zdravím mám tu netbook majtelka si stěžuje že je pomalý internet a všechno využití procesoru je 97% při jakekoliv operaci
prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Verunka at 2014-10-06 10:12:44
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 60 GB (59%) free of 102 GB
Total RAM: 749 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:17:41, on 6.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskhost.exe
C:\Users\Verunka\Desktop\RSIT.exe
C:\Program Files\trend micro\Verunka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
--
End of file - 6196 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000Core.job - C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000UA.job - C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-16 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-16 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files\ASUS\APRP\APRP.EXE [2011-05-20 2018032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapsHook]
AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2011-04-14 419504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 548744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyMon]
AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]
AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-11 336384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
C:\Program Files\TNod User & Password Finder\TNODUP.exe /i []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAWinAgent]
C:\ExpressGateUtil\VAWinAgent.exe [2011-01-13 191304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk]
C:\PROGRA~1\ESET\MINODL~1\MINODL~1.EXE -f -s -u -d 10000 []
C:\Users\Verunka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-06 10:12:50 ----D---- C:\Program Files\trend micro
2014-10-06 10:12:44 ----D---- C:\rsit
2014-10-05 13:31:49 ----A---- C:\windows\system32\iesetup.dll
2014-10-05 13:31:43 ----A---- C:\windows\system32\ieui.dll
2014-10-05 13:31:41 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-05 13:31:40 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-05 13:31:39 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-05 13:31:38 ----A---- C:\windows\system32\msrating.dll
2014-10-05 13:31:37 ----A---- C:\windows\system32\mshtmled.dll
2014-10-05 13:31:36 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-05 13:31:35 ----A---- C:\windows\system32\jsproxy.dll
2014-10-05 13:31:34 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-05 13:31:34 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-05 13:31:33 ----A---- C:\windows\system32\dxtrans.dll
2014-10-05 13:31:32 ----A---- C:\windows\system32\vbscript.dll
2014-10-05 13:31:32 ----A---- C:\windows\system32\iernonce.dll
2014-10-05 13:31:31 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-05 13:31:26 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-05 13:31:25 ----A---- C:\windows\system32\msfeeds.dll
2014-10-05 13:31:24 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-05 13:31:23 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-05 13:31:16 ----A---- C:\windows\system32\iertutil.dll
2014-10-05 13:31:13 ----A---- C:\windows\system32\wininet.dll
2014-10-05 13:31:10 ----A---- C:\windows\system32\jscript9.dll
2014-10-05 13:31:09 ----A---- C:\windows\system32\urlmon.dll
2014-10-05 13:31:02 ----A---- C:\windows\system32\mshtml.dll
2014-10-05 13:30:56 ----A---- C:\windows\system32\ieframe.dll
2014-10-05 13:25:57 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-10-05 13:06:25 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-05 12:58:27 ----A---- C:\windows\system32\infocardapi.dll
2014-10-05 12:58:14 ----A---- C:\windows\system32\icardres.dll
2014-10-05 12:57:51 ----A---- C:\windows\system32\icardagt.exe
2014-10-05 12:57:23 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mwac.sys
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mbam.sys
2014-10-05 12:55:53 ----D---- C:\ProgramData\Malwarebytes
2014-10-05 12:55:53 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-10-05 12:14:35 ----A---- C:\windows\system32\rpcrt4.dll
2014-10-05 12:14:33 ----A---- C:\windows\system32\win32k.sys
2014-10-05 12:14:32 ----A---- C:\windows\system32\gdi32.dll
2014-10-05 12:14:29 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-10-05 12:14:29 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-10-05 12:14:28 ----A---- C:\windows\system32\cdd.dll
2014-10-05 12:14:23 ----A---- C:\windows\system32\kerberos.dll
2014-10-05 12:14:22 ----A---- C:\windows\system32\lsasrv.dll
2014-10-05 12:09:59 ----A---- C:\windows\system32\qdvd.dll
2014-10-05 12:09:51 ----A---- C:\windows\system32\osk.exe
2014-10-05 12:09:46 ----A---- C:\windows\system32\d3d10warp.dll
