strašně pomalé pc, seká se

[lebka75]

koupil jsem starý počítač, ale je strašně pomalý a seká se

Logfile of random's system information tool 1.09 (written by random/random)
Run by Markéta Paterová at 2011-07-16 13:41:20
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (50%) free of 76 GB
Total RAM: 368 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:42:28, on 16.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\khooker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Markéta Paterová\Plocha\RSIT.exe
C:\Program Files\trend micro\Markéta Paterová.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60040
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {263ACDA0-6F7B-23DF-1530-7B1CF3F0D4FF} - (no file)
O2 - BHO: (no name) - {C7636EC8-9F17-DCE7-7816-D936F13535A7} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\system32\khooker.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SE2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 7682727676
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5572 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\RegPowerClean.job
C:\WINDOWS\tasks\RPCReminder.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{263ACDA0-6F7B-23DF-1530-7B1CF3F0D4FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7636EC8-9F17-DCE7-7816-D936F13535A7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-16 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-16 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiS KHooker"=C:\WINDOWS\system32\khooker.exe [2002-03-26 290816]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON Stylus DX8400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9xadiras]
9xadiras.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adiras]
adiras.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL]
C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe /L ElbyCDFL []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerStrip]
c:\program files\powerstrip\pstrip.exe [2007-12-20 798456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2005-01-30 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS KHooker]
C:\WINDOWS\system32\khooker.exe [2002-03-26 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Tray]
C:\WINDOWS\system32\sistray.EXE [2001-08-13 266240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tloe]
C:\WINDOWS\CROSOF~1.NET\mmc.exe -vt yazb []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE -b -l []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"r_server"=3
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2
"aswUpdSv"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=serwvdrv.dll
"vidc.DIVX"=divx.dll
"vidc.XVID"=xvidvfw.dll
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.lameacm"=lameACM.acm
"vidc.3iv2"=3ivxVfWCodec.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.wmv3"=wmv9vcm.dll
"VIDC.VP60"=vp6vfw.dll
"VIDC.VP61"=vp6vfw.dll
"VIDC.VP62"=vp6vfw.dll
"VIDC.VP31"=vp31vfw.dll
"vidc.MPG4"=Mpg4c32.dll
"vidc.MP42"=Mpg4c32.dll
"vidc.MP43"=Mpg4c32.dll
"msacm.ac3acm"=ac3acm.acm

======List of files/folders created in the last 1 month======

2011-07-16 13:41:20 ----DC---- C:\rsit
2011-07-16 13:33:18 ----DC---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-07-16 13:32:19 ----D---- C:\Program Files\SUPERAntiSpyware
2011-07-16 13:15:36 ----A---- C:\WINDOWS\system32\javaws.exe
2011-07-16 13:15:36 ----A---- C:\WINDOWS\system32\javaw.exe
2011-07-16 13:15:36 ----A---- C:\WINDOWS\system32\java.exe
2011-07-16 13:14:06 ----A---- C:\WINDOWS\imsins.BAK
2011-07-16 12:54:15 ----RSD---- C:\WINDOWS\assembly
2011-07-16 12:51:43 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-16 12:47:41 ----D---- C:\Program Files\FileHippo.com
2011-07-16 12:46:54 ----D---- C:\Program Files\Defraggler
2011-07-16 11:33:15 ----D---- C:\Program Files\CCleaner
2011-07-16 11:25:44 ----DC---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-16 11:25:44 ----D---- C:\Program Files\AVAST Software
2011-07-16 11:20:23 ----D---- C:\WINDOWS\LastGood
2011-07-15 23:57:32 ----ASH---- C:\hiberfil.sys
2011-07-15 23:20:32 ----D---- C:\Program Files\Zoner
2011-07-15 22:27:52 ----D---- C:\Documents and Settings\Markéta Paterová\Data aplikací\SUPERAntiSpyware.com
2011-07-15 21:53:54 ----D---- C:\Program Files\Realtek
2011-07-13 16:33:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 16:22:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-06-29 13:35:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$

