pocitac neslape, jak ma. Dekuji

Zpráva

adamski · #1 Příspěvek od **adamski** » 30 srp 2014 15:14

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2014-08-30 16:13:31
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 49 GB (32%) free of 153 GB
Total RAM: 3052 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:13:37, on 30.8.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Admin\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [V0260Cfg.exe] V0260Cfg.exe /d:4
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.13.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6223 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2170952520-3942242293-2981979654-1000Core.job - C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2170952520-3942242293-2981979654-1000UA.job - C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default

prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=UP97&ocid=UP97DH ... from=icqhp"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.20.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\searchplugins\
bing-avast.xml
bingp.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-25 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-25 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-02 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-02 150552]
"V0260Cfg.exe"=V0260Cfg.exe /d:4 []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-08-29 1942424]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-30 507776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Facebook Update"=C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-08 138096]
"cz.seznam.software.autoupdate"=C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-01-08 210432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=msh263.drv
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.ffds"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-30 16:09:14 ----D---- C:\Program Files\trend micro
2014-08-30 16:09:13 ----D---- C:\rsit
2014-08-30 10:21:14 ----SHD---- C:\Config.Msi
2014-08-29 10:37:32 ----A---- C:\Windows\system32\win32k.sys
2014-08-29 10:37:32 ----A---- C:\Windows\system32\gdi32.dll
2014-08-25 06:30:46 ----D---- C:\Program Files\Common Files\Java
2014-08-21 15:20:20 ----D---- C:\Program Files\Common Files\Skype
2014-08-21 15:20:19 ----RD---- C:\Program Files\Skype
2014-08-20 07:00:18 ----D---- C:\ProgramData\IDM
2014-08-20 07:00:14 ----D---- C:\Users\Admin\AppData\Roaming\IDM
2014-08-13 13:26:16 ----D---- C:\Users\Admin\AppData\Roaming\Seznam.cz
2014-08-12 21:14:33 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-12 21:14:33 ----A---- C:\Windows\system32\icardres.dll
2014-08-12 21:14:33 ----A---- C:\Windows\system32\icardagt.exe
2014-08-12 21:14:22 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-12 20:25:09 ----A---- C:\Windows\system32\msi.dll
2014-08-12 20:25:09 ----A---- C:\Windows\system32\authui.dll
2014-08-12 20:25:08 ----A---- C:\Windows\system32\msihnd.dll
2014-08-12 20:25:08 ----A---- C:\Windows\system32\consent.exe
2014-08-12 20:25:08 ----A---- C:\Windows\system32\appinfo.dll
2014-08-12 20:24:59 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-12 20:24:59 ----A---- C:\Windows\system32\cdd.dll
2014-08-12 20:24:49 ----A---- C:\Windows\system32\tzres.dll
2014-08-12 20:24:42 ----A---- C:\Windows\system32\vbscript.dll
2014-08-12 20:24:42 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-12 20:24:41 ----A---- C:\Windows\system32\wininet.dll
2014-08-12 20:24:41 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-12 20:24:41 ----A---- C:\Windows\system32\jscript9.dll
2014-08-12 20:24:41 ----A---- C:\Windows\system32\jscript.dll
2014-08-12 20:24:41 ----A---- C:\Windows\system32\ieui.dll
2014-08-12 20:24:41 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-12 20:24:36 ----A---- C:\Windows\system32\mshtml.dll
2014-08-12 20:24:34 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-12 20:24:34 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-12 20:24:33 ----A---- C:\Windows\system32\urlmon.dll
2014-08-12 20:24:33 ----A---- C:\Windows\system32\mshta.exe
2014-08-12 20:24:32 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-12 20:24:31 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-12 20:24:29 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-12 20:24:28 ----A---- C:\Windows\system32\url.dll
2014-08-12 20:24:28 ----A---- C:\Windows\system32\iertutil.dll
2014-08-12 20:24:27 ----A---- C:\Windows\system32\ieframe.dll
2014-08-10 15:38:42 ----D---- C:\ProgramData\AskPartnerNetwork
2014-08-10 15:38:42 ----D---- C:\Program Files\AskPartnerNetwork
2014-08-10 15:36:09 ----A---- C:\Windows\system32\javaws.exe
2014-08-10 15:35:46 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-10 15:35:46 ----A---- C:\Windows\system32\javaw.exe
2014-08-10 15:35:45 ----A---- C:\Windows\system32\java.exe
2014-08-10 15:35:31 ----D---- C:\Program Files\Java
2014-08-08 14:35:53 ----RSD---- C:\Windows\assembly