2014-10-05 12:09:38 ----A---- C:\windows\system32\msi.dll
2014-10-05 12:09:37 ----A---- C:\windows\system32\authui.dll
2014-10-05 12:09:36 ----A---- C:\windows\system32\msihnd.dll
2014-10-05 12:09:36 ----A---- C:\windows\system32\consent.exe
2014-10-05 12:07:11 ----A---- C:\windows\system32\TSWorkspace.dll
2014-10-05 12:06:43 ----A---- C:\windows\system32\aepdu.dll
2014-10-05 12:06:37 ----A---- C:\windows\system32\aeinv.dll
2014-10-05 12:05:49 ----A---- C:\windows\system32\tzres.dll
2014-10-05 12:05:18 ----A---- C:\windows\system32\shell32.dll
2014-10-05 11:20:38 ----A---- C:\windows\system32\sqlite3.dll
2014-10-05 11:12:52 ----D---- C:\AdwCleaner
2014-10-05 10:08:06 ----A---- C:\windows\system32\wups2.dll
2014-10-05 10:08:05 ----A---- C:\windows\system32\wuauclt.exe
2014-10-05 10:08:03 ----A---- C:\windows\system32\wucltux.dll
2014-10-05 10:08:02 ----A---- C:\windows\system32\wuaueng.dll
2014-10-05 10:06:55 ----A---- C:\windows\system32\wups.dll
2014-10-05 10:06:55 ----A---- C:\windows\system32\wudriver.dll
2014-10-05 10:06:54 ----A---- C:\windows\system32\wuapi.dll
2014-10-05 10:05:51 ----A---- C:\windows\system32\wuwebv.dll
2014-10-05 10:05:51 ----A---- C:\windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2014-10-06 10:17:45 ----D---- C:\windows\Temp
2014-10-06 10:12:50 ----RD---- C:\Program Files
2014-10-06 10:06:32 ----D---- C:\windows\system32\config
2014-10-06 09:35:36 ----D---- C:\Windows
2014-10-05 19:31:17 ----D---- C:\windows\inf
2014-10-05 19:09:11 ----SHD---- C:\System Volume Information
2014-10-05 19:03:06 ----D---- C:\windows\Microsoft.NET
2014-10-05 18:58:56 ----RSD---- C:\windows\assembly
2014-10-05 17:56:29 ----SHD---- C:\windows\Installer
2014-10-05 17:56:23 ----D---- C:\windows\debug
2014-10-05 17:39:06 ----D---- C:\windows\Prefetch
2014-10-05 17:38:52 ----D---- C:\windows\winsxs
2014-10-05 17:35:52 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:35:48 ----D---- C:\windows\system32\drivers
2014-10-05 17:35:48 ----D---- C:\windows\Logs
2014-10-05 17:35:15 ----D---- C:\windows\system32\catroot
2014-10-05 17:33:16 ----D---- C:\windows\system32\cs-CZ
2014-10-05 17:33:16 ----D---- C:\windows\System32
2014-10-05 17:33:15 ----D---- C:\windows\system32\en-US
2014-10-05 17:33:15 ----D---- C:\windows\PolicyDefinitions
2014-10-05 17:33:14 ----D---- C:\Program Files\Internet Explorer
2014-10-05 17:33:06 ----SD---- C:\windows\system32\CompatTel
2014-10-05 17:31:14 ----D---- C:\Program Files\TNod User & Password Finder
2014-10-05 13:53:13 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 13:33:12 ----D---- C:\windows\system32\catroot2
2014-10-05 13:03:45 ----D---- C:\windows\system32\MRT
2014-10-05 12:55:53 ----HD---- C:\ProgramData
2014-10-05 12:54:47 ----D---- C:\Program Files\Microsoft Security Client
2014-10-05 12:28:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-10-05 10:53:26 ----D---- C:\windows\system32\Dism
2014-10-05 10:11:03 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-09-22 08:41:56 ----N---- C:\windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 MpKsl23549c57;MpKsl23549c57; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FAADEAF-C999-4AF1-9A45-1723E9FD1DA0}\MpKsl23549c57.sys [2014-10-05 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-11-10 6574080]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-11-10 229888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2010-03-03 1263104]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2011-01-18 3378984]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-06 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
S2 Parvdm;Parvdm; C:\windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-11-24 4247616]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-11-10 176128]
R2 AsusService;Asus Launcher Service; C:\windows\system32\AsusService.exe [2011-03-04 224680]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2011-01-12 91464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\windows\system32\regedt32.exe [2009-07-14 9216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014
Ran by Verunka (administrator) on VERUNKA-PC on 06-10-2014 10:28:36
Running from C:\Users\Verunka\Desktop
Loaded Profile: Verunka (Available profiles: Verunka)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\AsusService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\ExpressGateUtil\VAWinService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(ASUS) C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKU\S-1-5-21-1406548897-1256152093-2544760797-1000\...\Run: [Google Update] => C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-02] (Google Inc.)
