Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Pavouk1
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 15 pro 2012 10:14

Prosím o kontrolu logu

#1 Příspěvek od Pavouk1 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2014-07-20 10:27:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 287 GB (60%) free of 477 GB
Total RAM: 4044 MB (47% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
"taskhost.exe"
\??\C:\Windows\system32\conhost.exe "1502633757-2054463892-1033008667-1099015569-673628638-698736017-5165304632013100493
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe"
"C:\Program Files (x86)\MyPC Backup\BackupStack.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\uzivatel\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Scanner.exe"
genie2_tray.exe -start _NETGEARGenieTray_{6a9b68e5-4a92-4f4d-a93e-c8b3d8476f8d}_0_
"C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\splwow64.exe 8192
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\AtuZi\updateAtuZi.exe"
"C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe"
"C:\Program Files (x86)\AtuZi\bin\AtuZi.PurBrowse64.exe" /l false /s false /c "AtuZi" /t "C:\Program Files (x86)\AtuZi\bin\TEMP" /i "http://apiatuzicom-a.akamaihd.net/gsrs? ... 0000000000" /d {a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64 /p ef875cf0-9be9-4529-a8d5-02a1dd22debb:firefox /p 048abee9-bb54-4124-a446-a43af2297654:iexplore
\??\C:\Windows\system32\conhost.exe "20424268563543723151771820324-10326564281451868910-17360880811914339788-1622094547
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {9F6055EB-DA49-40B3-A737-8A102FF0C983}
"C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:update_vps

"C:\Users\uzivatel\Desktop\RSITx64(1).exe"
wmiadap.exe /R /T
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-05-20 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-09 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-06-03 885976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-06-10 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-09 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-06-03 710360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2014-05-19 596320]
"AllShare Control"=C:\Program Files\Samsung\AllShare Control\AllShare Control []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NETGEARGenie"=C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [2014-06-11 596480]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-09 3854640]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Download App.lnk - C:\Users\uzivatel\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Scanner.exe
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-07-20 10:27:20 ----D---- C:\rsit
2014-07-18 14:41:15 ----A---- C:\Windows\system32\drivers\{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64.sys
2014-07-15 12:25:37 ----A---- C:\Windows\SYSWOW64\wpcap.dll
2014-07-15 12:25:37 ----A---- C:\Windows\SYSWOW64\packet.dll
2014-07-15 12:25:37 ----A---- C:\Windows\system32\wpcap.dll
2014-07-15 12:25:37 ----A---- C:\Windows\system32\packet.dll
2014-07-15 12:25:37 ----A---- C:\Windows\system32\drivers\npf.sys
2014-07-15 12:25:29 ----D---- C:\Program Files (x86)\NETGEAR Genie
2014-07-13 12:32:53 ----D---- C:\Upload
2014-07-13 12:32:34 ----D---- C:\Samsung Link
2014-07-13 12:32:02 ----D---- C:\Program Files\Samsung
2014-07-13 12:29:02 ----D---- C:\Program Files (x86)\AtuZi
2014-07-13 12:28:42 ----D---- C:\Users\uzivatel\AppData\Roaming\Systweak
2014-07-13 12:28:34 ----D---- C:\Program Files (x86)\MyPC Backup
2014-07-13 12:28:23 ----D---- C:\Users\uzivatel\AppData\Roaming\CBS Interactive
2014-07-06 13:54:20 ----D---- C:\Users\uzivatel\AppData\Roaming\LEAPS
2014-07-06 13:51:37 ----D---- C:\Users\uzivatel\AppData\Roaming\Pegasys Inc
2014-07-06 13:48:48 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2014-07-06 13:48:48 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2014-07-06 13:48:47 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2014-07-06 13:48:25 ----D---- C:\Program Files (x86)\Pegasys Inc
2014-07-06 13:30:43 ----SHD---- C:\$RECYCLE.BIN
2014-07-06 09:50:48 ----D---- C:\Program Files\trend micro
2014-07-05 15:56:55 ----D---- C:\Program Files (x86)\MyFree Codec
2014-07-05 11:12:06 ----D---- C:\14
2014-07-05 10:42:29 ----D---- C:\Users\uzivatel\AppData\Roaming\Canon_Inc_IC
2014-07-05 10:42:26 ----D---- C:\Program Files (x86)\Canon
2014-07-05 10:42:01 ----D---- C:\Users\uzivatel\AppData\Roaming\canon
2014-07-05 10:41:37 ----D---- C:\ProgramData\Canon_Inc_IC
2014-07-05 10:40:00 ----D---- C:\13
2014-07-02 10:12:13 ----D---- C:\12
2014-06-24 21:54:13 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-24 21:54:12 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-24 21:54:11 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-24 21:54:11 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-24 21:54:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-24 21:54:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-24 21:54:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-24 21:54:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-24 21:54:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-24 21:54:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-24 21:54:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-24 21:54:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-24 21:54:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-24 21:54:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-24 21:54:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-24 21:54:06 ----A---- C:\Windows\system32\urlmon.dll
2014-06-24 21:54:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-24 21:54:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-24 21:54:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-24 21:54:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-24 21:54:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-24 21:54:05 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-24 21:54:05 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-24 21:54:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-24 21:54:05 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-24 21:54:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-24 21:54:04 ----A---- C:\Windows\system32\iesetup.dll
2014-06-24 21:54:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-24 21:54:03 ----A---- C:\Windows\system32\iertutil.dll
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-24 21:54:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-24 21:54:02 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-24 21:54:02 ----A---- C:\Windows\system32\iernonce.dll
2014-06-24 21:54:01 ----A---- C:\Windows\system32\ieui.dll
2014-06-24 21:54:01 ----A---- C:\Windows\system32\ieframe.dll
2014-06-24 21:54:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-24 21:54:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-24 21:54:00 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-24 21:54:00 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-24 21:54:00 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-24 21:53:59 ----A---- C:\Windows\system32\wininet.dll
2014-06-24 21:53:59 ----A---- C:\Windows\system32\vbscript.dll
2014-06-24 21:53:59 ----A---- C:\Windows\system32\jscript9.dll
2014-06-24 21:53:59 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-24 21:53:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-24 21:53:58 ----A---- C:\Windows\system32\msrating.dll
2014-06-24 21:53:57 ----A---- C:\Windows\system32\mshtml.dll
2014-06-24 21:53:44 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-24 21:53:44 ----A---- C:\Windows\system32\usp10.dll

