Stránka 1 z 1

Podezřelý e-mail

Napsal: 16 led 2015 12:36
od 25kubis
Dobrý den,
přišlo mi toto divné varování, doména odesílatele mi nic neříká, odkaz ¨klikněte zde¨ jsem samozřejmě neotevřel, jen najel myší pro zobrazení...
Nicméně jsem mel nedávno problém s hromadným odesíláním e-mailů z mojí adresy, zdá se že je to v pořádku(výměna hesla, atd..)

Printscreen tohoto e-mailu: http://postimg.org/image/f9076h5mf/

Re: Podezřelý e-mail

Napsal: 16 led 2015 14:26
od Roli
25kubis píše:Dobrý den,
Printscreen tohoto e-mailu: http://postimg.org/image/f9076h5mf/
Zdravím, to je nějaká divočina :)

Dej mi sem prosím log z Rsit nebo Frst, mrknu se zda tam nemáš nějakého šmejda.

Re: Podezřelý e-mail

Napsal: 16 led 2015 14:57
od 25kubis
Ahoj, tak dávam log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by kuba at 2015-01-16 14:54:16
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 424 GB (92%) free of 461 GB
Total RAM: 3984 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:54:19, on 16. 1. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\kuba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1421410351
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8344 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
taskhostex.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000064c
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
igfxEM.exe
igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
dashost.exe {1de84606-e388-4d69-91262bb6635041d0}
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2655183068-154541278-2288605057-100146_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2655183068-154541278-2288605057-100146 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4272 CREDAT:267521 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding

"C:\Users\kuba\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForkuba.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForkuba (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-06 7636696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-12-12 2818800]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-06 1396592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-12-16 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1421410351 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-12-16 702768]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2014-10-09 509192]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-11-20 126200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-16 14:54:16 ----D---- C:\rsit
2015-01-15 16:35:22 ----SHD---- C:\Config.Msi
2015-01-15 12:39:57 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-01-15 11:20:48 ----D---- C:\Users\kuba\AppData\Roaming\Malwarebytes
2015-01-15 11:20:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-14 18:08:55 ----D---- C:\Users\kuba\AppData\Roaming\PC Suite
2015-01-14 18:08:55 ----D---- C:\Users\kuba\AppData\Roaming\Nokia
2015-01-14 18:08:55 ----D---- C:\ProgramData\PC Suite
2015-01-14 18:08:17 ----D---- C:\Program Files\DIFX
2015-01-14 18:06:35 ----D---- C:\ProgramData\Installations
2015-01-14 07:06:01 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 07:06:01 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 07:06:01 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 07:06:01 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 07:06:01 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 07:06:00 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:06:00 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 07:06:00 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-01-14 07:05:59 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\wermgr.exe
2015-01-14 07:05:59 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 07:05:59 ----A---- C:\Windows\system32\WerFault.exe
2015-01-14 07:05:59 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\wer.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\ci.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\AudioSes.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\AudioEng.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 07:05:59 ----A---- C:\Windows\system32\audiodg.exe
2015-01-06 13:26:32 ----A---- C:\Windows\system32\SRRPTR64.dll
2015-01-06 13:26:32 ----A---- C:\Windows\system32\SRCOM64.dll
2015-01-06 13:26:32 ----A---- C:\Windows\system32\SRCOM.dll
2015-01-06 13:26:32 ----A---- C:\Windows\system32\SRAPO64.dll
2015-01-06 13:26:30 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-01-06 13:26:29 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2015-01-06 13:26:28 ----A---- C:\Windows\system32\RtkApi64.dll
2015-01-06 13:26:28 ----A---- C:\Windows\system32\RtDataProc64.dll
2015-01-06 13:26:27 ----A---- C:\Windows\system32\RTCOM64.dll
2015-01-06 13:26:27 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-01-06 13:26:26 ----A---- C:\Windows\system32\RltkAPO64.dll
2015-01-06 13:26:24 ----A---- C:\Windows\system32\RCoRes64.dat
2015-01-06 13:26:24 ----A---- C:\Windows\system32\RCoInstII64.dll
