kontrola log

Zpráva

phego123 · #1 Příspěvek od **phego123** » 13 čer 2012 13:52

Logfile of random's system information tool 1.09 (written by random/random)
Run by alaNN at 2012-06-13 14:50:13
Microsoft Windows 7 Home Premium
System drive D: has 361 GB (84%) free of 427 GB
Total RAM: 2048 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:18, on 13. 6. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\SweetIM\Messenger\SweetIM.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\EXPERTool KKK\TBPANEL.exe
D:\Users\alaNN\AppData\Local\Google\Update\GoogleUpdate.exe
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\Windows\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Users\alaNN\Downloads\RSIT.exe
D:\Program Files\trend micro\alaNN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GAINWARD] D:\Program Files\EXPERTool KKK\TBPanel.exe /A
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "D:\Users\alaNN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4206158437-3673364905-2597476946-1016\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4206158437-3673364905-2597476946-1016\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 4924 bytes

======Scheduled tasks folder======

D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4206158437-3673364905-2597476946-1002Core.job

=========Mozilla firefox=========

ProfilePath - D:\Users\alaNN\AppData\Roaming\Mozilla\Firefox\Profiles\yiiicjfd.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=D:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

D:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
NPOFF12.DLL

D:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
wikipedia-sk.xml
zoznam-sk.xml

D:\Users\alaNN\AppData\Roaming\Mozilla\Firefox\Profiles\yiiicjfd.default\searchplugins\
SweetIM Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=D:\Program Files\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"=D:\Program Files\EXPERTool KKK\TBPanel.exe [2008-05-23 2170880]
"RGSC"=D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Steam"=D:\Program Files\Steam\steam.exe [2012-05-05 1242448]
"Google Update"=D:\Users\alaNN\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-21 116648]

D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=D:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - D:\Windows\System32\Notepad.exe %1
.js - open - D:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-13 14:25:48 ----D---- D:\rsit
2012-06-13 14:25:48 ----D---- D:\Program Files\trend micro
2012-06-11 15:02:07 ----D---- D:\Users\alaNN\AppData\Roaming\ESET
2012-06-11 14:51:05 ----D---- D:\ProgramData\Sun
2012-06-11 14:51:03 ----D---- D:\Program Files\Common Files\Java
2012-06-11 14:49:21 ----D---- D:\Program Files\Oracle
2012-06-11 14:47:40 ----A---- D:\Windows\system32\deployJava1.dll
2012-06-11 14:47:39 ----A---- D:\Windows\system32\npDeployJava1.dll
2012-06-11 14:47:39 ----A---- D:\Windows\system32\javaws.exe
2012-06-11 14:47:24 ----A---- D:\Windows\system32\javaw.exe
2012-06-11 14:47:24 ----A---- D:\Windows\system32\java.exe
2012-06-11 14:47:03 ----D---- D:\Program Files\Java
2012-06-10 17:34:53 ----D---- D:\Program Files\CCleaner
2012-05-28 18:39:49 ----D---- D:\Program Files\MSECache
2012-05-26 07:40:39 ----D---- D:\918da0625e3549569566
2012-05-21 16:03:20 ----A---- D:\Windows\system32\msonpmon.dll
2012-05-21 15:59:32 ----D---- D:\Program Files\Microsoft Works
2012-05-21 15:58:51 ----D---- D:\Program Files\Microsoft Visual Studio
2012-05-21 15:58:50 ----D---- D:\Program Files\Common Files\DESIGNER
2012-05-21 15:57:44 ----D---- D:\Windows\PCHEALTH
2012-05-21 15:57:44 ----D---- D:\Program Files\Microsoft.NET
2012-05-21 15:53:35 ----D---- D:\Program Files\Microsoft Visual Studio 8
2012-05-21 15:52:16 ----D---- D:\Program Files\Microsoft Office
2012-05-21 15:52:15 ----D---- D:\ProgramData\Microsoft Help
2012-05-21 15:51:04 ----RHD---- D:\MSOCache
2012-05-15 18:12:57 ----D---- D:\Program Files\AnyUtils

