Kontrola logu

[gloomy]

Dobry vecer.

Priatelka ma poprosila aby som sa jej pozrel na pocitac, ja ak laik vidim ze tam ma kopu havade a radsej to davam do ruk vam.

Pridavam log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dominika at 2014-11-30 18:00:54
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 10 GB (10%) free of 95 GB
Total RAM: 3069 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:25, on 30. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Glary Utilities 5\Integrator.exe
C:\Program Files\Glary Utilities 5\MemfilesService.exe
C:\Program Files\Glary Utilities 5\Uninstaller.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Dominika\Downloads\RSIT.exe
C:\Program Files\trend micro\Dominika.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: GGoSaivee - {293e068f-3c73-4aae-b009-ee4143ad7d6b} - C:\Program Files\GGoSaivee\pIM0qzFRRVTevx.dll
O2 - BHO: DigiCouupon - {64e92feb-9992-4c7b-8fd7-31f133a675c6} - C:\ProgramData\DigiCouupon\VRKQTz0YgsYyd3.dll
O2 - BHO: GoSaave - {77c928cc-3ba2-4ce2-b3a5-c239e9fb0ac5} - C:\ProgramData\GoSaave\ftStuSdDWsDDOx.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DownSave - {c571887f-3201-45f2-869f-0515201ff777} - C:\ProgramData\DownSave\n1FxedEaCA2XXk.dll
O2 - BHO: DiGiSaver - {ccbd0f56-a133-4874-9bf1-6dfdfdd6bb35} - C:\ProgramData\DiGiSaver\d3qp2h82dSYShw.dll
O2 - BHO: CheapMe - {f630727e-a036-46e0-85c8-cfdfe25ebea2} - C:\ProgramData\CheapMe\kY0noE9RWabpVW.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dominika\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Dominika\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1682065107-395882209-891765868-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1682065107-395882209-891765868-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\sw_boo~1\assist~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 8157 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize 5.job - C:\Program Files\Glary Utilities 5\Initialize.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1682065107-395882209-891765868-1000Core.job - C:\Users\Dominika\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1682065107-395882209-891765868-1000UA.job - C:\Users\Dominika\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SW_Booster-S-2982133423.job - c:\programdata\trusted publisher\sw_booster\SW_Booster.exe /schedule /profile "c:\programdata\trusted publisher\sw_booster\2982133423.ini"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293e068f-3c73-4aae-b009-ee4143ad7d6b}]
GGoSaivee - C:\Program Files\GGoSaivee\pIM0qzFRRVTevx.dll [2013-10-07 642560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64e92feb-9992-4c7b-8fd7-31f133a675c6}]
DigiCouupon - C:\ProgramData\DigiCouupon\VRKQTz0YgsYyd3.dll [2014-10-24 641536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77c928cc-3ba2-4ce2-b3a5-c239e9fb0ac5}]
GoSaave - C:\ProgramData\GoSaave\ftStuSdDWsDDOx.dll [2014-10-22 627712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c571887f-3201-45f2-869f-0515201ff777}]
DownSave - C:\ProgramData\DownSave\n1FxedEaCA2XXk.dll [2014-11-17 758784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccbd0f56-a133-4874-9bf1-6dfdfdd6bb35}]
DiGiSaver - C:\ProgramData\DiGiSaver\d3qp2h82dSYShw.dll [2014-10-17 633344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f630727e-a036-46e0-85c8-cfdfe25ebea2}]
CheapMe - C:\ProgramData\CheapMe\kY0noE9RWabpVW.dll [2014-10-28 636928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-09-01 152392]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Dominika\AppData\Local\Google\Update\GoogleUpdate.exe /c []
"Google+ Auto Backup"=C:\Users\Dominika\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-12 3746120]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-25 21415008]
"GUDelayStartup"=C:\Program Files\Glary Utilities 5\StartupManager.exe [2014-11-24 37152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\sw_boo~1\assist~1.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-30 18:00:55 ----D---- C:\Program Files\trend micro
2014-11-30 18:00:54 ----D---- C:\rsit
2014-11-30 17:55:23 ----D---- C:\Program Files\Microsoft Security Client
2014-11-30 17:53:56 ----D---- C:\9b90e516db0f4ed20e5beafa
2014-11-30 17:53:39 ----D---- C:\ProgramData\GlarySoft
2014-11-30 17:51:49 ----D---- C:\Users\Dominika\AppData\Roaming\DiskDefrag
2014-11-30 17:51:49 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2014-11-30 17:51:48 ----D---- C:\Users\Dominika\AppData\Roaming\GlarySoft
2014-11-30 17:51:44 ----D---- C:\Program Files\Glary Utilities 5
2014-11-17 10:47:33 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2014-11-17 10:47:33 ----A---- C:\Windows\system32\drivers\iSafeKrnlBoot.sys
2014-11-17 10:47:25 ----D---- C:\Users\Dominika\AppData\Roaming\Elex-tech
2014-11-17 10:47:25 ----D---- C:\Program Files\Elex-tech
2014-11-17 10:46:26 ----D---- C:\Users\Dominika\AppData\Roaming\eCyber
2014-11-17 09:22:34 ----D---- C:\ProgramData\DownSave
2014-11-12 18:21:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 18:21:17 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 18:21:16 ----A---- C:\Windows\system32\packager.dll
2014-11-12 18:21:15 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 18:21:15 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 18:21:15 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 18:21:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 18:21:15 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 18:21:14 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 18:21:14 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 18:21:11 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 18:21:09 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 18:21:07 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 18:21:07 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 18:21:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 18:21:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 18:21:07 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 18:21:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 18:21:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 18:21:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 18:21:03 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 18:21:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 18:21:03 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 18:21:03 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 18:21:03 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 18:21:03 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 18:21:03 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 18:21:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 18:21:02 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 18:21:02 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 18:21:02 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 18:21:01 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 18:21:00 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 18:21:00 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 18:21:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 18:20:58 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 18:20:57 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 18:20:57 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 18:20:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 18:20:55 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 18:20:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 18:20:54 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 18:20:52 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 18:20:51 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 18:20:50 ----A---- C:\Windows\system32\jscript9.dll

