Zdravim najlepsi support pre odstranovanie vyrov. Po pripojeni usb do pc vytvoril ze zlozek Odkaz na zlosku ale cesta vede dlhym odkazom do system 32... a pousti ho ako aplikaciu cez prikazovi radek (prikazovy radek nevidim ze by se spustil (asi spusobene rychlosti pc)) po otvoreni odkazu sa ukaze obsah zlozky normalne. Povodne som myslel ze je zavirena flashka. Flashku som dal prehladat avastom a nic nenaslo. Flashku som s formatoval a ostala cista po vytvoreni zlozky ve flashke zase odkaz. Tak som flashku chcel odpojit (nedalo sa zevraj to pouziva iny proces, ale nenasiel som ktory). Tak som ju naformatoval a skusil odpojit a islo. Zebral som flashku do starsiho pc, ktory nepouzivam a skusil. odkazy sa nevytvarali.nevim ci to dokazuje ze flashka neni zavirovana abo ne ale kazdopadne by som chcel poprosit o kontrolu pc alebo radu jak efektivne olecit abo sformatovat tu flashku. Bohuzial ine flashky nemam teraz po ruke.
!!!Aktualizacia!!!- Naformátovanú flashku vlozim do tohoto pc a postup je nasledovny: Vytvorim prázdnu zlosku->obnovim stranku (ptm- obnovit)->zlozka sa schova a vytvori sa odkaz (odkazuje samozrejme na aplikaciu cmd bla bla). zatial som si nezobrazil skryte subory a pockam na vas krok. Bohuzial furt nemam inu flashku na uplne potvrdenie ze je to chyba v pc aj ked to tak vypada.
!!!Aktualizacia č.2!!!- Nasiel som doma taku istu flashku (nepouzivanu asi 1 rok) A poprve vlozil do 3-ho nezavysleho pc (vsetko v pohode), potom do druheho kde som testoval tu prvu flashku (vsetko v pohode ) a az potom som ju strcil do tohoto pc a vytvoril odkazy. (následne s paranajoe som ju naformatoval aj s tou prvou flashkou a hned vytiahol vyskusal na druhom pc a odkazy sa nerobili a tak som uz do svojho pc flashky nedaval.) pevne dúfam ze moja vycerpavajuca sprava pomôže (ak by ste hned vedeli co to je a preco sa to v mojom pc deje tak prepacte za spam)
O pc sa staram pustanim avast kontroly a ccleaneru raz za 1-2 mesiace. Windows je legalny (OEM licencia) Tu je log :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-04-27 22:16:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 128 GB (54%) free of 238 GB
Total RAM: 16325 MB (87% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:17, on 27. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Microsoft Excel] wscript.exe //B "C:\Users\Michal\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51B65255-C88C-46DC-982B-BDBD04C704B1}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: 4game-service - Innova Co S.a r.l. - C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Hry\Smite\HiPatchService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 10923 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\Hry\Smite\HiPatchService.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm112.dll,CMICtrlWnd
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
"C:\Windows\system\HsMgr64.exe" Envoke
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b6f27b9-e9f3-40ff-9591-41d240d9a0c3 -SystemEventPortName:HostProcess-c5e9a951-a0ef-4d55-bd6b-d94bc95b9e54 -IoCancelEventPortName:HostProcess-beb4c64e-c486-40d9-8c61-6ae68850fd14 -NonStateChangingEventPortName:HostProcess-fc68e285-f4ef-43a0-a358-b92db0ff3825 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8feda25e-2d8a-4002-929b-215f8627e5ae -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\MSI\MSITrigger\Direct OC\Direct OC_Gui.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\System32\wscript.exe" //B "C:\Users\Michal\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF"
"C:\Users\Michal\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2mo1nwmh.default-1388845489547
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@4game.com/plugin]
"Description"=
"Path"=C:\Program Files (x86)\4game\3.4.22.118\npplugin4game.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2mo1nwmh.default-1388845489547\extensions\
bingsearch.full@microsoft.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MBCfg64"=C:\Windows\system32\MBCfg64.dll [2013-04-23 34432]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"Cm112Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cm112GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cm112GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-05-27 7188552]
"Microsoft Excel"=wscript.exe //B C:\Users\Michal\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Microsoft Excel"=wscript.exe //B C:\Users\Michal\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLEServicesCtrl]
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-09-17 184112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-12-03 11733888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-01-14 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper]
C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [2014-02-17 528360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\raptrstub.exe [2013-12-19 55360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [2011-09-20 115048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-04-14 2889408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger]
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-03-08 506864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk]
C:\PROGRA~1\Intel\INTEL(~2\ISCTSY~1.EXE [2013-02-13 249320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk]
C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe [2014-04-14 72040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\Installer\{F17BA1CA-0FAF-40BF-A5FD-BF1B727D855E}\app_icon.ico []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Qualcomm Atheros Killer Network Manager.lnk]
C:\PROGRA~1\QUALCO~1\KILLER~1\KILLER~1.EXE -minimized []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema"=C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [2012-11-29 711680]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-22 5515496]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-10-29 766208]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-27 21:28:13 ----D---- C:\Users\Michal\AppData\Roaming\Microsoft Office
2015-04-22 18:51:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-22 18:49:28 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2015-04-22 18:48:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-22 18:48:06 ----A---- C:\Windows\avastSS.scr
2015-04-16 00:20:22 ----SHD---- C:\Config.Msi
