanie hesla možem najskôr piatok večer.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#10 Příspěvek od Sanewai »

Pomohlo by ak by som úplne preinštaloval windows?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#11 Příspěvek od Rudy »

Sanewai píše:Pomohlo by ak by som úplne preinštaloval windows?
To asi ano, ještě ale skusíme kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

Pro jistotu přeheslujte váš profil ve FB. Pokud vám někdo heslo hacknul, je veškerá naše snaha zbytečná.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#12 Příspěvek od Sanewai »

Ten MBAM používam už dlho a nikdy mi žiadny log nevyhodilo. skenoval som s nim v týchto 2 dnoch snaď 6x a vždy nič nenašlo. čo sa týka FB, nemožem zmeniť heslo lebo mi to zmenilo heslo aj na Emaili kde mám FB registrovaný. ja sa bojím toho že tu ten vírus/hacker pretrváva a preto sa rozhodujem či siahnuť po poslednom riešení a to je sformátovať disk a preinštalovať win.

EDIT: no niečo som pošpekuloval tak tu je log aj pomôže.

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum skenovania: 10.9.2015
Scan ??as: 19:01
Logfile: log.txt
Správca: áno

Verzia: 2.1.8.1057
Malware databázy: v2015.09.10.07
Rootkit databázy: v2015.08.16.01
Licencia: Zadarmo
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne

OS: Windows 8.1
CPU: x64
Systém súborov: NTFS
Používateľ: Tomáš

Typ skenu: Hrozba Scan
Výsledok: Dokon??ené
Objekty naskenované: 350631
Uplynulý ??as: 6 min, 10 sec

Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené

Procesy: 0
(Žiadne zákernej položky neboli zistené)

Moduly: 0
(Žiadne zákernej položky neboli zistené)

Kľú??e databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Prie??inky: 0
(Žiadne zákernej položky neboli zistené)

Súbory: 0
(Žiadne zákernej položky neboli zistené)

Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#13 Příspěvek od Rudy »

Tak nějak jsem to očekával. někdo se vám dostal do profilu a dělá si tam, co chce. PC je čisté.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Sanewai
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 27 čer 2013 12:14

Re: Facebook vírus

#14 Příspěvek od Sanewai »

a bol aj nejaký bordel v PC? ked sa robili tie logy
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119675
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Facebook vírus

#15 Příspěvek od Rudy »

V podstatě jen zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“