Preventivní kontrola logu

Zpráva

tkalarm · #1 Příspěvek od **tkalarm** » 21 bře 2015 10:33

Logfile of random's system information tool 1.10 (written by random/random)
Run by Správce PC at 2015-03-21 10:29:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 39 GB (52%) free of 76 GB
Total RAM: 2038 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:29:41, on 21.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MTV Kalinovi\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\Správce PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-661240960-1612435486-3582342506-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'MTV Kalinovi')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 4134 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Správce PC\AppData\Roaming\Mozilla\Firefox\Profiles\w0r7elqt.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 978520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-14 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-14 221184]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-21 10:29:19 ----D---- C:\rsit
2015-03-21 10:29:19 ----D---- C:\Program Files\trend micro
2015-03-21 08:18:36 ----D---- C:\Program Files\Mozilla Firefox
2015-03-11 08:59:55 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 08:59:52 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 08:59:52 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:59:52 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 08:59:51 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 08:59:50 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 08:59:48 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 08:59:47 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 08:59:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 08:59:46 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 08:59:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 08:59:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 08:59:45 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 08:59:45 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 08:59:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 08:59:44 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 08:59:44 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 08:59:44 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 08:59:44 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 08:59:44 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 08:59:43 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 08:59:41 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 08:59:41 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 08:59:40 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 08:59:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 08:59:38 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 08:59:38 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 08:59:37 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 08:59:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 08:59:35 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 08:59:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 08:59:34 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 08:59:32 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 08:59:31 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 08:59:30 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 08:58:51 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 08:58:48 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 08:58:48 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 08:58:48 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 08:58:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 08:58:48 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 08:58:47 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 08:58:47 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 08:58:47 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 08:58:47 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 08:58:47 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 08:58:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 08:58:47 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 08:58:47 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 08:58:46 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 08:58:46 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 08:58:46 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 08:58:46 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 08:58:46 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 08:58:30 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 08:58:30 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 08:58:30 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 08:58:30 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 08:58:29 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 08:58:28 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 08:58:13 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 08:58:13 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 08:58:12 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 08:58:11 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 08:58:11 ----A---- C:\Windows\system32\mf.dll
2015-03-11 08:58:08 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 08:58:08 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 08:58:08 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 08:58:08 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 08:58:08 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 08:58:08 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 08:58:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 08:58:06 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 08:58:06 ----A---- C:\Windows\system32\evr.dll
2015-03-11 08:58:06 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 08:58:05 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 08:58:05 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 08:58:04 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 08:58:04 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 08:58:02 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 08:58:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 08:58:02 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 08:58:02 ----A---- C:\Windows\system32\ci.dll
2015-03-11 08:58:01 ----A---- C:\Windows\system32\winload.exe
2015-03-11 08:58:00 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 08:57:59 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 08:57:59 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 08:57:59 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 08:57:58 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 08:57:57 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 08:57:56 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 08:57:56 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 08:57:55 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 08:57:55 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 08:57:55 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 08:57:55 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 08:57:55 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 08:57:54 ----A---- C:\Windows\system32\smss.exe
2015-03-11 08:57:54 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 08:57:54 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 08:57:54 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 08:57:53 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 08:57:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 08:57:53 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 08:57:53 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 08:57:53 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 08:57:53 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 08:57:52 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 08:57:52 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 08:57:52 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 08:57:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 08:57:50 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 08:57:50 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 08:57:50 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 08:57:49 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 08:57:49 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 08:57:48 ----A---- C:\Windows\system32\mferror.dll

======List of files/folders modified in the last 1 month======

2015-03-21 10:29:34 ----D---- C:\Windows\Prefetch
2015-03-21 10:29:19 ----RD---- C:\Program Files
2015-03-21 10:09:47 ----D---- C:\Windows\Temp
2015-03-21 08:51:03 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-21 08:01:47 ----D---- C:\Windows\system32\config
2015-03-19 18:16:35 ----SHD---- C:\System Volume Information
2015-03-14 08:38:08 ----D---- C:\Windows\system32\drivers
2015-03-14 08:38:06 ----D---- C:\Windows\System32
2015-03-14 08:38:05 ----D---- C:\Windows\system32\drivers\UMDF
2015-03-14 08:38:05 ----D---- C:\Windows\inf
2015-03-14 08:38:02 ----D---- C:\ProgramData\PC Suite
2015-03-12 11:04:42 ----D---- C:\Windows\rescache
2015-03-12 08:28:40 ----D---- C:\Windows\system32\catroot2
2015-03-12 08:25:17 ----D---- C:\Windows\winsxs
2015-03-12 08:22:52 ----D---- C:\Windows\system32\en-US
2015-03-12 08:22:51 ----D---- C:\Program Files\Internet Explorer
2015-03-12 08:22:50 ----D---- C:\Windows\system32\cs-CZ
2015-03-12 08:22:47 ----D---- C:\Program Files\Windows Media Player
2015-03-12 08:22:46 ----D---- C:\Windows\system32\Dism
2015-03-12 08:22:44 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-12 08:22:44 ----D---- C:\Windows\system32\Boot
2015-03-11 23:28:08 ----D---- C:\Windows\system32\MRT
2015-03-11 23:28:00 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 08:56:14 ----D---- C:\Windows\system32\catroot
2015-03-07 07:09:11 ----D---- C:\Windows
2015-03-03 14:16:52 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-27 18:00:29 ----D---- C:\Windows\Downloaded Program Files
2015-02-27 18:00:21 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-02-22 10:15:14 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 239224]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 95408]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AR9271;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuw.sys [2011-07-28 1763584]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 smwdm;smwdm; C:\Windows\system32\drivers\smwdm.sys [2005-11-29 260224]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2011-04-20 1570304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 22184]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 284472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-04 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-27 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-04 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-21 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-03 1343400]