HKU\S-1-5-21-1406548897-1256152093-2544760797-1000\...\MountPoints2: {01541c4d-2e78-11e1-9b06-14dae94ab5ed} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1406548897-1256152093-2544760797-1000\...\MountPoints2: {201c073a-ef98-11e1-ae9c-14dae94ab5ed} - E:\AutoRun.exe
Startup: C:\Users\Verunka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKCU - {7FD25AEE-3CF3-453A-9794-968449ABB42D} URL = http://www2.inbox.com/search/dispatcher ... 120&lng=cs
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Verunka\AppData\Roaming\Mozilla\Firefox\Profiles\a1ss7644.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Verunka\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Verunka\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Verunka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2011-12-16]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Verunka\AppData\Local\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Verunka\AppData\Local\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Verunka\AppData\Local\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Verunka\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR CustomProfile: C:\Users\Verunka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Users\Verunka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files\SiteRanker\Chrome\siterank_c.crx []
CHR StartMenuInternet: Google Chrome - C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-03-04] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-01-12] ()
S2 NOD32FiXTemDono; C:\windows\system32\regedt32.exe /s C:\windows\nod32fixtemdono.reg
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amd_sata; C:\windows\System32\drivers\amd_sata.sys [64128 2010-11-04] (Advanced Micro Devices)
R0 amd_xata; C:\windows\System32\drivers\amd_xata.sys [32384 2010-11-04] (Advanced Micro Devices)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [102912 2010-07-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsl23549c57; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FAADEAF-C999-4AF1-9A45-1723E9FD1DA0}\MpKsl23549c57.sys [39464 2014-10-05] (Microsoft Corporation)
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 10:28 - 2014-10-06 10:29 - 00011742 _____ () C:\Users\Verunka\Desktop\FRST.txt
2014-10-06 10:27 - 2014-10-06 10:28 - 00000000 ____D () C:\FRST
2014-10-06 10:12 - 2014-10-06 10:18 - 00000000 ____D () C:\rsit
2014-10-06 10:12 - 2014-10-06 10:17 - 00000000 ____D () C:\Program Files\trend micro
2014-10-06 10:08 - 2014-10-06 10:05 - 01101312 _____ (Farbar) C:\Users\Verunka\Desktop\FRST.exe
2014-10-06 10:03 - 2014-10-06 10:05 - 01101312 _____ (Farbar) C:\Users\Verunka\Downloads\FRST.exe
2014-10-06 10:00 - 2014-10-06 10:00 - 01107968 _____ () C:\Users\Verunka\Desktop\RSIT.exe
2014-10-06 09:58 - 2014-10-06 10:00 - 01107968 _____ () C:\Users\Verunka\Downloads\RSIT.exe
2014-10-06 09:35 - 2014-10-06 09:35 - 00000350 _____ () C:\windows\PFRO.log
2014-10-05 20:53 - 2014-10-05 22:23 - 834856364 _____ () C:\Users\Verunka\Downloads\Sestra-v-akci-2-(CZ).avi
2014-10-05 19:31 - 2014-10-06 09:35 - 00000056 _____ () C:\windows\setupact.log
2014-10-05 19:31 - 2014-10-05 19:31 - 00000000 _____ () C:\windows\setuperr.log
2014-10-05 19:29 - 2014-10-05 20:41 - 654067840 _____ () C:\Users\Verunka\Downloads\Sestra-v-akci-1-cz-avi..avi
2014-10-05 13:31 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-05 13:31 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-05 13:31 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-05 13:31 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-05 13:31 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-05 13:31 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-05 13:31 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-05 13:31 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-05 13:31 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-05 13:31 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-05 13:31 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-05 13:31 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-05 13:31 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-05 13:31 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-05 13:31 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-05 13:31 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-05 13:31 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-05 13:31 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-05 13:31 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 13:31 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-05 13:31 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-05 13:31 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-05 13:31 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-05 13:31 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-05 13:31 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-05 13:31 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-05 13:31 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-05 13:31 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-05 13:31 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-05 13:30 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-05 13:25 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-10-05 13:06 - 2014-10-06 10:16 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-05 12:58 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-10-05 12:58 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-10-05 12:57 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-10-05 12:57 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-10-05 12:56 - 2014-10-05 12:56 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-05 12:56 - 2014-10-05 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-05 12:55 - 2014-10-05 12:56 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-05 12:55 - 2014-10-05 12:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-05 12:55 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-05 12:55 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-05 12:55 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-05 12:49 - 2014-10-05 12:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Verunka\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-05 12:14 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-10-05 12:14 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-05 12:14 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-10-05 12:14 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-10-05 12:14 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-10-05 12:14 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-10-05 12:14 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2014-10-05 12:14 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-10-05 12:09 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-05 12:09 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-05 12:09 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-10-05 12:09 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-10-05 12:09 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-05 12:09 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-05 12:09 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-10-05 12:07 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-10-05 12:06 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-05 12:06 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-05 12:05 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-10-05 12:05 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-10-05 11:20 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\system32\sqlite3.dll
