Dobrý večer,
prosím o kontrolu počítače, poslední dobou se výrazně zpomalil a především prohlížeč internetu často zamrzá a padá.
Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by pc at 2014-06-02 19:07:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 53 GB (66%) free of 81 GB
Total RAM: 1024 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:40, on 2.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\pc\Downloads\RSIT (1).exe
C:\Program Files\trend micro\pc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3274090178-2141893195-67117409-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3274090178-2141893195-67117409-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
--
End of file - 5271 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2013-09-23 598016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-06-02 19:05:29 ----D---- C:\Program Files\trend micro
2014-06-02 19:05:27 ----D---- C:\rsit
2014-05-15 20:09:10 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-15 20:06:19 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 20:06:17 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 19:01:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-15 19:01:33 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 19:01:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 19:01:31 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 19:01:31 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 19:01:31 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 19:01:30 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 19:01:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 19:01:28 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 19:01:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 19:01:25 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 19:01:25 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 19:01:25 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 19:00:20 ----A---- C:\Windows\system32\shell32.dll
2014-05-06 20:53:26 ----A---- C:\Windows\system32\vbscript.dll
2014-05-06 20:53:25 ----A---- C:\Windows\system32\ieui.dll
2014-05-06 20:53:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:53:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-06 20:53:15 ----A---- C:\Windows\system32\msrating.dll
2014-05-06 20:53:14 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-06 20:53:14 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-06 20:53:12 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-06 20:53:12 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-06 20:53:11 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-06 20:53:10 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-06 20:53:10 ----A---- C:\Windows\system32\iesetup.dll
2014-05-06 20:53:10 ----A---- C:\Windows\system32\iernonce.dll
2014-05-06 20:53:09 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:53:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:52:59 ----A---- C:\Windows\system32\iertutil.dll
2014-05-06 20:52:58 ----A---- C:\Windows\system32\wininet.dll
2014-05-06 20:52:57 ----A---- C:\Windows\system32\urlmon.dll
2014-05-06 20:52:54 ----A---- C:\Windows\system32\ieframe.dll
2014-05-06 20:52:51 ----A---- C:\Windows\system32\jscript9.dll
======List of files/folders modified in the last 1 month======
2014-06-02 19:07:34 ----D---- C:\Windows\Temp
2014-06-02 19:05:29 ----RD---- C:\Program Files
2014-06-02 19:05:25 ----D---- C:\Windows\Prefetch
2014-06-02 18:06:01 ----D---- C:\Windows\System32
2014-06-02 18:06:01 ----D---- C:\Windows\inf
2014-06-02 18:06:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-02 10:06:44 ----D---- C:\Windows\system32\config
2014-06-02 07:49:14 ----SHD---- C:\System Volume Information
2014-05-20 07:28:02 ----D---- C:\Windows\system32\catroot2
2014-05-16 17:26:44 ----D---- C:\Windows\rescache
2014-05-16 17:11:48 ----D---- C:\Windows\Microsoft.NET
2014-05-16 17:11:38 ----RSD---- C:\Windows\assembly
2014-05-16 06:27:51 ----D---- C:\Windows\winsxs
2014-05-16 06:25:35 ----D---- C:\Windows\system32\cs-CZ
2014-05-16 06:25:34 ----D---- C:\Windows\system32\drivers
2014-05-15 20:09:59 ----SHD---- C:\Windows\Installer
2014-05-15 20:09:52 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 20:09:10 ----D---- C:\Program Files\Common Files
2014-05-15 20:06:24 ----D---- C:\Windows\system32\catroot
2014-05-14 20:40:39 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-07 06:57:47 ----D---- C:\Windows\system32\en-US
2014-05-07 06:57:47 ----D---- C:\Windows\PolicyDefinitions
2014-05-07 06:57:46 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2013-09-23 4075816]
R3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S1 MpKslec08b169;MpKslec08b169; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{14EDB52C-A06A-4546-919C-4D590118E1BA}\MpKslec08b169.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-07 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, počítač se výrazně zpomalil
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač se výrazně zpomalil
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu, počítač se výrazně zpomalil
Děkuji za reakci, tady je log:
# AdwCleaner v3.211 - Report created 04/06/2014 at 18:56:23
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : pc - PC-PC
# Running from : C:\Users\pc\Downloads\adwcleaner_3.211.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\pc\AppData\Local\Temp\OCS
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\AppDataLow\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [886 octets] - [04/06/2014 18:54:24]