2015-04-15 09:08:17 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 09:08:17 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 09:08:16 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 09:08:16 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 09:08:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wups.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:08:16 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:08:12 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 09:08:12 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 09:08:12 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 09:08:12 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 09:08:12 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 09:08:12 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 09:08:11 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 09:08:11 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 09:08:11 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 09:08:11 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 09:08:11 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 09:08:10 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 09:08:10 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 09:08:10 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 09:08:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 09:08:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 09:08:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:08:09 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 09:08:09 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 09:08:09 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 09:08:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 09:08:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 09:08:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 09:08:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 09:08:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 09:08:08 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 09:08:08 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 09:08:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:08:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 09:08:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 09:08:07 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\smss.exe
2015-04-15 09:08:07 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 09:08:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 09:08:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 09:08:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 09:08:07 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:08:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:08:06 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 09:08:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 09:08:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 09:08:06 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 09:08:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 09:08:05 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 09:08:05 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 09:08:05 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 09:08:05 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 09:08:05 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 09:08:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 09:08:03 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 09:08:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 09:08:03 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 09:08:03 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:08:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:08:03 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 09:08:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 09:08:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 09:08:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 09:08:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:08:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 09:08:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 09:08:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:08:02 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 09:08:02 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 09:08:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 09:08:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 09:08:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 09:08:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 09:08:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 09:08:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 09:08:01 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 09:08:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:08:01 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 09:08:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 09:08:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 09:08:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 09:08:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:08:00 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 09:08:00 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 09:08:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 09:08:00 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 09:07:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 09:07:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 09:07:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 09:07:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 09:07:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 09:07:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 09:07:59 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 09:07:59 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 09:07:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:07:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 09:07:58 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 09:07:58 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 09:07:58 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 09:07:58 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 09:07:57 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 09:07:57 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 09:07:57 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 09:07:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:07:57 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 09:07:56 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 09:06:07 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 09:06:07 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 09:06:07 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 20:47:00 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 20:47:00 ----SD---- C:\Windows\system32\GWX
2015-03-31 21:36:49 ----D---- C:\ProgramData\Riot Games
======List of files/folders modified in the last 1 month======
2015-04-27 22:16:17 ----D---- C:\Windows\Temp
2015-04-27 22:16:17 ----D---- C:\Program Files\trend micro
2015-04-27 22:11:04 ----A---- C:\Windows\Cm108.ini.imi
2015-04-27 21:30:43 ----D---- C:\Windows\System32
2015-04-27 21:30:43 ----D---- C:\Windows\inf
2015-04-27 21:30:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-27 09:03:19 ----D---- C:\Windows\system32\config