2014-10-05 11:12 - 2014-10-05 11:26 - 00000000 ____D () C:\AdwCleaner
2014-10-05 11:08 - 2014-10-05 11:10 - 01375089 _____ () C:\Users\Verunka\Downloads\adwcleaner_3.311.exe
2014-10-05 10:08 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-10-05 10:08 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-10-05 10:08 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-10-05 10:08 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-10-05 10:06 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-10-05 10:06 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-10-05 10:06 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-10-05 10:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-10-05 10:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 10:26 - 2011-10-23 19:10 - 01139463 _____ () C:\windows\WindowsUpdate.log
2014-10-06 10:06 - 2012-05-02 07:51 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-06 10:06 - 2012-05-02 07:23 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000UA.job
2014-10-06 09:47 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-06 09:47 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-06 09:35 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-05 22:01 - 2012-05-02 07:23 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000Core.job
2014-10-05 19:03 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-10-05 17:37 - 2009-07-14 06:33 - 00406880 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-05 17:35 - 2011-05-20 04:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-05 17:33 - 2014-06-04 15:18 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-05 17:31 - 2011-12-16 22:30 - 00000000 ____D () C:\Program Files\TNod User & Password Finder
2014-10-05 15:44 - 2012-05-02 07:31 - 00002340 _____ () C:\Users\Verunka\Desktop\Google Chrome.lnk
2014-10-05 13:53 - 2011-10-23 10:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-05 13:22 - 2013-07-19 21:16 - 00000000 ____D () C:\windows\system32\MRT
2014-10-05 12:56 - 2014-06-09 21:40 - 00001912 _____ () C:\windows\epplauncher.mif
2014-10-05 12:55 - 2014-06-09 21:40 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-10-05 12:54 - 2014-06-09 21:39 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-05 12:52 - 2011-05-20 04:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-05 12:28 - 2009-07-27 12:11 - 01603338 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-05 10:11 - 2012-05-02 07:51 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-10-05 10:11 - 2011-12-01 21:41 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-22 08:41 - 2011-10-23 14:44 - 00231568 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Verunka\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-10 07:29
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
netbook zpomalený internet a vůbec všechno
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
Re: netbook zpomalený internet a vůbec všechno
# AdwCleaner v3.311 - Report created 06/10/2014 at 19:36:50
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Verunka - VERUNKA-PC
# Running from : C:\Users\Verunka\Desktop\adwcleaner_3.311 (1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Mozilla Firefox v
[ File : C:\Users\Verunka\AppData\Roaming\Mozilla\Firefox\Profiles\a1ss7644.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Verunka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8044 octets] - [05/10/2014 11:13:23]
AdwCleaner[R1].txt - [1043 octets] - [06/10/2014 19:03:36]
AdwCleaner[S0].txt - [8046 octets] - [05/10/2014 11:25:53]
AdwCleaner[S1].txt - [966 octets] - [06/10/2014 19:36:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1025 octets] ##########
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Verunka - VERUNKA-PC
# Running from : C:\Users\Verunka\Desktop\adwcleaner_3.311 (1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Mozilla Firefox v
[ File : C:\Users\Verunka\AppData\Roaming\Mozilla\Firefox\Profiles\a1ss7644.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Verunka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8044 octets] - [05/10/2014 11:13:23]
AdwCleaner[R1].txt - [1043 octets] - [06/10/2014 19:03:36]
AdwCleaner[S0].txt - [8046 octets] - [05/10/2014 11:25:53]
AdwCleaner[S1].txt - [966 octets] - [06/10/2014 19:36:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1025 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000UA.job
C:\Program Files\TNod User & Password Finder
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk]
:services
NOD32FiXTemDono
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
Re: netbook zpomalený internet a vůbec všechno
All processes killed
========== FILES ==========
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000UA.job moved successfully.
C:\Program Files\TNod User & Password Finder folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service NOD32FiXTemDono stopped successfully!
Service NOD32FiXTemDono deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 121064 bytes
->Temporary Internet Files folder emptied: 327990 bytes
->Flash cache emptied: 343 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Verunka
->Temp folder emptied: 11248199 bytes
->Temporary Internet Files folder emptied: 11514 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52844677 bytes
->Google Chrome cache emptied: 10139603 bytes
->Flash cache emptied: 506 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10430026 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 71585690 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 149,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Verunka
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 10072014_095127
Files moved on Reboot...
File C:\Users\Verunka\AppData\Local\Temp\Temp1_ESET-NOD32-Antivirus-4.2.67.13-(100)-Works-Licence-32bit-CZ.zip\ESET NOD32 Antivirus 4.2.67.13 (100) Works Licence 32bit CZ\TNODUP a MiNODLogin + Hotfix\TNODUP\TNod User & Password Finder\Recover data of current License.bat not found!