AdwCleaner[S0].txt - [814 octets] - [04/06/2014 18:56:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [873 octets] ##########
# AdwCleaner v3.211 - Report created 04/06/2014 at 18:56:23
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : pc - PC-PC
# Running from : C:\Users\pc\Downloads\adwcleaner_3.211.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\pc\AppData\Local\Temp\OCS
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\AppDataLow\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [886 octets] - [04/06/2014 18:54:24]
AdwCleaner[S0].txt - [814 octets] - [04/06/2014 18:56:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [873 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač se výrazně zpomalil
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu, počítač se výrazně zpomalil
Logfile of random's system information tool 1.10 (written by random/random)
Run by pc at 2014-06-04 20:05:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (65%) free of 81 GB
Total RAM: 1024 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:06:02, on 4.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pc\Downloads\RSIT (4).exe
C:\Program Files\trend micro\pc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3274090178-2141893195-67117409-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3274090178-2141893195-67117409-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
--
End of file - 5247 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2013-09-23 598016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-06-04 18:55:13 ----A---- C:\Windows\system32\sqlite3.dll
2014-06-04 18:54:21 ----D---- C:\AdwCleaner
2014-06-02 19:05:29 ----D---- C:\Program Files\trend micro
2014-06-02 19:05:27 ----D---- C:\rsit
2014-05-15 20:09:10 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-15 20:06:19 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 20:06:17 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 19:01:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-15 19:01:33 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 19:01:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 19:01:31 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 19:01:31 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 19:01:31 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 19:01:30 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 19:01:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 19:01:28 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 19:01:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 19:01:25 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 19:01:25 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 19:01:25 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 19:00:20 ----A---- C:\Windows\system32\shell32.dll
2014-05-06 20:53:26 ----A---- C:\Windows\system32\vbscript.dll
2014-05-06 20:53:25 ----A---- C:\Windows\system32\ieui.dll
2014-05-06 20:53:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:53:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-06 20:53:15 ----A---- C:\Windows\system32\msrating.dll
2014-05-06 20:53:14 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-06 20:53:14 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-06 20:53:12 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-06 20:53:12 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-06 20:53:11 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-06 20:53:10 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-06 20:53:10 ----A---- C:\Windows\system32\iesetup.dll
2014-05-06 20:53:10 ----A---- C:\Windows\system32\iernonce.dll
2014-05-06 20:53:09 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:53:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:52:59 ----A---- C:\Windows\system32\iertutil.dll
2014-05-06 20:52:58 ----A---- C:\Windows\system32\wininet.dll
2014-05-06 20:52:57 ----A---- C:\Windows\system32\urlmon.dll
2014-05-06 20:52:54 ----A---- C:\Windows\system32\ieframe.dll
2014-05-06 20:52:51 ----A---- C:\Windows\system32\jscript9.dll
======List of files/folders modified in the last 1 month======
2014-06-04 20:06:00 ----D---- C:\Windows\Prefetch
2014-06-04 20:05:50 ----D---- C:\Windows\Temp
2014-06-04 19:14:07 ----D---- C:\Windows\system32\config
2014-06-04 18:55:13 ----D---- C:\Windows\System32
2014-06-03 06:25:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-02 19:05:29 ----RD---- C:\Program Files
2014-06-02 18:06:01 ----D---- C:\Windows\inf
2014-06-02 07:49:14 ----SHD---- C:\System Volume Information
2014-05-20 07:28:02 ----D---- C:\Windows\system32\catroot2
2014-05-16 17:26:44 ----D---- C:\Windows\rescache
2014-05-16 17:11:48 ----D---- C:\Windows\Microsoft.NET
2014-05-16 17:11:38 ----RSD---- C:\Windows\assembly
2014-05-16 06:27:51 ----D---- C:\Windows\winsxs
2014-05-16 06:25:35 ----D---- C:\Windows\system32\cs-CZ
2014-05-16 06:25:34 ----D---- C:\Windows\system32\drivers
2014-05-15 20:09:59 ----SHD---- C:\Windows\Installer
2014-05-15 20:09:52 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 20:09:10 ----D---- C:\Program Files\Common Files
2014-05-15 20:06:24 ----D---- C:\Windows\system32\catroot
2014-05-14 20:40:39 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-07 06:57:47 ----D---- C:\Windows\system32\en-US
2014-05-07 06:57:47 ----D---- C:\Windows\PolicyDefinitions
2014-05-07 06:57:46 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2013-09-23 4075816]