2015-04-27 08:54:59 ----D---- C:\Program Files (x86)\The KMPlayer
2015-04-27 00:50:42 ----D---- C:\Program Files (x86)\Steam
2015-04-27 00:50:41 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2015-04-27 00:28:19 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2015-04-24 09:22:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-23 12:45:37 ----RD---- C:\Program Files (x86)
2015-04-22 22:32:47 ----SHD---- C:\System Volume Information
2015-04-22 18:49:22 ----D---- C:\Windows\system32\drivers
2015-04-22 18:48:09 ----D---- C:\Windows\system32\Tasks
2015-04-22 18:48:07 ----D---- C:\Windows
2015-04-19 22:48:10 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2015-04-19 16:40:39 ----D---- C:\Program Files (x86)\Battle.net
2015-04-17 17:47:21 ----D---- C:\Windows\rescache
2015-04-17 17:44:28 ----D---- C:\Windows\AppCompat
2015-04-17 16:24:42 ----D---- C:\Program Files (x86)\4game
2015-04-16 19:18:27 ----A---- C:\Windows\win.ini
2015-04-16 17:40:35 ----D---- C:\Users\Michal\AppData\Roaming\Audacity
2015-04-16 15:18:28 ----D---- C:\Windows\Microsoft.NET
2015-04-16 15:17:53 ----RSD---- C:\Windows\assembly
2015-04-16 10:07:31 ----D---- C:\Windows\winsxs
2015-04-16 10:07:24 ----D---- C:\Windows\Minidump
2015-04-16 10:05:48 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 10:05:48 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-16 10:05:48 ----D---- C:\Windows\SysWOW64
2015-04-16 10:05:48 ----D---- C:\Windows\system32\sk-SK
2015-04-16 10:05:48 ----D---- C:\Windows\system32\appraiser
2015-04-16 10:05:48 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 10:05:48 ----D---- C:\Windows\AppPatch
2015-04-16 10:05:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 10:05:47 ----D---- C:\Windows\system32\en-US
2015-04-16 10:05:47 ----D---- C:\Program Files\Internet Explorer
2015-04-16 10:05:45 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 00:20:51 ----SHD---- C:\Windows\Installer
2015-04-16 00:20:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 00:19:46 ----D---- C:\Windows\system32\MRT
2015-04-16 00:18:12 ----D---- C:\Windows\debug
2015-04-16 00:18:11 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 13:18:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 09:05:26 ----D---- C:\Windows\system32\catroot2
2015-04-14 13:41:53 ----D---- C:\Windows\system32\NDF
2015-04-08 15:29:59 ----D---- C:\ProgramData\Skype
2015-04-06 20:30:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-06 20:28:45 ----D---- C:\ProgramData\Sony
2015-04-06 20:28:45 ----D---- C:\Program Files (x86)\Sony
2015-04-04 20:47:01 ----D---- C:\Windows\Logs
2015-03-31 21:37:26 ----HD---- C:\ProgramData
2015-03-31 18:12:18 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-07-18 49048]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-22 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-22 272248]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-22 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-22 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-22 442264]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-11-08 80080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-12-02 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-22 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-22 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-22 137288]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-22 273824]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-10-30 13198848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-10-29 624128]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-02-13 163808]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-02-13 21048]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-02-13 21048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-05-28 3432776]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2013-02-13 46568]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-05-17 64624]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3hub.sys [2012-08-27 114568]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3xhc.sys [2012-08-27 230280]
R3 SaiK0CD0;SaiK0CD0; C:\Windows\system32\DRIVERS\SaiK0CD0.sys [2012-09-20 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 SaiU0CD0;SaiU0CD0; C:\Windows\system32\DRIVERS\SaiU0CD0.sys [2012-09-20 47168]
R3 USBPNPA;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM10864.sys [2009-11-18 1308160]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-02-13 163808]
S3 ASUSU1;ASUS Xonar U3 Audio Interface; C:\Windows\system32\drivers\cm11264.sys [2011-08-23 1308160]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-10-30 131968]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-12-03 1342848]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
S3 JabraDFU;Jabra Bluecore headset DFU driver; C:\Windows\System32\Drivers\JabraMobileCsrDfuX64.sys [2013-12-24 38768]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 4game-service;4game-service; C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe [2015-04-16 1361544]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-10-29 239616]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-02-13 770528]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-22 343336]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-12-13 1120784]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-12-03 1361856]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-12-03 1148864]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Hry\Smite\HiPatchService.exe [2014-02-28 9216]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-02-13 180200]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-17 366552]
R2 MoboroboDeviceService;Moborobo Device Service; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [2014-01-14 70952]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-20 161264]
R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-05-28 29728]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-11-30 76888]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-12-09 344576]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-22 4034896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-06-11 93048]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-09-18 171072]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-22 148080]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-10-24 4702568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-08 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Po pripojeni usb Vytvara zloziek s odkazom na system
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Zdravim 
Poprosim Vas, abyste pred zacatkem cisteni soubor C:\Users\Michal\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF zkomprimoval (rar/zip), uploadnul na ulozto/leteckaposta a link (odkaz) ke stazeni mi poslal do mailu, ktery mam uvedeny v podpisu.