Registry entries deleted on Reboot...
a tady je RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Verunka at 2014-10-07 10:06:15
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 61 GB (60%) free of 102 GB
Total RAM: 749 MB (12% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:25, on 7.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\sdclt.exe
C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Verunka\Desktop\RSIT.exe
C:\Program Files\trend micro\Verunka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
--
End of file - 6290 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-16 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-16 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files\ASUS\APRP\APRP.EXE [2011-05-20 2018032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapsHook]
AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2011-04-14 419504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 548744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyMon]
AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]
AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-11 336384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAWinAgent]
C:\ExpressGateUtil\VAWinAgent.exe [2011-01-13 191304]
C:\Users\Verunka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-07 09:51:27 ----D---- C:\_OTM
2014-10-06 10:27:54 ----D---- C:\FRST
2014-10-06 10:12:50 ----D---- C:\Program Files\trend micro
2014-10-06 10:12:44 ----D---- C:\rsit
2014-10-05 13:31:49 ----A---- C:\windows\system32\iesetup.dll
2014-10-05 13:31:43 ----A---- C:\windows\system32\ieui.dll
2014-10-05 13:31:41 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-05 13:31:40 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-05 13:31:39 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-05 13:31:38 ----A---- C:\windows\system32\msrating.dll
2014-10-05 13:31:37 ----A---- C:\windows\system32\mshtmled.dll
2014-10-05 13:31:36 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-05 13:31:35 ----A---- C:\windows\system32\jsproxy.dll
2014-10-05 13:31:34 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-05 13:31:34 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-05 13:31:33 ----A---- C:\windows\system32\dxtrans.dll
2014-10-05 13:31:32 ----A---- C:\windows\system32\vbscript.dll
2014-10-05 13:31:32 ----A---- C:\windows\system32\iernonce.dll
2014-10-05 13:31:31 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-05 13:31:26 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-05 13:31:25 ----A---- C:\windows\system32\msfeeds.dll
2014-10-05 13:31:24 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-05 13:31:23 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-05 13:31:16 ----A---- C:\windows\system32\iertutil.dll
2014-10-05 13:31:13 ----A---- C:\windows\system32\wininet.dll
2014-10-05 13:31:10 ----A---- C:\windows\system32\jscript9.dll
2014-10-05 13:31:09 ----A---- C:\windows\system32\urlmon.dll
2014-10-05 13:31:02 ----A---- C:\windows\system32\mshtml.dll
2014-10-05 13:30:56 ----A---- C:\windows\system32\ieframe.dll
2014-10-05 13:25:57 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-10-05 13:06:25 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-05 12:58:27 ----A---- C:\windows\system32\infocardapi.dll
2014-10-05 12:58:14 ----A---- C:\windows\system32\icardres.dll
2014-10-05 12:57:51 ----A---- C:\windows\system32\icardagt.exe
2014-10-05 12:57:23 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mwac.sys
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mbam.sys
2014-10-05 12:55:53 ----D---- C:\ProgramData\Malwarebytes
2014-10-05 12:55:53 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-10-05 12:14:35 ----A---- C:\windows\system32\rpcrt4.dll
2014-10-05 12:14:33 ----A---- C:\windows\system32\win32k.sys
2014-10-05 12:14:32 ----A---- C:\windows\system32\gdi32.dll
2014-10-05 12:14:29 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-10-05 12:14:29 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-10-05 12:14:28 ----A---- C:\windows\system32\cdd.dll
2014-10-05 12:14:23 ----A---- C:\windows\system32\kerberos.dll
2014-10-05 12:14:22 ----A---- C:\windows\system32\lsasrv.dll
2014-10-05 12:09:59 ----A---- C:\windows\system32\qdvd.dll
2014-10-05 12:09:51 ----A---- C:\windows\system32\osk.exe
2014-10-05 12:09:46 ----A---- C:\windows\system32\d3d10warp.dll
2014-10-05 12:09:38 ----A---- C:\windows\system32\msi.dll
2014-10-05 12:09:37 ----A---- C:\windows\system32\authui.dll
2014-10-05 12:09:36 ----A---- C:\windows\system32\msihnd.dll
2014-10-05 12:09:36 ----A---- C:\windows\system32\consent.exe
2014-10-05 12:07:11 ----A---- C:\windows\system32\TSWorkspace.dll
2014-10-05 12:06:43 ----A---- C:\windows\system32\aepdu.dll
2014-10-05 12:06:37 ----A---- C:\windows\system32\aeinv.dll