======List of files/folders modified in the last 1 month======

2012-06-13 14:50:16 ----D---- D:\Windows\Temp
2012-06-13 14:25:48 ----RD---- D:\Program Files
2012-06-13 14:25:05 ----D---- D:\Windows\system32\config
2012-06-13 14:14:58 ----D---- D:\Windows\system32\catroot
2012-06-13 14:14:52 ----D---- D:\Windows\winsxs
2012-06-13 14:12:10 ----D---- D:\Windows\system32\catroot2
2012-06-13 14:08:09 ----SHD---- D:\System Volume Information
2012-06-13 14:04:52 ----D---- D:\Program Files\Steam
2012-06-13 14:03:56 ----D---- D:\ProgramData\NVIDIA
2012-06-12 19:43:02 ----SHD---- D:\Config.Msi
2012-06-12 19:41:14 ----SHD---- D:\Windows\Installer
2012-06-12 19:31:57 ----HD---- D:\ProgramData
2012-06-12 19:30:48 ----D---- D:\Windows\system32\DriverStore
2012-06-12 19:30:48 ----D---- D:\Windows\inf
2012-06-12 19:30:04 ----D---- D:\Windows\system32\drivers
2012-06-12 18:36:02 ----D---- D:\pesničky
2012-06-12 18:26:31 ----D---- D:\Windows\System32
2012-06-12 18:26:31 ----A---- D:\Windows\system32\PerfStringBackup.INI
2012-06-12 15:11:22 ----D---- D:\Windows\system32\wfp
2012-06-12 15:11:21 ----D---- D:\Windows
2012-06-12 15:11:20 ----D---- D:\Windows\system32\wbem
2012-06-12 15:09:54 ----D---- D:\Windows\registration
2012-06-12 06:39:02 ----SD---- D:\Users\alaNN\AppData\Roaming\Microsoft
2012-06-11 14:51:03 ----D---- D:\Program Files\Common Files
2012-06-11 06:54:01 ----D---- D:\Windows\system32\NDF
2012-06-10 17:35:53 ----D---- D:\Windows\Panther
2012-06-10 17:35:51 ----D---- D:\Windows\Minidump
2012-06-10 17:35:51 ----D---- D:\Windows\Logs
2012-06-10 17:35:51 ----D---- D:\Windows\debug
2012-06-10 15:50:23 ----D---- D:\Windows\Prefetch
2012-06-10 12:59:36 ----D---- D:\lnx1334 STEAM
2012-05-21 17:15:25 ----D---- D:\Windows\system32\drivers\etc
2012-05-21 16:04:03 ----RSD---- D:\Windows\assembly
2012-05-21 15:59:27 ----D---- D:\Program Files\Common Files\microsoft shared
2012-05-21 15:59:16 ----D---- D:\Program Files\MSBuild
2012-05-21 15:58:45 ----D---- D:\Windows\ShellNew
2012-05-21 15:58:05 ----RSD---- D:\Windows\Fonts
2012-05-21 15:57:44 ----SD---- D:\ProgramData\Microsoft
2012-05-21 15:53:04 ----A---- D:\Windows\win.ini
2012-05-21 15:53:01 ----D---- D:\Program Files\Common Files\System
2012-05-21 15:23:31 ----D---- D:\Windows\Tasks
2012-05-19 12:28:54 ----D---- D:\Program Files\Common Files\Steam
2012-05-16 15:46:01 ----D---- D:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; D:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; D:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R2 Parvdm;Parvdm; D:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 TBPanel;TBPanel; D:\Windows\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; D:\Windows\system32\DRIVERS\SiSGB6.sys [2009-07-14 48128]
S3 aic78xx;aic78xx; D:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; D:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; D:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 sisagp;SIS AGP Bus Filter; D:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 viaagp;VIA AGP Bus Filter; D:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; D:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; D:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 nvsvc;NVIDIA Display Driver Service; D:\Windows\system32\nvvsvc.exe [2012-02-29 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 McComponentHostService;McAfee Security Scan Component Host Service; D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2012-05-19 529232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; D:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-04 1343400]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 13 čer 2012 14:51

Zdravím.

Vydž minutku, na logu se intenzivně pracuje. Obrázek

#3 Příspěvek od **Mc_Murphy** » 13 čer 2012 15:06

Jako první si doinstaluj Windows 7 Service Pack 1 a všechny dostupné aktualizace!

Odinstaluj SweetIM.

Potom fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\alaNN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Dále stáhni utilitu OTM z jednoho z těchto odkazů:

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Files
D:\Users\alaNN\AppData\Roaming\ESET
D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4206158437-3673364905-2597476946-1002Core.job
D:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
D:\Users\alaNN\AppData\Roaming\Mozilla\Firefox\Profiles\yiiicjfd.default\searchplugins\SweetIM Search.xml
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-
"GrooveMonitor"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=-
"Steam"=-
"Google Update"=-

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

phego123 · #4 Příspěvek od **phego123** » 14 čer 2012 12:16

ok, pracuje sa na tom

lenže problem je nájsť C:\Program Files\trend micro\alaNN.exe
EDIT : Mám to v dečku

#5 Příspěvek od **Mc_Murphy** » 14 čer 2012 12:19

Musí tam být. Jestli jsi ho "náhodou" akčně sám smazal, tak stáhni RSIT znovu a spusť jej, on ten soubor zase vytvoří.

phego123 · #6 Příspěvek od **phego123** » 14 čer 2012 12:28

ok všetko mám, už len ten OTM- 10 minut este stahujem service pack 1

phego123 · #7 Příspěvek od **phego123** » 14 čer 2012 12:53

All processes killed
========== COMMANDS ==========

HOSTS file reset successfully

[EMPTYTEMP]