2015-01-06 13:26:08 ----A---- C:\Windows\system32\CX64APO.dll
2015-01-06 13:26:07 ----A---- C:\Windows\system32\AERTAC64.dll
2015-01-06 13:14:20 ----D---- C:\Program Files (x86)\Ralink Corporation
2015-01-06 13:08:59 ----A---- C:\Windows\system32\drivers\rtbth.sys
2014-12-20 12:11:45 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-12-20 11:41:50 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-12-20 09:14:46 ----A---- C:\Windows\system32\MetroIntelGenericUIFramework.dll
2014-12-20 09:14:45 ----A---- C:\Windows\SYSWOW64\IntelOpenCL32.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiVAD64.exe
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiUtils64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiUMS64.exe
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiMux64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiMCUMD64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiLogServer64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiDDEAgent64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiAudioFilter64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelWiDiAAC64.dll
2014-12-20 09:14:45 ----A---- C:\Windows\system32\IntelOpenCL64.dll
2014-12-20 09:14:44 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2014-12-20 09:14:44 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2014-12-20 09:14:44 ----A---- C:\Windows\system32\iglhsip64.dll
2014-12-20 09:14:44 ----A---- C:\Windows\system32\igfxCoIn_v3958.dll
2014-12-20 09:14:43 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2014-12-20 09:14:43 ----A---- C:\Windows\system32\iglhcp64.dll
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxTray.exe
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxOSP.dll
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxLHMLibv2_0.dll
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxLHMLib.dll
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxLHM.dll
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxHK.exe
2014-12-20 09:14:43 ----A---- C:\Windows\system32\igfxext.exe
2014-12-20 09:14:42 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2014-12-20 09:14:42 ----A---- C:\Windows\system32\igfxexps.dll
2014-12-20 09:14:42 ----A---- C:\Windows\system32\igfxEMLibv2_0.dll
2014-12-20 09:14:42 ----A---- C:\Windows\system32\igfxEMLib.dll
2014-12-20 09:14:41 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2014-12-20 09:14:41 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2014-12-20 09:14:41 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxEM.exe
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDTCM.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDILibv2_0.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDILib.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDI.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDHLibv2_0.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDHLib.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxDH.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxCUIServicePS.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxCUIService.exe
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxcmrt64.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfxcmjit64.dll
2014-12-20 09:14:41 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igdrcl32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igdmd32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igdfcl32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igdbcl32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igdail32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\igd10iumd32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\SYSWOW64\ig7icd32.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\igdrcl64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\igdmd64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\igdfcl64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\igdde64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\igdbcl64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\igdail64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\ig7icd64.dll
2014-12-20 09:14:40 ----A---- C:\Windows\system32\Gfxv4_0.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\Gfxv2_0.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\GfxUIEx.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2014-12-20 09:14:40 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2014-12-20 09:14:40 ----A---- C:\Windows\system32\DPTopologyAppv2_0.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\DPTopologyApp.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\difx64.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\CustomModeAppv2_0.exe
2014-12-20 09:14:40 ----A---- C:\Windows\system32\CustomModeApp.exe
2014-12-20 08:45:44 ----A---- C:\Windows\system32\poqexec.exe
2014-12-20 08:45:32 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-19 16:06:10 ----A---- C:\Windows\SYSWOW64\RsCRIcon.dll