2014-10-05 12:05:49 ----A---- C:\windows\system32\tzres.dll
2014-10-05 12:05:18 ----A---- C:\windows\system32\shell32.dll
2014-10-05 11:20:38 ----A---- C:\windows\system32\sqlite3.dll
2014-10-05 11:12:52 ----D---- C:\AdwCleaner
2014-10-05 10:08:06 ----A---- C:\windows\system32\wups2.dll
2014-10-05 10:08:05 ----A---- C:\windows\system32\wuauclt.exe
2014-10-05 10:08:03 ----A---- C:\windows\system32\wucltux.dll
2014-10-05 10:08:02 ----A---- C:\windows\system32\wuaueng.dll
2014-10-05 10:06:55 ----A---- C:\windows\system32\wups.dll
2014-10-05 10:06:55 ----A---- C:\windows\system32\wudriver.dll
2014-10-05 10:06:54 ----A---- C:\windows\system32\wuapi.dll
2014-10-05 10:05:51 ----A---- C:\windows\system32\wuwebv.dll
2014-10-05 10:05:51 ----A---- C:\windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2014-10-07 10:07:31 ----D---- C:\windows\Prefetch
2014-10-07 10:05:05 ----D---- C:\windows\Temp
2014-10-07 09:53:40 ----D---- C:\windows\system32\config
2014-10-07 09:51:32 ----RD---- C:\Program Files
2014-10-07 09:51:31 ----D---- C:\windows\Tasks
2014-10-06 20:37:07 ----D---- C:\windows\System32
2014-10-06 20:37:07 ----D---- C:\windows\inf
2014-10-06 20:37:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-10-06 19:41:59 ----D---- C:\windows\system32\wdi
2014-10-06 11:16:58 ----SHD---- C:\System Volume Information
2014-10-06 10:28:23 ----D---- C:\Windows
2014-10-05 19:03:06 ----D---- C:\windows\Microsoft.NET
2014-10-05 18:58:56 ----RSD---- C:\windows\assembly
2014-10-05 17:56:29 ----SHD---- C:\windows\Installer
2014-10-05 17:56:23 ----D---- C:\windows\debug
2014-10-05 17:38:52 ----D---- C:\windows\winsxs
2014-10-05 17:35:52 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:35:48 ----D---- C:\windows\system32\drivers
2014-10-05 17:35:48 ----D---- C:\windows\Logs
2014-10-05 17:35:15 ----D---- C:\windows\system32\catroot
2014-10-05 17:33:16 ----D---- C:\windows\system32\cs-CZ
2014-10-05 17:33:15 ----D---- C:\windows\system32\en-US
2014-10-05 17:33:15 ----D---- C:\windows\PolicyDefinitions
2014-10-05 17:33:14 ----D---- C:\Program Files\Internet Explorer
2014-10-05 17:33:06 ----SD---- C:\windows\system32\CompatTel
2014-10-05 13:53:13 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 13:33:12 ----D---- C:\windows\system32\catroot2
2014-10-05 13:22:51 ----D---- C:\windows\system32\MRT
2014-10-05 12:55:53 ----HD---- C:\ProgramData
2014-10-05 12:54:47 ----D---- C:\Program Files\Microsoft Security Client
2014-10-05 10:53:26 ----D---- C:\windows\system32\Dism
2014-10-05 10:11:03 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-09-22 08:41:56 ----N---- C:\windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-11-10 6574080]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-11-10 229888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2010-03-03 1263104]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2011-01-18 3378984]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
S2 Parvdm;Parvdm; C:\windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-11-24 4247616]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-11-10 176128]
R2 AsusService;Asus Launcher Service; C:\windows\system32\AsusService.exe [2011-03-04 224680]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2011-01-12 91464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
========== FILES ==========
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1406548897-1256152093-2544760797-1000UA.job moved successfully.
C:\Program Files\TNod User & Password Finder folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TNOD UP\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service NOD32FiXTemDono stopped successfully!
Service NOD32FiXTemDono deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 121064 bytes
->Temporary Internet Files folder emptied: 327990 bytes
->Flash cache emptied: 343 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Verunka
->Temp folder emptied: 11248199 bytes
->Temporary Internet Files folder emptied: 11514 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52844677 bytes
->Google Chrome cache emptied: 10139603 bytes
->Flash cache emptied: 506 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10430026 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 71585690 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 149,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Verunka
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 10072014_095127
Files moved on Reboot...
File C:\Users\Verunka\AppData\Local\Temp\Temp1_ESET-NOD32-Antivirus-4.2.67.13-(100)-Works-Licence-32bit-CZ.zip\ESET NOD32 Antivirus 4.2.67.13 (100) Works Licence 32bit CZ\TNODUP a MiNODLogin + Hotfix\TNODUP\TNod User & Password Finder\Recover data of current License.bat not found!