======List of files/folders modified in the last 1 month======

2011-07-16 13:42:12 ----D---- C:\Program Files\trend micro
2011-07-16 13:32:19 ----RD---- C:\Program Files
2011-07-16 13:29:22 ----D---- C:\WINDOWS
2011-07-16 13:29:21 ----D---- C:\WINDOWS\system32
2011-07-16 13:29:18 ----D---- C:\WINDOWS\system32\drivers
2011-07-16 13:28:11 ----D---- C:\WINDOWS\Temp
2011-07-16 13:20:32 ----D---- C:\WINDOWS\Debug
2011-07-16 13:20:12 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-16 13:18:44 ----HD---- C:\WINDOWS\inf
2011-07-16 13:18:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-16 13:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2530548$
2011-07-16 13:17:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-07-16 13:17:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-07-16 13:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-07-16 13:16:24 ----SHDC---- C:\Config.Msi
2011-07-16 13:16:24 ----SHD---- C:\WINDOWS\Installer
2011-07-16 13:16:21 ----D---- C:\Program Files\Common Files\Java
2011-07-16 13:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2011-07-16 13:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-07-16 13:14:41 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-07-16 13:13:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2011-07-16 13:11:05 ----D---- C:\Program Files\WinRAR
2011-07-16 13:09:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-16 13:06:48 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-07-16 12:54:50 ----D---- C:\WINDOWS\WinSxS
2011-07-16 12:51:58 ----D---- C:\WINDOWS\system32\mui
2011-07-16 12:51:58 ----D---- C:\Program Files\Internet Explorer
2011-07-16 11:39:43 ----D---- C:\Program Files\DVDFab Platinum
2011-07-16 11:38:16 ----D---- C:\Program Files\Winamp
2011-07-16 11:37:49 ----D---- C:\WINDOWS\Minidump
2011-07-16 11:20:23 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-16 11:18:45 ----D---- C:\WINDOWS\system32\Samsung_Mobile_USB_Drivers
2011-07-16 11:18:05 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-07-16 11:05:35 ----D---- C:\Program Files\TuneUp Utilities 2009
2011-07-16 11:04:53 ----D---- C:\Program Files\Zylom Games
2011-07-16 11:04:41 ----RSD---- C:\WINDOWS\Fonts
2011-07-16 11:04:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-16 11:02:44 ----D---- C:\Program Files\Common Files
2011-07-16 11:02:44 ----D---- C:\Documents and Settings\Markéta Paterová\Data aplikací\Skype
2011-07-16 10:56:23 ----D---- C:\Documents and Settings\Markéta Paterová\Data aplikací\Happy Foto
2011-07-16 10:56:08 ----D---- C:\Program Files\GeoBaze
2011-07-16 10:55:45 ----D---- C:\Program Files\FreeRIP2
2011-07-16 10:55:29 ----D---- C:\WINDOWS\Prefetch
2011-07-16 10:17:48 ----D---- C:\WINDOWS\system32\CatRoot
2011-07-16 09:55:25 ----D---- C:\WINDOWS\system32\ias
2011-07-16 09:46:11 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt
2011-07-16 09:33:59 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-15 23:56:50 ----D---- C:\WINDOWS\system32\config
2011-07-15 23:56:10 ----D---- C:\WINDOWS\system32\wbem
2011-07-15 23:55:59 ----D---- C:\WINDOWS\Registration
2011-07-15 23:25:01 ----D---- C:\Program Files\Mozilla Firefox
2011-07-15 23:20:34 ----D---- C:\Documents and Settings\Markéta Paterová\Data aplikací\Zoner
2011-07-15 23:02:04 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-15 22:44:40 ----DC---- C:\Documents and Settings
2011-07-15 21:00:35 ----D---- C:\Documents and Settings\Markéta Paterová\Data aplikací\MSN6
2011-07-13 14:16:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-06-25 19:11:54 ----D---- C:\Program Files\Java
2011-06-25 18:24:56 ----SD---- C:\WINDOWS\Tasks
2011-06-23 08:50:18 ----A---- C:\WINDOWS\DUMP5bd9.tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2004-12-20 20016]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-14 40960]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 P3;Ovladač procesoru Intel PentiumIII; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2008-04-14 11868]
R2 PStrip;PSTRIP; \??\C:\WINDOWS\system32\DRIVERS\PSTRIP.SYS []
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SiS630;SiS630; C:\WINDOWS\system32\DRIVERS\sis630p.sys [2003-01-23 164608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-11-13 46423]
S3 adiusbaw;ADSL USB MODEM WAN ADAPTER; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-01-12 127721]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 cpuz128;cpuz128; \??\C:\DOCUME~1\MARKTA~1\LOCALS~1\Temp\cpuz_x32.sys []
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SiS300i;SiS300i; C:\WINDOWS\System32\DRIVERS\sis300ip.sys [2001-08-17 101760]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-16 153376]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2008-12-03 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-12-03 362240]
S4 r_server;Remote Administrator Service; C:\WINDOWS\system32\r_server.exe /service []

-----------------EOF-----------------

[Rudy]

Něco nelegitimního tam vidím. Dejte log z ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Další věc je, že velikost RAM (368MB) není nijak závratná.