======List of files/folders modified in the last 1 month======

2014-07-20 10:27:27 ----D---- C:\Windows\Prefetch
2014-07-20 10:27:19 ----D---- C:\Windows\Temp
2014-07-19 18:28:26 ----D---- C:\Windows\system32\config
2014-07-19 18:21:58 ----D---- C:\Windows\System32
2014-07-19 18:21:58 ----D---- C:\Windows\inf
2014-07-19 18:21:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-18 18:22:19 ----AD---- C:\BT
2014-07-18 14:41:15 ----D---- C:\Windows\system32\drivers
2014-07-18 13:17:48 ----SHD---- C:\System Volume Information
2014-07-15 16:24:45 ----SHD---- C:\Windows\Installer
2014-07-15 16:24:45 ----D---- C:\Config.Msi
2014-07-15 16:23:41 ----D---- C:\3
2014-07-15 12:25:37 ----D---- C:\Windows\SysWOW64
2014-07-15 12:25:29 ----RD---- C:\Program Files (x86)
2014-07-14 17:26:51 ----D---- C:\Windows\system32\NDF
2014-07-14 17:22:16 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2014-07-13 12:32:35 ----D---- C:\Users\uzivatel\AppData\Roaming\Samsung
2014-07-13 12:32:35 ----D---- C:\ProgramData\Samsung
2014-07-13 12:32:02 ----RD---- C:\Program Files
2014-07-13 07:35:18 ----D---- C:\Windows
2014-07-11 20:31:24 ----D---- C:\Windows\Microsoft.NET
2014-07-11 20:24:33 ----RSD---- C:\Windows\assembly
2014-07-11 20:13:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-07-11 20:12:18 ----D---- C:\Program Files\Microsoft Office 15
2014-07-06 13:48:56 ----D---- C:\Windows\system32\catroot
2014-07-06 13:48:26 ----D---- C:\Program Files (x86)\Common Files
2014-07-06 13:35:03 ----D---- C:\Windows\debug
2014-07-06 11:44:25 ----D---- C:\Windows\Tasks
2014-07-06 09:33:49 ----A---- C:\Windows\system.ini
2014-07-06 09:33:38 ----D---- C:\Windows\system32\drivers\etc
2014-07-06 09:29:18 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-06 09:29:18 ----D---- C:\Windows\AppPatch
2014-07-05 17:25:02 ----D---- C:\Windows\Migration
2014-07-05 15:50:49 ----D---- C:\ProgramData\Malwarebytes
2014-07-05 15:49:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-05 10:41:37 ----D---- C:\ProgramData
2014-07-05 10:16:45 ----D---- C:\The KMPlayer
2014-07-02 18:51:24 ----D---- C:\Windows\system32\catroot2
2014-07-02 10:15:22 ----D---- C:\1
2014-06-29 11:58:35 ----D---- C:\Windows\rescache
2014-06-28 17:48:09 ----D---- C:\ProgramData\AVerTV 3D
2014-06-24 22:45:26 ----D---- C:\Windows\system32\LogFiles
2014-06-24 22:02:49 ----D---- C:\Windows\winsxs
2014-06-24 22:00:47 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-24 22:00:47 ----D---- C:\Windows\system32\en-US
2014-06-24 22:00:47 ----D---- C:\Program Files\Internet Explorer
2014-06-24 22:00:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-24 21:59:18 ----D---- C:\Windows\system32\MRT
2014-06-24 21:57:19 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-09 208928]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-09 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-09 423240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-09 79184]
R2 NPF;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2014-07-15 35344]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-08-18 9981952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-08-17 310272]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-09 84816]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-01 134696]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-14 43832]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv64.sys [2012-09-19 691968]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-08-17 204288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-09 50344]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-08-19 360448]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
R2 AVerUpdateServer;AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-10-31 167936]
R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-06-18 36424]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-06-19 2356408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-02-25 108032]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2014-03-24 225792]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-05-19 604512]
R2 Update AtuZi;Update AtuZi; C:\Program Files (x86)\AtuZi\updateAtuZi.exe [2014-07-18 321816]
R2 Util AtuZi;Util AtuZi; C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe [2014-07-19 321816]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -s DefaultInstance []
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-19 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-03-30 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-03-30 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu logu

#2 Příspěvek od Márty84 »

Zdravim.

Minulou kontrolu jste nedokoncil a jste tu po 14 dnech znova se stejnym pc. Myslite, ze nas to takhle bavi?




1.9. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“