R3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S1 MpKslec08b169;MpKslec08b169; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{14EDB52C-A06A-4546-919C-4D590118E1BA}\MpKslec08b169.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-07 1343400]
-----------------EOF-----------------
Run by pc at 2014-06-04 20:05:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (65%) free of 81 GB
Total RAM: 1024 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:06:02, on 4.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pc\Downloads\RSIT (4).exe
C:\Program Files\trend micro\pc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3274090178-2141893195-67117409-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3274090178-2141893195-67117409-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
--
End of file - 5247 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2013-09-23 598016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-06-04 18:55:13 ----A---- C:\Windows\system32\sqlite3.dll
2014-06-04 18:54:21 ----D---- C:\AdwCleaner
2014-06-02 19:05:29 ----D---- C:\Program Files\trend micro
2014-06-02 19:05:27 ----D---- C:\rsit
2014-05-15 20:09:10 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-15 20:06:19 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 20:06:17 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 19:01:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-15 19:01:33 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 19:01:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 19:01:31 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 19:01:31 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 19:01:31 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 19:01:30 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 19:01:29 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 19:01:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 19:01:28 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 19:01:27 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 19:01:26 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 19:01:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 19:01:25 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 19:01:25 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 19:01:25 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 19:00:20 ----A---- C:\Windows\system32\shell32.dll
2014-05-06 20:53:26 ----A---- C:\Windows\system32\vbscript.dll
2014-05-06 20:53:25 ----A---- C:\Windows\system32\ieui.dll
2014-05-06 20:53:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:53:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-06 20:53:15 ----A---- C:\Windows\system32\msrating.dll
2014-05-06 20:53:14 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-06 20:53:14 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-06 20:53:12 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-06 20:53:12 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-06 20:53:11 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-06 20:53:10 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-06 20:53:10 ----A---- C:\Windows\system32\iesetup.dll
2014-05-06 20:53:10 ----A---- C:\Windows\system32\iernonce.dll
2014-05-06 20:53:09 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:53:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:53:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:52:59 ----A---- C:\Windows\system32\iertutil.dll
2014-05-06 20:52:58 ----A---- C:\Windows\system32\wininet.dll
2014-05-06 20:52:57 ----A---- C:\Windows\system32\urlmon.dll
2014-05-06 20:52:54 ----A---- C:\Windows\system32\ieframe.dll
2014-05-06 20:52:51 ----A---- C:\Windows\system32\jscript9.dll
======List of files/folders modified in the last 1 month======
2014-06-04 20:06:00 ----D---- C:\Windows\Prefetch
2014-06-04 20:05:50 ----D---- C:\Windows\Temp
2014-06-04 19:14:07 ----D---- C:\Windows\system32\config
2014-06-04 18:55:13 ----D---- C:\Windows\System32
2014-06-03 06:25:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-02 19:05:29 ----RD---- C:\Program Files
2014-06-02 18:06:01 ----D---- C:\Windows\inf
2014-06-02 07:49:14 ----SHD---- C:\System Volume Information
2014-05-20 07:28:02 ----D---- C:\Windows\system32\catroot2
2014-05-16 17:26:44 ----D---- C:\Windows\rescache
2014-05-16 17:11:48 ----D---- C:\Windows\Microsoft.NET
2014-05-16 17:11:38 ----RSD---- C:\Windows\assembly
2014-05-16 06:27:51 ----D---- C:\Windows\winsxs
2014-05-16 06:25:35 ----D---- C:\Windows\system32\cs-CZ
2014-05-16 06:25:34 ----D---- C:\Windows\system32\drivers
2014-05-15 20:09:59 ----SHD---- C:\Windows\Installer
2014-05-15 20:09:52 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 20:09:10 ----D---- C:\Program Files\Common Files
2014-05-15 20:06:24 ----D---- C:\Windows\system32\catroot
2014-05-14 20:40:39 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-07 06:57:47 ----D---- C:\Windows\system32\en-US
2014-05-07 06:57:47 ----D---- C:\Windows\PolicyDefinitions
2014-05-07 06:57:46 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2013-09-23 4075816]
R3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S1 MpKslec08b169;MpKslec08b169; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{14EDB52C-A06A-4546-919C-4D590118E1BA}\MpKslec08b169.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-07 1343400]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, počítač se výrazně zpomalil
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?