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Otestujte na virustotal.com C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe - pokud uz byl soubor otestovany, zvolte Reanalyse. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.
Poprosim Vas, abyste pred zacatkem cisteni soubor C:\Users\Michal\AppData\Roaming\Microsoft Office\\Microsoft Excel.WsF zkomprimoval (rar/zip), uploadnul na ulozto/leteckaposta a link (odkaz) ke stazeni mi poslal do mailu, ktery mam uvedeny v podpisu. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Otestujte na virustotal.com C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe - pokud uz byl soubor otestovany, zvolte Reanalyse. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.- Ulozte na plochu OTM - http://oldtimer.geekstogo.com/OTM.exe
- ukoncete vsechny programy
- kliknete pravym na ikonu OTM.exe a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- obsah bileho pole zkopirujte do leveho okna OTM a kliknete na MoveIt!
- po restartu vlozte log, ktery bude v C:\_OTM\MovedFiles\mmddyyyy_hhmmss.log
Kód: Vybrat vše
:commands [Purity] [EmptyTemp] [EmptyFlash] [EmptyJava] [CreateRestorePoint] :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Microsoft Excel"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Microsoft Excel"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Chcel by som vas poprosit keby ste toto vlakno nezamykali (s pc som nic nerobil a dopostujem to tu co treba) len teraz nemam cas kvoli skole a bakalarke a pod tak keby som vas mohol poprosit, aby som tu nespamoval.
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Ok, diky za info, vlakno tedy nechame otevrene a budeme pokracovat az budete moct 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Dobry tu je analyza 4Game service.exe (Oficialny klient hry Lineage 2 innova mimochodom omg omg )
Odkaz https://www.virustotal.com/sk/file/bd7b ... 431361570/
No a ten microsoft excel som vam poslal na mail a nebol viditelny (tak som musel zapnut skryte subory) a najprv nesiel pouzivat pouzivalaho aplikacia umiestnena w system 32 podobny nazov (ked som proces vypol islo to ) zachvilu postnem log
Odkaz https://www.virustotal.com/sk/file/bd7b ... 431361570/
No a ten microsoft excel som vam poslal na mail a nebol viditelny (tak som musel zapnut skryte subory) a najprv nesiel pouzivat pouzivalaho aplikacia umiestnena w system 32 podobny nazov (ked som proces vypol islo to ) zachvilu postnem log
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Log Z OTM
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Michal
->Temp folder emptied: 538323357 bytes
->Temporary Internet Files folder emptied: 18868413 bytes
->FireFox cache emptied: 52909909 bytes
->Flash cache emptied: 1583 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38654684 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40302 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 79360455 bytes
RecycleBin emptied: 59841643 bytes
Total Files Cleaned = 752,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Michal
User: Public
Total Java Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC7E0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3BB9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Excel not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Excel deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ not found.