Registry entries deleted on Reboot...
a tady je RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Verunka at 2014-10-07 10:06:15
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 61 GB (60%) free of 102 GB
Total RAM: 749 MB (12% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:25, on 7.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Common Files\InstantOn\InsOnWMI.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Verunka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\sdclt.exe
C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Verunka\Desktop\RSIT.exe
C:\Program Files\trend micro\Verunka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
--
End of file - 6290 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-16 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-16 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Verunka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files\ASUS\APRP\APRP.EXE [2011-05-20 2018032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapsHook]
AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2011-04-14 419504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 548744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyMon]
AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]
AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-11 336384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAWinAgent]
C:\ExpressGateUtil\VAWinAgent.exe [2011-01-13 191304]
C:\Users\Verunka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-07 09:51:27 ----D---- C:\_OTM
2014-10-06 10:27:54 ----D---- C:\FRST
2014-10-06 10:12:50 ----D---- C:\Program Files\trend micro
2014-10-06 10:12:44 ----D---- C:\rsit
2014-10-05 13:31:49 ----A---- C:\windows\system32\iesetup.dll
2014-10-05 13:31:43 ----A---- C:\windows\system32\ieui.dll
2014-10-05 13:31:41 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-05 13:31:40 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-05 13:31:39 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-05 13:31:38 ----A---- C:\windows\system32\msrating.dll
2014-10-05 13:31:37 ----A---- C:\windows\system32\mshtmled.dll
2014-10-05 13:31:36 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-05 13:31:35 ----A---- C:\windows\system32\jsproxy.dll
2014-10-05 13:31:34 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-05 13:31:34 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-05 13:31:33 ----A---- C:\windows\system32\dxtrans.dll
2014-10-05 13:31:32 ----A---- C:\windows\system32\vbscript.dll
2014-10-05 13:31:32 ----A---- C:\windows\system32\iernonce.dll
2014-10-05 13:31:31 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-05 13:31:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-05 13:31:26 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-05 13:31:25 ----A---- C:\windows\system32\msfeeds.dll
2014-10-05 13:31:24 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-05 13:31:23 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-05 13:31:16 ----A---- C:\windows\system32\iertutil.dll
2014-10-05 13:31:13 ----A---- C:\windows\system32\wininet.dll
2014-10-05 13:31:10 ----A---- C:\windows\system32\jscript9.dll
2014-10-05 13:31:09 ----A---- C:\windows\system32\urlmon.dll
2014-10-05 13:31:02 ----A---- C:\windows\system32\mshtml.dll
2014-10-05 13:30:56 ----A---- C:\windows\system32\ieframe.dll
2014-10-05 13:25:57 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-10-05 13:06:25 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-05 12:58:27 ----A---- C:\windows\system32\infocardapi.dll
2014-10-05 12:58:14 ----A---- C:\windows\system32\icardres.dll
2014-10-05 12:57:51 ----A---- C:\windows\system32\icardagt.exe
2014-10-05 12:57:23 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mwac.sys
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-10-05 12:55:55 ----A---- C:\windows\system32\drivers\mbam.sys
2014-10-05 12:55:53 ----D---- C:\ProgramData\Malwarebytes
2014-10-05 12:55:53 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-10-05 12:14:35 ----A---- C:\windows\system32\rpcrt4.dll
2014-10-05 12:14:33 ----A---- C:\windows\system32\win32k.sys
2014-10-05 12:14:32 ----A---- C:\windows\system32\gdi32.dll
2014-10-05 12:14:29 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-10-05 12:14:29 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-10-05 12:14:28 ----A---- C:\windows\system32\cdd.dll
2014-10-05 12:14:23 ----A---- C:\windows\system32\kerberos.dll
2014-10-05 12:14:22 ----A---- C:\windows\system32\lsasrv.dll
2014-10-05 12:09:59 ----A---- C:\windows\system32\qdvd.dll
2014-10-05 12:09:51 ----A---- C:\windows\system32\osk.exe
2014-10-05 12:09:46 ----A---- C:\windows\system32\d3d10warp.dll
2014-10-05 12:09:38 ----A---- C:\windows\system32\msi.dll
2014-10-05 12:09:37 ----A---- C:\windows\system32\authui.dll
2014-10-05 12:09:36 ----A---- C:\windows\system32\msihnd.dll
2014-10-05 12:09:36 ----A---- C:\windows\system32\consent.exe
2014-10-05 12:07:11 ----A---- C:\windows\system32\TSWorkspace.dll