======List of files/folders modified in the last 1 month======

2014-11-30 18:01:25 ----D---- C:\Windows\Temp
2014-11-30 18:00:55 ----RD---- C:\Program Files
2014-11-30 18:00:19 ----D---- C:\Program Files\GoSavee
2014-11-30 17:59:46 ----D---- C:\Program Files\Tbccint
2014-11-30 17:57:04 ----D---- C:\Windows
2014-11-30 17:55:45 ----SHD---- C:\Windows\Installer
2014-11-30 17:55:35 ----D---- C:\Windows\system32\drivers
2014-11-30 17:55:35 ----D---- C:\Windows\system32\catroot
2014-11-30 17:55:33 ----SD---- C:\ProgramData\Microsoft
2014-11-30 17:54:09 ----D---- C:\Windows\Prefetch
2014-11-30 17:53:39 ----HD---- C:\ProgramData
2014-11-30 17:51:58 ----D---- C:\Windows\system32\Tasks
2014-11-30 17:51:53 ----D---- C:\Windows\Tasks
2014-11-30 17:49:51 ----D---- C:\Windows\system32\config
2014-11-30 17:48:59 ----D---- C:\Users\Dominika\AppData\Roaming\Skype
2014-11-30 17:46:16 ----D---- C:\ProgramData\NVIDIA
2014-11-30 17:45:08 ----D---- C:\ProgramData\5cddd1ee2f999b0
2014-11-30 17:45:07 ----D---- C:\ProgramData\YoutiubeAedBBlocke
2014-11-30 17:45:07 ----D---- C:\Program Files\YoutiubeAedBBlocke
2014-11-21 06:12:09 ----D---- C:\Windows\system32\catroot2
2014-11-21 06:11:59 ----D---- C:\Windows\winsxs
2014-11-17 14:08:17 ----D---- C:\Windows\rescache
2014-11-17 12:27:51 ----D---- C:\Windows\Microsoft.NET
2014-11-17 12:27:50 ----RSD---- C:\Windows\assembly
2014-11-17 12:18:32 ----D---- C:\Windows\System32
2014-11-17 12:18:30 ----D---- C:\Windows\system32\en-US
2014-11-17 12:18:30 ----D---- C:\Windows\system32\cs-CZ
2014-11-17 12:18:24 ----D---- C:\Program Files\Internet Explorer
2014-11-17 11:46:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-17 11:46:36 ----D---- C:\Windows\inf
2014-11-17 11:45:17 ----D---- C:\Windows\system32\MRT
2014-11-17 11:41:58 ----D---- C:\Windows\debug
2014-11-17 11:41:53 ----A---- C:\Windows\system32\MRT.exe
2014-11-17 11:40:28 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [2014-11-11 215080]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [2014-11-11 83112]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [2014-11-11 38440]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2014-11-03 43688]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2014-11-30 17344]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2014-11-11 40744]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-07-28 45056]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 280f2936;SW_Sustainer; c:\progra~1\sw_boo~1\AssistantSvc.dll [2014-10-07 174928]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 iSafeService;YAC Service; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [2014-11-11 118048]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 553288]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 102912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-27 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[altrok]

Prijemny nedelni vecer Vam preju

Prve se zeptam, zda je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic

[gloomy]

Zdravim.

Ja som vcera ten pocitac videl prvy krat v zivote a windows legalny neni, vraj jej ho tam daval sused

[altrok]

Pak mi bohuzel pravidla fora, ktere jste Vy i ja povinni dodrzovat, nedovoluji pokracovat.

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

Pohledejte na foru adwcleaner a zoek, ktery by Vam alespon castecne mohl pomoct

[gloomy]

Aha jasne, ospravedlnujem sa potom skusim co ste mi poradil a dam jej tam original windows dakujem aj tak za pomoc

[altrok]

Nemate zac... Musite chapat, ze na bezpecnostnim foru softwarove piratstvi podporovat nemuzeme


Preju PC bez viru a treba se priste setkame za podminek, kdy nebude nutne pomoc odmitnout