Dobrý den, již jsem na foru dlouho nebyl a mezitím se mi nachytaly nějaké breberky do PC. Někdo se mi naboural do PC, takže se nemohu připojit přes router na internet, nemohu používat Wifi. Log přikládám. Díky za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Katka at 2017-05-30 16:15:34
Microsoft Windows 8.1
System drive C: has 142 GB (76%) free of 187 GB
Total RAM: 7114 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:59, on 30. 5. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\LibreOffice 5\program\scalc.exe
C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
C:\Program Files (x86)\LibreOffice 5\program\soffice.bin
C:\Program Files\trend micro\Katka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Norton Security\Engine32\22.9.1.12\coIEPlg.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine32\22.9.1.12\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file:///C:/Program%20Files%20(x86)/AutoCAD%202002/AcDcToday.ocx
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files%20(x86)/AutoCAD%202002/InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file:///C:/Program%20Files%20(x86)/AutoCAD%202002/InstFred.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///C:/Program%20Files%20(x86)/AutoCAD%202002/AcPreview.ocx
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NS) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.3.13\NS.exe
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9174 bytes
======Listing Processes======
wininit.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\System32\svchost.exe -k utcsvc
dashost.exe {961d1e6a-cd89-4350-992f0e5a98c5519c}
"C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.1.12\NS.exe" /s "NS" /m "C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.1.12\diMaster.dll" /prefetch:1
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k WbioSvcGroup
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Shared\hpqwmiex.exe"
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.1.12\NS.exe" /c /a /s UserSession2
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\Explorer.EXE
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6656.0.580820252\2058584741" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6656 "\\.\pipe\gecko-crash-server-pipe.6656" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6656.2.706939368\390139853" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6656 "\\.\pipe\gecko-crash-server-pipe.6656" tab
"C:\windows\system32\taskmgr.exe" /0
"C:\Program Files (x86)\LibreOffice 5\program\scalc.exe" -o "E:\Dokumenty\TK_2017.ods"
"C:\Program Files (x86)\LibreOffice 5\program\scalc.exe" -o "E:\Dokumenty\TK_2017.ods" --calc
"C:\Program Files (x86)\LibreOffice 5\program\scalc.exe" "-o" "E:\Dokumenty\TK_2017.ods" "--calc" "-env:OOO_CWD=2E:\\Dokumenty"
C:\windows\splwow64.exe 8192
"C:\windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe90_ Global\UsGthrCtrlFltPipeMssGthrPipe90 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
"C:\Users\Josef\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\windows\tasks\HPCeeScheduleForKatka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForKatka (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\tc72hm93.default
prefs.js - "browser.startup.homepage" - "https://www.centrum.cz/"
"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.0.50\coFFAddon\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16 1301632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Security\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16 946304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25 585568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16 1301632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Security\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16 946304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-09-20 8465112]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-31 767200]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"VMonitorVMUVC"=C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [2008-03-26 135168]
C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\NOTEPAD.EXE "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2017-05-30 16:15:34 ----D---- C:\rsit
2017-05-30 16:15:34 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2017-05-30 16:15:54 ----D---- C:\windows\Temp
2017-05-30 16:15:34 ----RD---- C:\Program Files
2017-05-30 16:15:34 ----D---- C:\windows\Prefetch
2017-05-30 16:02:05 ----D---- C:\windows\system32\sru
2017-05-30 14:47:19 ----SHD---- C:\System Volume Information
2017-05-30 14:45:45 ----D---- C:\windows\Microsoft.NET
2017-05-29 13:20:44 ----D---- C:\windows\system32\NDF
2017-05-29 13:10:40 ----RD---- C:\windows\System32
2017-05-29 13:10:40 ----D---- C:\windows\Inf
2017-05-29 13:10:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-05-26 16:41:03 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-05-26 16:41:01 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-25 20:46:47 ----D---- C:\Users\Josef\AppData\Roaming\Skype
2017-05-23 19:17:20 ----D---- C:\windows\Tasks
2017-05-23 19:17:20 ----D---- C:\windows\system32\Tasks
2017-05-23 17:56:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-16 20:51:37 ----D---- C:\windows\system32\drivers\NSx64
2017-05-07 13:30:28 ----RSD---- C:\windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\windows\system32\drivers\NSx64\1609030.00D\SYMEFASI64.SYS [2017-05-11 1714328]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170522.003\BHDrvx64.sys [2017-05-18 1862784]
R1 ccSet_NS;NS Settings Manager; C:\windows\system32\drivers\NSx64\1609030.00D\ccSetx64.sys [2017-05-11 174232]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2017-05-11 507032]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170529.001\IDSvia64.sys [2017-05-22 1053824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\NSx64\1609030.00D\SRTSPX64.SYS [2017-05-11 49304]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\NSx64\1609030.00D\Ironx64.SYS [2017-05-11 291480]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\windows\system32\drivers\amdacpksd.sys [2014-08-01 280288]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-08-01 15951360]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-08-01 557056]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-12 222720]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2016-12-12 53248]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2016-12-12 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2016-12-12 81920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-05-11 156824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2015-09-20 4664792]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSUSBSTOR;@oem48.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2015-09-06 272088]
R3 RTL8168;@oem46.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-06-18 873688]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\System32\Drivers\NSx64\1609010.00C\SRTSP64.SYS [2017-03-16 770200]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2017-05-22 102608]
R3 SymNetS;Symantec Network Security WFP Driver; C:\windows\System32\Drivers\NSx64\1609010.00C\SYMNETS.SYS [2017-02-20 567512]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2016-12-12 212224]
S0 amdkmafd;@oem2.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 SymELAM;Symantec ELAM Driver; C:\windows\system32\drivers\NSx64\1609030.00D\SymELAM.sys [2017-05-11 24608]
S3 AmUStor;@oem47.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2013-07-19 83224]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2016-12-12 1200128]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20161125.016\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20161125.016\EX64.SYS []
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2016-12-12 44544]
S3 VMUVC;@oem54.inf,%SrvDispName%;Vimicro Camera Service VMUVC; C:\windows\System32\Drivers\VMUVC.sys [2009-03-11 198400]
S3 vvftUVC;@oem54.inf,%FltDispName%;Vimicro Camera Filter Service VMUVC; C:\windows\system32\drivers\vvftUVC.sys [2008-07-01 303616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-08-01 239616]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2014-07-31 112640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2016-12-12 37768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2016-12-12 37768]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 NS;Norton Security; C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.9.3.13\NS.exe [2017-05-11 326160]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-09-27 94720]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-09-20 294104]
R3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2016-12-12 37768]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-23 173512]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\windows\system32\svchost.exe [2016-12-12 37768]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2016-12-12 37768]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím p. Rudyho o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím p. Rudyho o kontrolu
Není to náhodou duplicita: https://forum.viry.cz/viewtopic.php?f=13&t=152239 . Pokud ano, pokračujte tam.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?