2014-10-05 12:06:43 ----A---- C:\windows\system32\aepdu.dll
2014-10-05 12:06:37 ----A---- C:\windows\system32\aeinv.dll
2014-10-05 12:05:49 ----A---- C:\windows\system32\tzres.dll
2014-10-05 12:05:18 ----A---- C:\windows\system32\shell32.dll
2014-10-05 11:20:38 ----A---- C:\windows\system32\sqlite3.dll
2014-10-05 11:12:52 ----D---- C:\AdwCleaner
2014-10-05 10:08:06 ----A---- C:\windows\system32\wups2.dll
2014-10-05 10:08:05 ----A---- C:\windows\system32\wuauclt.exe
2014-10-05 10:08:03 ----A---- C:\windows\system32\wucltux.dll
2014-10-05 10:08:02 ----A---- C:\windows\system32\wuaueng.dll
2014-10-05 10:06:55 ----A---- C:\windows\system32\wups.dll
2014-10-05 10:06:55 ----A---- C:\windows\system32\wudriver.dll
2014-10-05 10:06:54 ----A---- C:\windows\system32\wuapi.dll
2014-10-05 10:05:51 ----A---- C:\windows\system32\wuwebv.dll
2014-10-05 10:05:51 ----A---- C:\windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2014-10-07 10:07:31 ----D---- C:\windows\Prefetch
2014-10-07 10:05:05 ----D---- C:\windows\Temp
2014-10-07 09:53:40 ----D---- C:\windows\system32\config
2014-10-07 09:51:32 ----RD---- C:\Program Files
2014-10-07 09:51:31 ----D---- C:\windows\Tasks
2014-10-06 20:37:07 ----D---- C:\windows\System32
2014-10-06 20:37:07 ----D---- C:\windows\inf
2014-10-06 20:37:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-10-06 19:41:59 ----D---- C:\windows\system32\wdi
2014-10-06 11:16:58 ----SHD---- C:\System Volume Information
2014-10-06 10:28:23 ----D---- C:\Windows
2014-10-05 19:03:06 ----D---- C:\windows\Microsoft.NET
2014-10-05 18:58:56 ----RSD---- C:\windows\assembly
2014-10-05 17:56:29 ----SHD---- C:\windows\Installer
2014-10-05 17:56:23 ----D---- C:\windows\debug
2014-10-05 17:38:52 ----D---- C:\windows\winsxs
2014-10-05 17:35:52 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-05 17:35:48 ----D---- C:\windows\system32\drivers
2014-10-05 17:35:48 ----D---- C:\windows\Logs
2014-10-05 17:35:15 ----D---- C:\windows\system32\catroot
2014-10-05 17:33:16 ----D---- C:\windows\system32\cs-CZ
2014-10-05 17:33:15 ----D---- C:\windows\system32\en-US
2014-10-05 17:33:15 ----D---- C:\windows\PolicyDefinitions
2014-10-05 17:33:14 ----D---- C:\Program Files\Internet Explorer
2014-10-05 17:33:06 ----SD---- C:\windows\system32\CompatTel
2014-10-05 13:53:13 ----D---- C:\ProgramData\Microsoft Help
2014-10-05 13:33:12 ----D---- C:\windows\system32\catroot2
2014-10-05 13:22:51 ----D---- C:\windows\system32\MRT
2014-10-05 12:55:53 ----HD---- C:\ProgramData
2014-10-05 12:54:47 ----D---- C:\Program Files\Microsoft Security Client
2014-10-05 10:53:26 ----D---- C:\windows\system32\Dism
2014-10-05 10:11:03 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-09-22 08:41:56 ----N---- C:\windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-11-10 6574080]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-11-10 229888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2010-03-03 1263104]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2011-01-18 3378984]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
S2 Parvdm;Parvdm; C:\windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-11-24 4247616]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-11-10 176128]
R2 AsusService;Asus Launcher Service; C:\windows\system32\AsusService.exe [2011-03-04 224680]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 VideAceWindowsService;VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [2011-01-12 91464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Vše smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
Re: netbook zpomalený internet a vůbec všechno
hotovo 89% využití hned po startu
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Který proces systém nejvíce vytěžuje?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
Re: netbook zpomalený internet a vůbec všechno
system NT kernel ¨
zajimava vec
Chrom exe
chrom exe
chrom exe
pritom zaplej je jen jednou
zajimava vec
Chrom exe
chrom exe
chrom exe
pritom zaplej je jen jednou
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Každý doplněk chrome má vlastní úlohu. Chrome zazálohujte pomocí ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak chrome odinstalujte vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky, příp. hesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
Re: netbook zpomalený internet a vůbec všechno
už je to kapínek lepší ale furt to nejní ono nejradší bych tyhle netboky vyhazoval z okna
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Na zkoušku vypněte aut. aktualizace a vyzkoušejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Luckyphonyx
- Návštěvník
- Příspěvky: 126
- Registrován: 09 říj 2013 20:37
Re: netbook zpomalený internet a vůbec všechno
furt se držíme nahoře mocc vysoko 85 % Cpu
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: netbook zpomalený internet a vůbec všechno
Před tím jste sice psal 74, ale to je jedno. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?