User: alaNN
->Temp folder emptied: 496054411 bytes
->Temporary Internet Files folder emptied: 2958831 bytes
->Java cache emptied: 5862 bytes
->FireFox cache emptied: 110250358 bytes
->Google Chrome cache emptied: 6317892 bytes
->Opera cache emptied: 166273 bytes
->Flash cache emptied: 3768939 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1650345 bytes
RecycleBin emptied: 149977130 bytes

Total Files Cleaned = 735,00 mb

[EMPTYFLASH]

User: alaNN
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

========== FILES ==========
D:\Users\alaNN\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
D:\Users\alaNN\AppData\Roaming\ESET folder moved successfully.
D:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4206158437-3673364905-2597476946-1002Core.job moved successfully.
D:\Program Files\Mozilla Firefox\searchplugins\eBay.xml moved successfully.
D:\Users\alaNN\AppData\Roaming\Mozilla\Firefox\Profiles\yiiicjfd.default\searchplugins\SweetIM Search.xml moved successfully.
File/Folder D:\Windows\system32\*.tmp.dll not found.
File/Folder D:\Windows\system32\SET*.tmp not found.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP453.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5022.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP50BE.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP512C.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B5F.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8008.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA2A4.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBF2B.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCA50.tmp folder moved successfully.
D:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE0D1.tmp folder moved successfully.
D:\Windows\SoftwareDistribution\Download\893c9bd1b159e542b3bc1eeeb6bcc802\BIT61BE.tmp moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.

OTM by OldTimer - Version 3.1.19.0 log created on 06142012_133113

Files moved on Reboot...
File D:\Windows\temp\TMP00000049167E283CAFAB7D2F not found!

Registry entries deleted on Reboot...

#8 Příspěvek od **Mc_Murphy** » 14 čer 2012 17:24

OK, OTM provedlo, co mělo.

Povedla se instalace Service Packu 1 a případných dalších aktualizací? A jak se chová počítač teď, můžeme dočistit?

phego123 · #9 Příspěvek od **phego123** » 14 čer 2012 18:59

no na kazdej hre mam fps 100 ale niekedy mi to skoci na 30 a ptm to na 30 zostane to mi nerobilo neviem preco skusim rein ovladac gk

#10 Příspěvek od **Mc_Murphy** » 15 čer 2012 06:02

Problematikou her se zde nezabýváme, takže v tom Ti moc neporadím, ale ovladač přeinstalovat zkus, uvidíš.
A my zde ještě dočistíme.

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

phego123 · #11 Příspěvek od **phego123** » 17 čer 2012 09:34

omg po tej kontrole 1. čo ste mi dali mam ešte v horšom stave PC ak som mal...
chcem si hocičo stiahnuť reštartne sa mi počitač a to vždy.
V každej hre mam fps 30-40 co som mal 100fps aj po rein. grafickeho ovladača.........

#12 Příspěvek od **Mc_Murphy** » 17 čer 2012 13:00

Mno, tak za prvé, ten tón a přístup si vyprošuji, takhle jako ne. Obrázek

Dále... to stoprocentně nebude mou prohlídkou. Jako klasicky jsem promazal jen zbytečnosti, které zdržují chod PC. V počítači může být v nepořádku více věcí. Od nelegálního systému až třeba po konflikt driverů, všechno je možné. Nevím, co všechno s počítačem provádíš, v jakém ho máš stavu, jestli se Ti třeba nepřehřívá nebo jsi do toho ještě něco neinstaloval, tak tu na mě nepořvávej, buď tak laskav.

Jestli chceš nadále pomáhat, tak zvol prosím laskavější věty nebo budeme hotovi ihned! Pomáháme zde ve svém volném čase, zcela dobrovolně a zadarmo a vážně nejsem zvědavý na nějaké výšplechty.
Popiš radši, jestli jsi nainstaloval SP1, jak jsem Ti psal, jak to dopadlo a jestli jsi něco v mezidobí nedělal, neinstaloval.

Máš čistý PC? Není zaprášený? Nepřehřívá se? Restartuje se nebo padá do BSOD? "OMG" mi jako osvětlení problému opravdu nestačí.
Můžeme na to pustit silnější nástroje, ale nemyslím si, že by v tom byla havěť. Případně sem můžu poslat kolegu, který se lépe vyzná v HW problematice než já - může mrknout, jestli není problém v HW nebo v driverech.

phego123 · #13 Příspěvek od **phego123** » 17 čer 2012 13:16

Ok, prepáč

Bol by som rád.

#14 Příspěvek od **Mc_Murphy** » 18 čer 2012 05:21

OK, v poho.
Udělej mi ještě scan RogueKillerem přesně podle návodu a až budu mít výsledek, pošlu sem kolegu, ať mrkne na možné hardwarové problémy.

Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukonči všechny programy!
Spusť RogueKiller. Pokud používáš Win Vista či Win 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Potom klikni na [Prohledat] a počkej, až prohlídka proběhne.
Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.

phego123 · #15 Příspěvek od **phego123** » 18 čer 2012 10:08

nEMOžEM TO STIAHNUT LEBO SA MI RESTARTUJE PC !

VIRY.CZ

kontrola log

kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log

Re: kontrola log