======List of files/folders modified in the last 1 month======

2014-08-30 16:13:36 ----D---- C:\Windows\Temp
2014-08-30 16:13:04 ----D---- C:\Windows\Prefetch
2014-08-30 16:09:14 ----D---- C:\Program Files
2014-08-30 15:54:57 ----D---- C:\Users\Admin\AppData\Roaming\Media Player Classic
2014-08-30 15:54:54 ----D---- C:\Windows\inf
2014-08-30 15:54:53 ----D---- C:\Windows\Minidump
2014-08-30 15:54:53 ----D---- C:\Windows\Debug
2014-08-30 15:54:53 ----D---- C:\Windows
2014-08-30 15:53:50 ----D---- C:\Program Files\CCleaner
2014-08-30 15:51:36 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2014-08-30 10:21:30 ----SHD---- C:\Windows\Installer
2014-08-30 08:15:36 ----SHD---- C:\System Volume Information
2014-08-29 10:47:59 ----D---- C:\Windows\System32
2014-08-29 10:37:42 ----D---- C:\Windows\winsxs
2014-08-29 10:37:40 ----D---- C:\Windows\system32\catroot
2014-08-29 10:24:42 ----D---- C:\Windows\system32\Tasks
2014-08-29 10:23:46 ----D---- C:\Windows\system32\catroot2
2014-08-29 10:18:15 ----D---- C:\Windows\system32\Msdtc
2014-08-29 10:18:06 ----D---- C:\Windows\system32\wbem
2014-08-29 10:17:26 ----D---- C:\Windows\system32\config
2014-08-29 10:17:17 ----D---- C:\Windows\Tasks
2014-08-29 10:17:17 ----D---- C:\Windows\system32\spool
2014-08-29 10:17:17 ----D---- C:\Windows\system32\CodeIntegrity
2014-08-29 10:17:14 ----D---- C:\Windows\registration
2014-08-26 19:07:35 ----D---- C:\!zaloha
2014-08-25 06:30:46 ----D---- C:\Program Files\Common Files
2014-08-25 06:29:39 ----D---- C:\ProgramData\Oracle
2014-08-21 15:20:31 ----D---- C:\ProgramData\Skype
2014-08-20 07:00:18 ----HD---- C:\ProgramData
2014-08-12 22:21:10 ----D---- C:\Windows\Microsoft.NET
2014-08-12 21:38:48 ----D---- C:\Windows\rescache
2014-08-12 21:29:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-12 21:20:03 ----D---- C:\Windows\system32\cs-CZ
2014-08-12 21:20:00 ----D---- C:\Windows\system32\migration
2014-08-12 21:20:00 ----D---- C:\Windows\system32\drivers
2014-08-12 21:20:00 ----D---- C:\Program Files\Internet Explorer
2014-08-12 21:19:35 ----D---- C:\Windows\system32\MRT
2014-08-12 21:16:34 ----A---- C:\Windows\system32\mrt.exe
2014-08-10 12:43:31 ----D---- C:\Program Files\Mozilla Firefox
2014-08-08 12:44:02 ----D---- C:\Program Files\Google
2014-08-08 09:04:40 ----D---- C:\Windows\system32\WDI
2014-08-08 07:03:55 ----D---- C:\ProgramData\Adobe
2014-08-05 09:20:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-04 09:39:40 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2014-07-31 17:10:53 ----D---- C:\ProgramData\MFAData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-06 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-06 192352]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-07-06 55112]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-06 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-06 414520]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-07-06 57800]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-06 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-06 67824]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2007-05-11 45056]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-01-08 4391936]
R3 V0260VID;Live! Cam Vista IM; C:\Windows\system32\DRIVERS\V0260Vid.sys [2006-11-04 178913]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-06 35144]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-08-29 166296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-06 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-08 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-26 119408]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 30 srp 2014 17:28

Zdravím!
Jaký problém konkrétně máte?

adamski · #3 Příspěvek od **adamski** » 31 srp 2014 14:32

Zdravim,
napr. Skype pada. z nicehonic se vypne

#4 Příspěvek od **Rudy** » 31 srp 2014 15:48

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

adamski · #5 Příspěvek od **adamski** » 01 zář 2014 10:21

# AdwCleaner v3.308 - Report created 01/09/2014 at 11:19:02
# Updated 20/08/2014 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Admin - PC
# Running from : C:\Users\Admin\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Program Files\DefaultTab
Folder Deleted : C:\Program Files\icqtoolbar
Folder Deleted : C:\Users\Admin\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Admin\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Admin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\searchplugins\bingp.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : ASP

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XTTB00001.XTTB00001Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00.1
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4BD2D6C3-31DC-B947-23D0-DC52EC4F0C4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BE9654C9-9D79-42EC-B55A-3CAEB12DBF58}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\DefaultTab
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16563

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v31.0 (x86 sk)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qkxrpe0h.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.installsource", "1");

-\\ Google Chrome v38.0.2125.24

*************************

AdwCleaner[R0].txt - [5177 octets] - [01/09/2014 11:15:45]
AdwCleaner[R1].txt - [5237 octets] - [01/09/2014 11:17:37]
AdwCleaner[S0].txt - [5205 octets] - [01/09/2014 11:19:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5265 octets] ##########

#6 Příspěvek od **Rudy** » 01 zář 2014 16:13

Dejte nový log RSIT.

VIRY.CZ

pocitac neslape, jak ma. Dekuji

pocitac neslape, jak ma. Dekuji

Re: pocitac neslape, jak ma. Dekuji

Re: pocitac neslape, jak ma. Dekuji

Re: pocitac neslape, jak ma. Dekuji

Re: pocitac neslape, jak ma. Dekuji

Re: pocitac neslape, jak ma. Dekuji