[lebka75]

ComboFix 11-07-15.03 - Markéta Paterová 16.07.2011 21:18:30.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.368.16 [GMT 2:00]
Spuštěný z: c:\documents and settings\MarkÚta Paterovß\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\appatc~1
c:\program files\Common Files\asembl~1
c:\program files\Common Files\asks~1
c:\program files\Common Files\crosof~1.net
c:\program files\Common Files\curity~1
c:\program files\Common Files\dobe~1
c:\program files\Common Files\fnts~1
c:\program files\Common Files\icroso~1.net
c:\program files\Common Files\mbols~1
c:\program files\Common Files\mcroso~1
c:\program files\Common Files\ppatch~1
c:\program files\Common Files\pppatc~1
c:\program files\Common Files\racle~1
c:\program files\Common Files\smbols~1
c:\program files\Common Files\ssembl~1
c:\program files\Common Files\sstem~1
c:\program files\Common Files\wnsxs~1
c:\program files\Common Files\ystem3~1
c:\program files\curity~1
c:\program files\dobe~1
c:\program files\fnts~1
c:\program files\Internet Explorer\SET294.tmp
c:\program files\Internet Explorer\SET299.tmp
c:\program files\sks~1
c:\program files\ystem~1
c:\windows\crosof~1.net
c:\windows\dobe~1
c:\windows\icroso~1.net
c:\windows\IsUn0405.exe
c:\windows\mantec~1
c:\windows\ppatch~1
c:\windows\racle~1
c:\windows\sstem~1
c:\windows\stem32~1
c:\windows\system\BCBSMP35.BPL
c:\windows\system32\crosof~1.net
c:\windows\system32\pppatc~1
c:\windows\system32\ssembl~1
c:\windows\system32\stem32~1
c:\windows\system32\ymbols~1
c:\windows\wnsxs~1
c:\windows\ymbols~1
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-16 11:51 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-16 11:51 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-16 11:41 . 2011-07-16 11:42 -------- dc----w- C:\rsit
2011-07-16 11:33 . 2011-07-16 11:33 -------- dc----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-07-16 11:32 . 2011-07-16 11:33 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-16 10:47 . 2011-07-16 10:47 -------- d-----w- c:\program files\FileHippo.com
2011-07-16 10:46 . 2011-07-16 10:47 -------- d-----w- c:\program files\Defraggler
2011-07-16 09:33 . 2011-07-16 09:33 -------- d-----w- c:\program files\CCleaner
2011-07-16 09:25 . 2011-07-16 09:25 -------- dc----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-07-16 09:25 . 2011-07-16 09:25 -------- d-----w- c:\program files\AVAST Software
2011-07-16 08:34 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-07-16 08:33 . 2011-04-29 19:07 852480 -c----w- c:\windows\system32\dllcache\vgx.dll
2011-07-15 21:56 . 2011-07-15 21:56 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-15 21:20 . 2011-07-16 09:06 -------- d-----w- c:\program files\Zoner
2011-07-15 20:44 . 2011-07-15 21:01 -------- dcs---w- c:\documents and settings\Administrator
2011-07-15 20:27 . 2011-07-15 20:27 -------- d-----w- c:\documents and settings\Markéta Paterová\Data aplikací\SUPERAntiSpyware.com
2011-07-15 19:53 . 2011-07-15 19:53 -------- d-----w- c:\program files\Realtek
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 11:14 . 2008-02-13 14:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-16 11:14 . 2011-04-28 16:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-23 06:50 . 2005-01-27 20:12 90112 ----a-w- c:\windows\DUMP5bd9.tmp
2011-06-06 11:35 . 2001-10-25 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-02 15:32 . 2005-01-27 20:13 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2001-10-25 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2001-10-25 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2001-10-25 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07 . 2001-10-25 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 14:47 . 2001-10-25 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 14:47 . 2001-10-25 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 14:47 . 2010-05-23 13:18 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-04-25 14:43 . 2005-01-28 17:48 370176 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2001-10-25 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-06-30 2424192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiS KHooker"="c:\windows\system32\khooker.exe" [2002-03-26 290816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
2002-10-15 17:00 1818624 ----a-w- c:\windows\mixer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerStrip]
2007-12-20 15:21 798456 ----a-w- c:\program files\PowerStrip\PStrip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2005-01-30 19:12 77824 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS KHooker]
2002-03-26 09:13 290816 ----a-r- c:\windows\system32\KHOOKER.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Tray]
2001-08-13 08:56 266240 ----a-w- c:\windows\system32\sistray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"r_server"=3 (0x3)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"aswUpdSv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.7.2011 23:55 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R2 PStrip;PSTRIP;c:\windows\system32\drivers\pstrip.sys [15.7.2007 4:37 27992]
R3 SiS630;SiS630;c:\windows\system32\drivers\sis630p.sys [29.1.2005 13:53 164608]
S3 cpuz128;cpuz128;\??\c:\docume~1\MARKTA~1\LOCALS~1\Temp\cpuz_x32.sys --> c:\docume~1\MARKTA~1\LOCALS~1\Temp\cpuz_x32.sys [?]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{263ACDA0-6F7B-23DF-1530-7B1CF3F0D4FF} - (no file)
BHO-{C7636EC8-9F17-DCE7-7816-D936F13535A7} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-9xadiras - 9xadiras.exe
MSConfigStartUp-adiras - adiras.exe
MSConfigStartUp-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
MSConfigStartUp-CloneCDElbyCDFL - c:\program files\Elaborate Bytes\CloneCD\ElbyCheck.exe
MSConfigStartUp-CloneCDTray - c:\program files\Elaborate Bytes\CloneCD\CloneCDTray.exe
MSConfigStartUp-HPDJ Taskbar Utility - c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
MSConfigStartUp-PinnacleDriverCheck - c:\windows\system32\PSDrvCheck.exe
MSConfigStartUp-Tloe - c:\windows\CROSOF~1.NET\mmc.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-16 21:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(376)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Celkový čas: 2011-07-16 21:32:24
ComboFix-quarantined-files.txt 2011-07-16 19:32
.
Před spuštěním: Volných bajtů: 39 900 844 032
Po spuštění: Volných bajtů: 39 917 977 600
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 03F744D04DABE0AF23373D4330808077