-----------------EOF-----------------

Děkuji

#2 Příspěvek od **Márty84** » 21 bře 2015 11:16

Zdravim

Jde ciste jen o prevenci, nebo je i nejaky problem?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

tkalarm · #3 Příspěvek od **tkalarm** » 22 bře 2015 09:40

Dobre rano,
omlouvam se za delsi neaktivitu, musel jsem vcera odejit od PC a dostal jsem se zpet az ted.

K otazce, jedna se opravdu pouze o preventivni kontrolu, i kdyz, vzdycky se daji nejake mouchy najit...

Kazdopadne zadne vetsi konkretni problemy s PC t.c. nejsou.

Log prikladam... Velmi dekuji za ochotu.

# AdwCleaner v4.112 - Logfile created 22/03/2015 at 09:35:32
# Updated 09/03/2015 by Xplode
# Database : 2015-03-22.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Správce PC - MTVKALINOVI-PC
# Running from : C:\Users\MTV Kalinovi\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\MTV Kalinovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
File Deleted : C:\Users\Správce PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
File Deleted : C:\Users\Správce PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

-\\ Mozilla Firefox v36.0.3 (x86 cs)

-\\ Google Chrome v41.0.2272.101

*************************

AdwCleaner[R0].txt - [1574 bytes] - [22/03/2015 09:32:07]
AdwCleaner[S0].txt - [1515 bytes] - [22/03/2015 09:35:32]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [1574 bytes] ##########

#4 Příspěvek od **Márty84** » 22 bře 2015 11:42

tkalarm píše:omlouvam se za delsi neaktivitu, musel jsem vcera odejit od PC a dostal jsem se zpet az ted.

Nic se nedeje, nemuzem byt u pc porad

Zkontrolujte velikost adresare plochy.

Vypnete antivir, at nebrani programu v praci.

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

tkalarm · #5 Příspěvek od **tkalarm** » 22 bře 2015 17:35

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: MTV Kalinovi
->Temp folder emptied: 4864013 bytes
->Temporary Internet Files folder emptied: 72974 bytes
->FireFox cache emptied: 13130716 bytes
->Google Chrome cache emptied: 16354363 bytes
->Flash cache emptied: 724 bytes

User: Public

User: Správce PC
->Temp folder emptied: 2348647 bytes
->Temporary Internet Files folder emptied: 1705895 bytes
->FireFox cache emptied: 5057870 bytes
->Google Chrome cache emptied: 819568 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 123491727 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 29559059 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 188,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: MTV Kalinovi
->Flash cache emptied: 0 bytes

User: Public

User: Správce PC

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 03222015_173031

tkalarm · #6 Příspěvek od **tkalarm** » 22 bře 2015 17:39

Složka Desktop má 20 Kb

#7 Příspěvek od **Márty84** » 22 bře 2015 17:47

tkalarm píše:Složka Desktop má 20 Kb

Pokud je to opravdu tak, nezbyva nez

I kdyz se mi to zda nejak malo

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

A pokud vse pobezi jak ma, mame hotovo

tkalarm · #8 Příspěvek od **tkalarm** » 22 bře 2015 17:59

Děkuji, hezký den!

#9 Příspěvek od **Márty84** » 22 bře 2015 20:16

Nemate zac!

Pak napiste, zda vse probehlo bez komplikaci a tema uzavreme

tkalarm · #10 Příspěvek od **tkalarm** » 25 bře 2015 19:59

Opožděne ještě jednou děkuji, vše v pořádku.

#11 Příspěvek od **Márty84** » 25 bře 2015 20:14

Super

Neni zac!

Mejte se a treba zase nekdy

VIRY.CZ

Preventivní kontrola logu

Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu

Re: Preventivní kontrola logu