OTM by OldTimer - Version 3.1.21.0 log created on 05112015_183405
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\zptr\logs\service\4game-service.log scheduled to be moved on reboot.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Michal
->Temp folder emptied: 538323357 bytes
->Temporary Internet Files folder emptied: 18868413 bytes
->FireFox cache emptied: 52909909 bytes
->Flash cache emptied: 1583 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38654684 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40302 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 79360455 bytes
RecycleBin emptied: 59841643 bytes
Total Files Cleaned = 752,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Michal
User: Public
Total Java Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC7E0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3BB9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Excel not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Excel deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ not found.
OTM by OldTimer - Version 3.1.21.0 log created on 05112015_183405
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\zptr\logs\service\4game-service.log scheduled to be moved on reboot.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Tak po mensim pozorovani spusta sa mi ten proces Wscript.exe (je lokalizovany v widnows--system32--jako aplikacia) zvlastne je ze posledny datum upravy je 2013(neviem ci to ma suvis abo nie) po kontrole pc sa to spusta len na jednom mojem notebooku (na ostatnych domacich pc a notebookoch sa to nespusta) a tam som este vtedy na zacatku pouzil spominany flash disk (je mozne ze som to prenesl) tak ked toto tu vyriesime (dufam ze ano vzdy ste mi problem vyriesili) tak upraceme aj ten notebook nech sa mi to tu nehemzi...
!! Aha takze ak som to spravne konecne pochopil tak bude infikovany pan ws crip, ktory som vam posielal na mail A to co je w system 32 tam ma byt a ten script spusta tuto aplikaciu ? (teraz som si vysimol ze ste vlastne nedal smazat ten wscript s roaming priecinku
!!! Takze na tom druhom pc kde sa to spusta je ten script v rovnakom priecinku ako na tomto pc (svina jedna skareda datum upravy 27.4.2015 tak jak tu) takze on sa spusti vlozim flashku (hned sa tam vytvori ten script v tej podobe) a ked prenesem flashku do ineho pc tak sa prenese do roaming ? Prosim vas k cemu sluzi takito (jako az teraz mi pride ze to je celkom jednoduche, primitivne) virus, trojan ?
!! Aha takze ak som to spravne konecne pochopil tak bude infikovany pan ws crip, ktory som vam posielal na mail A to co je w system 32 tam ma byt a ten script spusta tuto aplikaciu ? (teraz som si vysimol ze ste vlastne nedal smazat ten wscript s roaming priecinku
!!! Takze na tom druhom pc kde sa to spusta je ten script v rovnakom priecinku ako na tomto pc
(svina jedna skareda datum upravy 27.4.2015 tak jak tu) takze on sa spusti vlozim flashku (hned sa tam vytvori ten script v tej podobe) a ked prenesem flashku do ineho pc tak sa prenese do roaming ? Prosim vas k cemu sluzi takito (jako az teraz mi pride ze to je celkom jednoduche, primitivne) virus, trojan ?Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Za zaslani vzorku dekuji.
Co presne konkretni havet dela se bez reverzniho inzenyrstvi da tezko urcit. Pokud zapojite nakazenou flashku do jineho PC, tak jej nakazite (soubor, ktery jste mi poskytl se nakopiruje do stejneho umisteni). Vylecime tedy USB zarizeni a doporucuji provest i "vakcinaci" http://forum.viry.cz/viewtopic.php?f=24&t=140144
Co presne konkretni havet dela se bez reverzniho inzenyrstvi da tezko urcit. Pokud zapojite nakazenou flashku do jineho PC, tak jej nakazite (soubor, ktery jste mi poskytl se nakopiruje do stejneho umisteni). Vylecime tedy USB zarizeni a doporucuji provest i "vakcinaci" http://forum.viry.cz/viewtopic.php?f=24&t=140144
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
No dobre usb prelecim, a postnem log ked pridem domov. (no a co sa tyka toho vzorku tak ten mam stale v pc )
Re: Po pripojeni usb Vytvara zloziek s odkazom na system
Pustte ten UsbFix a podle vysledku se zaridime dale
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?