[Rudy]

Několik položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna?

[lebka75]

vypadá to, že se složky otevírají rychleji . Ještě bych se chtěl zeptat, koupil jsem to již s nainstalovanými origo XPéčkami a jsou tam dva disky jeden 80 GB ( disk C ) a druhý 10 GB, ale ten je rozdělený na 3 ( disk F ) a 7 ( disk G ) GB, chci ho sloučit na původních 10 GB, ale koukal jsem, že složka Windows je na disku C i na disku F, mohu ten disk F zformátovat a spojit s diskem G. Možná jsem se do toho už zamotal a špatně to vysvětlil, ale snad to trošku pochopíte, abyste mi mohl poradit

[Rudy]

Podle logu vám systém jede z disku C:\ (ten je systémový) a nemůže být systém na 2 discích zároveň (v tomto případě). Tzn, že ten 2. disk (10GB) klidně můžete sloučit). Ověřit si to můžete třeba tak, že od toho datového disku odpojíte kabel. Systém poběží, ale datový disk nebude přístupný.

[lebka75]

jo běží to i po odpojení,tak to je super.Jak by bylo nejlepší udělat to sloučení Nějakým programem

[Rudy]

jo běží to i po odpojení,tak to je super.Jak by bylo nejlepší udělat to sloučení Nějakým programem

Jde to i rovnou ze systému, ale musel byste zálohovat někam všechny uložená data. Pak jednoduše z Tento počítač>(pravým myšítkem) spravovat>správa disků u příslušné fyzické jednotky zrušíte všechny partition, znovu vytvoříte jedinou a zformátujete. Lze to též provást různými diskovými manažéry, ale to jsou většinou placené programy: http://www.stahuj.centrum.cz/utility_a_ ... ava_disku/ .

[lebka75]

ty disky F a G které chci sloučit mám už prázdné,nejsou na nich žádná data,takže by to neměl být problém

[Rudy]

Ne, neměl.

[lebka75]

ok disky se povedly, ještě s zeptám jestli se dá udělat něco s tou velikostí RAM (368MB), aby bylo trošku zlepšení ( trošku se seká i video jestli to má vliv )a zda to u starého pc má vůbec cenu?

[Rudy]

ok disky se povedly, ještě s zeptám jestli se dá udělat něco s tou velikostí RAM (368MB), aby bylo trošku zlepšení ( trošku se seká i video jestli to má vliv )a zda to u starého pc má vůbec cenu?

Jedině nějakou přidat tak, aby PC měl alespoň 512MB, což pro XP většinou vyhoví, pokud nebudete pařit hry, nebo dělat nějaké graficky náročné operace. Musíte si ověřit typ modulů RAM a pak se kouknout kolik by stál eventuálně nový modul.

[lebka75]

moc děkuji, zkusím to odpoledne otevřít a podívám se co je vevnitř, nebo se to dá zjistit i jinak ten tip RAMky

[Rudy]

moc děkuji, zkusím to odpoledne otevřít a podívám se co je vevnitř, nebo se to dá zjistit i jinak ten tip RAMky

Dá se pomocí programu Everest: http://www.stahuj.centrum.cz/utility_a_ ... y/everest/ . Program určí, zda jde o typ SDRAM, DDR1, DDR2 atd. I tak se ale může stát. že nový modul nebude spolupracovat s těmi původními. je dobré si domlivit s prodejcem jeho eventuální výměnu. Také je dobré vědět, zda mát na desce ještě volný bank, jinak budete muset jeden z modůlů vyjmout dříve, než tam dáte jiný, větší.

[lebka75]

jo bank tam volny již není jsou tam jenom dva a již obsazené v týdnu skočím ty paměti nechat vyměnit, teď po instalaci avastu to skoro neběhá . Děkuji za rady