======List of files/folders modified in the last 1 month======

2015-01-16 14:54:19 ----D---- C:\Windows\Prefetch
2015-01-16 14:54:19 ----D---- C:\Program Files\trend micro
2015-01-16 14:54:17 ----D---- C:\Windows\Temp
2015-01-16 14:52:15 ----D---- C:\Windows\SoftwareDistribution
2015-01-16 14:52:15 ----D---- C:\Windows\debug
2015-01-16 14:00:00 ----D---- C:\Windows\system32\sru
2015-01-16 08:37:40 ----D---- C:\Windows\Inf
2015-01-16 08:37:40 ----D---- C:\Windows
2015-01-16 08:30:50 ----HD---- C:\Program Files\WindowsApps
2015-01-16 08:29:45 ----D---- C:\Windows\AppReadiness
2015-01-16 08:23:19 ----RD---- C:\Windows\System32
2015-01-16 08:23:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-16 08:17:30 ----RD---- C:\Program Files (x86)
2015-01-16 08:17:29 ----D---- C:\Windows\system32\drivers
2015-01-15 16:40:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 16:38:10 ----SHD---- C:\Windows\Installer
2015-01-15 16:38:07 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-15 16:38:06 ----D---- C:\Windows\system32\DriverStore
2015-01-15 16:36:42 ----SHD---- C:\System Volume Information
2015-01-15 16:35:40 ----D---- C:\Program Files (x86)\Common Files
2015-01-15 11:20:43 ----D---- C:\ProgramData\Malwarebytes
2015-01-15 08:23:57 ----D---- C:\Windows\Microsoft.NET
2015-01-15 08:13:22 ----D---- C:\Windows\system32\config
2015-01-15 08:02:15 ----D---- C:\Windows\WinSxS
2015-01-14 20:11:39 ----D---- C:\Windows\system32\catroot
2015-01-14 20:11:25 ----D---- C:\Windows\SysWOW64
2015-01-14 18:08:55 ----HD---- C:\ProgramData
2015-01-14 18:08:17 ----RD---- C:\Program Files
2015-01-14 10:08:41 ----D---- C:\Windows\CbsTemp
2015-01-14 09:53:22 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-14 09:53:17 ----D---- C:\Windows\system32\MRT
2015-01-14 09:49:35 ----A---- C:\Windows\system32\MRT.exe
2015-01-13 11:25:58 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-07 12:22:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-01-07 12:22:42 ----D---- C:\Program Files (x86)\CyberLink
2015-01-07 12:22:34 ----D---- C:\Users\kuba\AppData\Roaming\CyberLink
2015-01-07 07:54:39 ----SD---- C:\Users\kuba\AppData\Roaming\Microsoft
2015-01-06 13:28:32 ----HD---- C:\Program Files (x86)\Temp
2015-01-06 13:27:16 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-01-06 13:25:05 ----D---- C:\SWSetup
2015-01-06 13:24:07 ----A---- C:\Windows\RtlExUpd.dll
2015-01-06 13:09:39 ----D---- C:\Program Files\Common Files\microsoft shared
2015-01-06 13:04:16 ----D---- C:\Windows\system32\Tasks
2015-01-06 01:08:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-22 14:15:46 ----D---- C:\Windows\ModemLogs
2014-12-20 09:14:25 ----A---- C:\Windows\SYSWOW64\igdusc32.dll
2014-12-20 09:14:25 ----A---- C:\Windows\SYSWOW64\igdumdim32.dll
2014-12-20 09:14:25 ----A---- C:\Windows\system32\igdusc64.dll
2014-12-20 09:14:25 ----A---- C:\Windows\system32\igdumdim64.dll
2014-12-20 09:14:24 ----A---- C:\Windows\system32\igd10iumd64.dll
2014-12-19 16:16:34 ----RSD---- C:\Windows\assembly
2014-12-19 16:14:35 ----D---- C:\Windows\system32\catroot2
2014-12-19 16:06:15 ----D---- C:\Windows\SYSWOW64\sda
2014-12-19 16:06:10 ----D---- C:\Program Files (x86)\Realtek
2014-12-19 10:38:37 ----D---- C:\Users\kuba\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MBI;@oem15.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-10-01 131608]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-06-24 28600]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-10-01 119272]
R3 BTHUSB;@Bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 clwvd;@oem24.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem17.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-12-20 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-01-06 4264536]
R3 IntcDAud;@oem36.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-12-20 454416]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 netr28x;@oem26.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2014-03-29 2510536]
R3 RSP2STOR;@oem19.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-12-19 294104]
R3 rtbth;@oem12.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\Windows\System32\drivers\rtbth.sys [2015-01-06 1205872]
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-28 839896]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-12 33008]
R3 SynTP;@oem29.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-12-12 546032]
R3 TXEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@Bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 dot4;@oem7.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem37.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2013-06-04 21928]
S3 dot4usb;@oem7.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-12-16 431920]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-12-16 431920]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-01-13 92160]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2014-10-09 569608]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-12-20 318568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-01-06 291032]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-12-12 191728]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-12-20 280680]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-15 119408]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2013-08-22 37768]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2013-08-22 37768]

-----------------EOF-----------------

Re: Podezřelý e-mail

Napsal: 16 led 2015 19:14
od Roli
Koukám že tam máš Mbam, našel něco ?


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Re: Podezřelý e-mail

Napsal: 16 led 2015 21:43
od 25kubis
Tak MBAM nic nenašel,
přikládám log z ADW:

# AdwCleaner v4.107 - Report created 16/01/2015 at 21:38:17
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8.1 Connected (64 bits)
# Username : kuba - PC
# Running from : C:\Users\kuba\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


*************************

AdwCleaner[R0].txt - [690 octets] - [13/12/2014 12:46:51]
AdwCleaner[R1].txt - [808 octets] - [16/01/2015 21:35:31]
AdwCleaner[S0].txt - [750 octets] - [13/12/2014 12:50:14]
AdwCleaner[S1].txt - [730 octets] - [16/01/2015 21:38:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [789 octets] ##########

Re: Podezřelý e-mail

Napsal: 17 led 2015 21:19
od Roli
Bezva vše je v pořádku :)

Re: Podezřelý e-mail

Napsal: 18 led 2015 01:00
od 25kubis
Tak to je fajn, děkuji za kontrolu.

Re: Podezřelý e-mail

Napsal: 18 led 2015 19:19
od Roli
Není zač a :closed: