zdravím, mám tu problém s jedním PC, který je tak zpomalený, že už se skoro nedá používám, tak bych chtěl poprosit o kontrolu logu, zda je to softwarová záležitost, předem díky
Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by User1 at 2012-08-17 22:21:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 511 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:54, on 17.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ICQ7.6\ICQ.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User1\Plocha\RSIT.exe
C:\Program Files\trend micro\User1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu10\toolbaru.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 7785 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.cz"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\
icq-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\tbu10\toolbaru.dll [2006-12-17 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-07-03 1160792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-07-03 1160792]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2006-09-19 827392]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2009-02-20 326656]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-07-03 4273976]
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2012-07-02 4473728]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2005-11-29 57344]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-05-28 288128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\WINDOWS\FixCamera.exe [2007-07-11 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2006-03-23 1398272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe [2005-11-29 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-02-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"Microsoft Office Groove Audit Service"=3
"InCDsrv"=2
"OODefragAgent"=2
"JavaQuickStarterService"=2
"CTDevice_Srv"=2
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Hlavní panel ATI CATALYST.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.mjpg"=mcmjpg32.dll
"vidc.ffds"=ffdshow.ax
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.lhacm"=lhacm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-08-17 22:10:29 ----ASH---- C:\hiberfil.sys
2012-08-17 20:46:23 ----A---- C:\WINDOWS\ntbtlog.txt
2012-08-17 12:43:09 ----D---- C:\Program Files\DesetiPrsty
2012-08-15 21:47:22 ----D---- C:\Program Files\Common Files\Java
2012-08-15 21:45:48 ----D---- C:\Program Files\Oracle
2012-08-15 21:45:36 ----D---- C:\Documents and Settings\User1\Data aplikací\Oracle
2012-08-15 21:45:20 ----A---- C:\WINDOWS\system32\javaws.exe
2012-08-15 21:45:11 ----A---- C:\WINDOWS\system32\javaw.exe
2012-08-15 21:45:11 ----A---- C:\WINDOWS\system32\java.exe
2012-08-15 20:57:53 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-08-15 11:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-15 11:07:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-15 11:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-15 11:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-15 10:58:24 ----A---- C:\WINDOWS\imsins.BAK
2012-08-14 21:24:02 ----D---- C:\Documents and Settings\User1\Data aplikací\Fighters
2012-08-14 21:21:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Fighters
2012-08-12 16:37:49 ----A---- C:\WINDOWS\system32\d3d9caps.dat
======List of files/folders modified in the last 1 month======
2012-08-17 22:21:51 ----D---- C:\Program Files\trend micro
2012-08-17 22:21:22 ----D---- C:\WINDOWS\Temp
2012-08-17 22:21:16 ----D---- C:\WINDOWS\Prefetch
2012-08-17 22:12:07 ----D---- C:\WINDOWS
2012-08-17 20:45:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-17 20:44:04 ----D---- C:\Documents and Settings\User1\Data aplikací\ICQ
2012-08-17 12:43:09 ----D---- C:\Program Files
2012-08-17 10:13:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-15 21:47:23 ----SHD---- C:\WINDOWS\Installer
2012-08-15 21:47:23 ----SHD---- C:\Config.Msi
2012-08-15 21:47:22 ----D---- C:\Program Files\Common Files
2012-08-15 21:46:23 ----D---- C:\WINDOWS\system32
2012-08-15 21:44:41 ----D---- C:\Program Files\Java
2012-08-15 20:26:31 ----D---- C:\Program Files\Mozilla Firefox
2012-08-15 12:30:49 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-15 11:09:02 ----HD---- C:\WINDOWS\inf
2012-08-15 11:09:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-15 11:08:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-08-15 11:06:58 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-15 11:04:12 ----D---- C:\WINDOWS\Debug
2012-08-15 11:03:47 ----A---- C:\WINDOWS\system32\MRT.exe
2012-08-15 11:02:00 ----D---- C:\WINDOWS\system32\drivers
2012-08-15 10:58:12 ----D---- C:\Program Files\Internet Explorer
2012-08-15 10:57:51 ----D---- C:\WINDOWS\ie8updates
2012-08-14 22:04:06 ----RASH---- C:\boot.ini
2012-08-14 22:04:06 ----A---- C:\WINDOWS\win.ini
2012-08-14 22:04:06 ----A---- C:\WINDOWS\system.ini
2012-08-14 21:41:29 ----SD---- C:\WINDOWS\Tasks
2012-08-12 18:04:02 ----D---- C:\Documents and Settings\User1\Data aplikací\Winamp
2012-08-12 17:02:14 ----D---- C:\WINDOWS\system32\config
2012-08-06 22:46:35 ----D---- C:\Documents and Settings\User1\Data aplikací\OpenOffice.org2
2012-07-19 22:34:43 ----A---- C:\WINDOWS\NeroDigital.ini
2012-07-18 22:33:35 ----D---- C:\Documents and Settings\User1\Data aplikací\Skype
2012-07-18 22:05:04 ----D---- C:\Documents and Settings\User1\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-02-17 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-03-23 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-23 33536]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2006-03-23 102016]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adrr243n;adrr243n; C:\WINDOWS\system32\drivers\adrr243n.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 catchme;catchme; \??\C:\DOCUME~1\User1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PPDrv;Protector Plus Driver (UnRegistered); \??\C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver; \??\C:\Protector Plus\PPEMSCAN.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-03-26 10252544]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-16 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-16 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-15 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S4 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-03-23 880128]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalý PC
Zdravim 
Vas pocitac, nebo nejaka zakazka? 
Nejdrive odinstalujte Advanced SystemCare a vse ostatni od IObit. Dela to vic skody nez uzitku.
Pak tu dejte novy log z RSIT
radeeek píše:zdravím, mám tu problém s jedním PC......
Vas pocitac, nebo nejaka zakazka? Nejdrive odinstalujte Advanced SystemCare a vse ostatni od IObit. Dela to vic skody nez uzitku. Pak tu dejte novy log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
můj PC to není, ale o zakázku se též nejedná, jen PC kamarádaMárty84 píše:
tady je nový log:Márty84 píše:
Logfile of random's system information tool 1.09 (written by random/random)
Run by User1 at 2012-08-18 15:20:32
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (10%) free of 76 GB
Total RAM: 511 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:20:54, on 18.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\User1\Plocha\RSIT.exe
C:\Program Files\trend micro\User1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu10\toolbaru.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6812 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.cz"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\
icq-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\tbu10\toolbaru.dll [2006-12-17 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-07-03 1160792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-07-03 1160792]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2006-09-19 827392]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2009-02-20 326656]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-07-03 4273976]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2005-11-29 57344]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\WINDOWS\FixCamera.exe [2007-07-11 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2006-03-23 1398272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe [2005-11-29 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-02-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"Microsoft Office Groove Audit Service"=3
"InCDsrv"=2
"OODefragAgent"=2
"JavaQuickStarterService"=2
"CTDevice_Srv"=2
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Hlavní panel ATI CATALYST.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.mjpg"=mcmjpg32.dll
"vidc.ffds"=ffdshow.ax
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.lhacm"=lhacm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-08-17 22:10:29 ----ASH---- C:\hiberfil.sys
2012-08-17 20:46:23 ----A---- C:\WINDOWS\ntbtlog.txt
2012-08-17 12:43:09 ----D---- C:\Program Files\DesetiPrsty
2012-08-15 21:47:22 ----D---- C:\Program Files\Common Files\Java
2012-08-15 21:45:48 ----D---- C:\Program Files\Oracle
2012-08-15 21:45:36 ----D---- C:\Documents and Settings\User1\Data aplikací\Oracle
2012-08-15 21:45:20 ----A---- C:\WINDOWS\system32\javaws.exe
2012-08-15 21:45:11 ----A---- C:\WINDOWS\system32\javaw.exe
2012-08-15 21:45:11 ----A---- C:\WINDOWS\system32\java.exe
2012-08-15 20:57:53 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-08-15 11:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-15 11:07:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-15 11:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-15 11:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-15 10:58:24 ----A---- C:\WINDOWS\imsins.BAK
2012-08-14 21:24:02 ----D---- C:\Documents and Settings\User1\Data aplikací\Fighters
2012-08-14 21:21:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Fighters
2012-08-12 16:37:49 ----A---- C:\WINDOWS\system32\d3d9caps.dat
======List of files/folders modified in the last 1 month======
2012-08-18 15:20:39 ----D---- C:\Program Files\trend micro
2012-08-18 15:20:10 ----D---- C:\WINDOWS\Temp
2012-08-18 15:18:32 ----D---- C:\WINDOWS
2012-08-18 15:17:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-18 15:16:04 ----D---- C:\Documents and Settings\User1\Data aplikací\ICQ
2012-08-18 15:15:01 ----D---- C:\Program Files
2012-08-18 15:14:18 ----D---- C:\WINDOWS\Prefetch
2012-08-18 15:14:16 ----D---- C:\WINDOWS\system32\drivers
2012-08-18 15:14:16 ----D---- C:\WINDOWS\system32
2012-08-17 23:39:22 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-17 22:22:13 ----D---- C:\rsit
2012-08-17 10:13:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-15 21:47:23 ----SHD---- C:\WINDOWS\Installer
2012-08-15 21:47:23 ----SHD---- C:\Config.Msi
2012-08-15 21:47:22 ----D---- C:\Program Files\Common Files
2012-08-15 21:44:41 ----D---- C:\Program Files\Java
2012-08-15 20:26:31 ----D---- C:\Program Files\Mozilla Firefox
2012-08-15 11:09:02 ----HD---- C:\WINDOWS\inf
2012-08-15 11:09:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-15 11:08:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-08-15 11:06:58 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-15 11:04:12 ----D---- C:\WINDOWS\Debug
2012-08-15 11:03:47 ----A---- C:\WINDOWS\system32\MRT.exe
2012-08-15 10:58:12 ----D---- C:\Program Files\Internet Explorer
2012-08-15 10:57:51 ----D---- C:\WINDOWS\ie8updates
2012-08-14 22:04:06 ----RASH---- C:\boot.ini
2012-08-14 22:04:06 ----A---- C:\WINDOWS\win.ini
2012-08-14 22:04:06 ----A---- C:\WINDOWS\system.ini
2012-08-14 21:41:29 ----SD---- C:\WINDOWS\Tasks
2012-08-12 18:04:02 ----D---- C:\Documents and Settings\User1\Data aplikací\Winamp
2012-08-12 17:02:14 ----D---- C:\WINDOWS\system32\config
2012-08-06 22:46:35 ----D---- C:\Documents and Settings\User1\Data aplikací\OpenOffice.org2
2012-07-19 22:34:43 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-02-17 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-03-23 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-23 33536]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2006-03-23 102016]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 ahweqmro;ahweqmro; C:\WINDOWS\system32\drivers\ahweqmro.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\User1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PPDrv;Protector Plus Driver (UnRegistered); \??\C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver; \??\C:\Protector Plus\PPEMSCAN.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-03-26 10252544]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-16 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-16 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-15 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S4 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-03-23 880128]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Re: Pomalý PC
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Najdete tento soubor C:\Program Files\trend micro\User1.exe a spustte ho.Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko
Kód: Vybrat vše
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu10\toolbaru.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
:services
catchme
JavaQuickStarterService
gupdate
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icq-search.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-1.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-2.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-3.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-4.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-5.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-6.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-7.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.gif
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.src
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.xml
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\sweetim.xml
C:\Program Files\ICQToolbar
C:\Program Files\IObit
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
zde první log z toho User1.exe:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 1988385 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33186 bytes
User: User1
->Temp folder emptied: 28773679 bytes
->Temporary Internet Files folder emptied: 3055308 bytes
->Java cache emptied: 1790366 bytes
->FireFox cache emptied: 187701274 bytes
->Google Chrome cache emptied: 197655448 bytes
->Flash cache emptied: 1226 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148726 bytes
%systemroot%\System32 .tmp files removed: 729032 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17156 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 433149334 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 99328 bytes
Total Files Cleaned = 818,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: User1
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icq-search.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files\ICQToolbar\tbu10\Cache folder moved successfully.
C:\Program Files\ICQToolbar\tbu10 folder moved successfully.
C:\Program Files\ICQToolbar folder moved successfully.
File/Folder C:\Program Files\IObit not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a3e09be-1e45-494b-9174-d7385b45bbf5}\ not found.
OTM by OldTimer - Version 3.1.21.0 log created on 08182012_175736
Files moved on Reboot...
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 5 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\studie Ċíslo 3oprava2.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 4 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\Studie 3 - opravena.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 3 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\Petr VĊelák 3.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 22 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS08\studie 8- text.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 21 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS08\studie8.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 2 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\Kolar-PS3.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 19 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS08\studie8.doc not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
___________________________________________________________________________________________________________________
zde log z MBAM:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
http://www.malwarebytes.org
Verze databáze: v2012.08.18.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User1 :: PC [administrátor]
Ochrana: Povolena
18.8.2012 18:15:14
mbam-log-2012-08-18 (18-15-14).txt
Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 301321
Uplynulý Ċas: 1 hodin, 29 minut, 30 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíĊe v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 1988385 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33186 bytes
User: User1
->Temp folder emptied: 28773679 bytes
->Temporary Internet Files folder emptied: 3055308 bytes
->Java cache emptied: 1790366 bytes
->FireFox cache emptied: 187701274 bytes
->Google Chrome cache emptied: 197655448 bytes
->Flash cache emptied: 1226 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148726 bytes
%systemroot%\System32 .tmp files removed: 729032 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17156 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 433149334 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 99328 bytes
Total Files Cleaned = 818,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: User1
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icq-search.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files\ICQToolbar\tbu10\Cache folder moved successfully.
C:\Program Files\ICQToolbar\tbu10 folder moved successfully.
C:\Program Files\ICQToolbar folder moved successfully.
File/Folder C:\Program Files\IObit not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a3e09be-1e45-494b-9174-d7385b45bbf5}\ not found.
OTM by OldTimer - Version 3.1.21.0 log created on 08182012_175736
Files moved on Reboot...
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 5 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\studie Ċíslo 3oprava2.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 4 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\Studie 3 - opravena.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 3 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\Petr VĊelák 3.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 22 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS08\studie 8- text.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 21 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS08\studie8.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 2 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS03\Kolar-PS3.doc not found!
File C:\Documents and Settings\User1\Local Settings\Temp\DoĊasný adresář 19 pro Pripadove-studie_financni-analyza.zip\Případové studie z finanĊní analýzy manažerských rozhodovacích procesů\Vypracované\6MP509_-_Pripadove_studie_(Kolar)_(Ut)\cizi-srovnano\PS08\studie8.doc not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
___________________________________________________________________________________________________________________
zde log z MBAM:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
http://www.malwarebytes.org
Verze databáze: v2012.08.18.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User1 :: PC [administrátor]
Ochrana: Povolena
18.8.2012 18:15:14
mbam-log-2012-08-18 (18-15-14).txt
Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 301321
Uplynulý Ċas: 1 hodin, 29 minut, 30 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíĊe v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Pomalý PC
MBAM zase odinstalujte. Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/Nainstalujte a spustte. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte diskStahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci
Az vse provedete, napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
zde log z CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/08/19 11:09:52
-- Controller Map ----------------------------------------------------------
+ NVIDIA nForce4 Parallel ATA Controller [ATA]
- HL-DT-ST DVDRAM GSA-4167B
+ NVIDIA nForce4 Serial ATA Controller [ATA]
- ST3808110AS
+ AXJS32JC IDE Controller [SCSI]
- SPORO MNOL6785I3 SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) ST3808110AS : 80,0 GB [0/1/0, pd1] - st
----------------------------------------------------------------------------
(1) ST3808110AS
----------------------------------------------------------------------------
Model : ST3808110AS
Firmware : 3.AAD
Serial Number : 4LR096VC
Disk Size : 80,0 GB (8,4/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 156299375
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 549 hod.
Power On Count : 3191 krát
Temparature : 45 C (113 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _93 _87 __6 000000000000 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 0000000000E2 Počet sputění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _73 _60 _30 0000014F9A10 Počet chybných hledání
09 100 100 __0 000000000225 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000C77 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohláeno neopravitelných chyb
BD _98 _98 __0 000000000002 Vysoká rychlost zápisu
BE _55 _53 _45 00002D2B002D Teplota toku vzduchu
C2 _45 _47 __0 00120000002D Teplota
C3 _66 _46 __0 000003F03EA0 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 344C 344C 5230 3936 5643
020: 0000 4000 0004 332E 4141 2020 2020 5354 3338 3038
030: 3131 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: F06F 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0040 0040
080: 00FE 0000 346B 7D01 4023 3C01 3C01 4023 407F 0000
090: 0000 FEFE FFFE 0000 FE00 0000 0000 0000 0000 0000
100: F06F 0950 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 F8B0
130: 0950 F8B0 0950 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 00A2 0202 0000 0404 0000 0000 0000 0000 0C00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 89A5
__________________________________________________________
co se týče funkčnosti, tak je to o něco lepší, než to bylo před tím, už se nepouští tolik procesů a je to rychlejší
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/08/19 11:09:52
-- Controller Map ----------------------------------------------------------
+ NVIDIA nForce4 Parallel ATA Controller [ATA]
- HL-DT-ST DVDRAM GSA-4167B
+ NVIDIA nForce4 Serial ATA Controller [ATA]
- ST3808110AS
+ AXJS32JC IDE Controller [SCSI]
- SPORO MNOL6785I3 SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) ST3808110AS : 80,0 GB [0/1/0, pd1] - st
----------------------------------------------------------------------------
(1) ST3808110AS
----------------------------------------------------------------------------
Model : ST3808110AS
Firmware : 3.AAD
Serial Number : 4LR096VC
Disk Size : 80,0 GB (8,4/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 156299375
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 549 hod.
Power On Count : 3191 krát
Temparature : 45 C (113 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _93 _87 __6 000000000000 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 0000000000E2 Počet sputění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _73 _60 _30 0000014F9A10 Počet chybných hledání
09 100 100 __0 000000000225 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000C77 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohláeno neopravitelných chyb
BD _98 _98 __0 000000000002 Vysoká rychlost zápisu
BE _55 _53 _45 00002D2B002D Teplota toku vzduchu
C2 _45 _47 __0 00120000002D Teplota
C3 _66 _46 __0 000003F03EA0 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 344C 344C 5230 3936 5643
020: 0000 4000 0004 332E 4141 2020 2020 5354 3338 3038
030: 3131 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: F06F 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0040 0040
080: 00FE 0000 346B 7D01 4023 3C01 3C01 4023 407F 0000
090: 0000 FEFE FFFE 0000 FE00 0000 0000 0000 0000 0000
100: F06F 0950 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 F8B0
130: 0950 F8B0 0950 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 00A2 0202 0000 0404 0000 0000 0000 0000 0C00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 89A5
__________________________________________________________
co se týče funkčnosti, tak je to o něco lepší, než to bylo před tím, už se nepouští tolik procesů a je to rychlejší
Re: Pomalý PC
Takze uz je to v norme? Nebo je to sice rychlejsi, ale do normalu to ma daleko? Disk vykazuje nejake chyby hledani a cteni. Muze to byt pricina problemu, ale nemusi. To tezko zjistim 07 _73 _60 _30 0000014F9A10 Počet chybných hledání
C3 _66 _46 __0 000003F03EA0 Počet oprav chybného čtení
Pokud je to stale pomale, muzem udelat hlubsi kontrolu, zalezi na vas.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
no je to lepší, ale jak píšete, do normálu to má stále daleko, pokud by šlo, klidně můžeme udělat hlubší testování
Re: Pomalý PC
Pokud nemate, zazalohujte si dulezita data Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfiguracePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
log z ComboFix zde:
ComboFix 12-08-18.03 - User1 19.08.2012 18:47:46.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.269 [GMT 2:00]
Sputěný z: c:\documents and settings\User1\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Sluby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_PPDRV
-------\Service_PPDrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-19 do 2012-08-19 )))))))))))))))))))))))))))))))
.
.
2012-08-19 09:33 . 2012-08-19 09:33 -------- d-----w- c:\program files\Defraggler
2012-08-19 08:55 . 2012-08-19 08:56 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\User1\Data aplikací\Malwarebytes
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-08-17 10:43 . 2012-08-17 10:43 -------- d-----w- c:\program files\DesetiPrsty
2012-08-15 19:55 . 2012-08-15 19:55 -------- d-----w- c:\documents and settings\User1\Local Settings\Data aplikací\Sun
2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\program files\Common Files\Java
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\program files\Oracle
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\documents and settings\User1\Data aplikací\Oracle
2012-08-15 18:57 . 2012-07-05 20:06 772544 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-14 19:24 . 2012-08-14 19:24 -------- d-----w- c:\documents and settings\User1\Data aplikací\Fighters
2012-08-14 19:21 . 2012-08-14 19:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Fighters
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-05 20:07 . 2010-08-15 16:27 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-05 20:06 . 2010-08-15 16:27 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 14:05 . 2007-02-26 11:45 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-03 16:21 . 2010-11-16 13:38 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2011-05-04 12:57 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2010-11-16 13:38 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-07-03 16:21 . 2010-11-16 13:38 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-07-03 16:21 . 2010-11-16 13:38 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-07-03 16:21 . 2010-11-16 13:38 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2010-11-16 13:38 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-11-16 13:38 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-07-03 16:21 . 2010-11-16 13:38 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2010-11-16 13:38 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-09-04 05:38 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-02-26 11:47 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-02-26 11:47 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2008-09-04 05:38 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-02-26 11:47 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2005-05-26 03:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-02-26 11:47 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-02-26 11:47 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-08-11 19:41 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-08-11 19:41 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-08-11 19:41 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-24 08:48 . 2012-07-16 12:27 21376 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-04-27 18:21 . 2011-04-27 18:17 18734784 ----a-w- c:\program files\WDM_A406.exe
2011-04-27 18:06 . 2011-04-27 18:06 1045320 ----a-w- c:\program files\DriverDetective.exe
2008-11-11 16:21 . 2008-11-10 22:29 607640 ----a-w- c:\program files\xpiinstall.exe
2008-10-14 11:41 . 2008-10-14 11:39 2207280 ----a-w- c:\program files\tcmd704a.exe
2012-08-15 18:25 . 2012-06-28 19:00 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spoutěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 61440]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2009-02-20 326656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po sputění\
Hlavní panel ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-6 61440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-03-23 16:06 1398272 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-10-11 17:25 1961984 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"InCDsrv"=2 (0x2)
"OODefragAgent"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"CTDevice_Srv"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.3.2007 16:54 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4.5.2011 14:57 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.11.2010 15:38 353688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.11.2010 15:38 21256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [27.8.2008 23:28 93440]
S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21.5.2008 13:42 64000]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9.5.2012 12:07 113120]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\PPEMSCAN.sys --> c:\protector plus\PPEMSCAN.sys [?]
.
--- Ostatní sluby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-16 16:21]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Tennis Critters - c:\program files\Nerd Riot Games\Tennis Critters\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-19 19:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých poloek 'Po sputění' ...
.
skenování skrytých souborů ...
.
sken byl úspeně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-602162358-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:30,79,b2,6c,4c,84,0b,cc,c7,5b,29,0d,19,6b,92,d8,1b,48,8e,d8,49,0b,f7,
d9,3e,be,ae,60,a9,dc,a9,97,9c,9c,08,74,c4,a5,93,8a,b3,07,65,f5,5e,e9,e1,0d,\
"??"=hex:db,04,0e,52,89,49,8c,2b,47,79,02,ff,71,4f,c8,12
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="AF63E0DA9690E40113E267A15C79EDD8033C343C889CCA3A177CA65F7B530740C4DFA9EAAA0590AD2198D98544BC80106DA76DCBA8C7B6F9ECC9FB0CA8E7BC451DF38B1A1E9C05EDA557F1AB4DEA6C742C0203C39DCA18D6710895B419131C97B9B9D02DC6FA72D30CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808C038D530D6EB3452BA7FD869164D6794A9C6AECB7A5D140728E4F0A84846D283FD775ECA18D945AA0A54399148A21AEA9717335401AE15B69FE2B7557305634E82B3F7185B97B57AD40084089113E41CB3A603E92F732786B6B3E6A1BD6E5B2DE6EBC4C7FEA9DA1EC7B12E8D39C5DFD1F4311C6F9E3401414A6579BB3BE432DC9FE3A2E57D375CBE13028F2C43C587BC6343FD8CFD848D45D917AC0664206207C5EEB030BABA6773089A4EA09B76588729F9E999614ABCE689FD061797AAEB4F96F6539BFA07ADCB1C39CB598F8A55C9150AE4A4BF3CFEEEA0E0CA3A12E253C873F8B2CFE6BCE1496931B2FC518C81941ABABAEFF4EBCB970B1E08EC797BA0FCDF073A270DD5BEE2ADE67063F8D6696AD067786F41B81E9359248AE1567C5DE905C51AB1DE9C7F02CA56361A001B98C1F0FDF0CEC55AF4843F796780963F9B7FB0EDC8B2B1316483C68EF7DF44DF22075B03BAE88CD8520414B375E208F2ECA3D34D7C23BD09B3BACB2E70A988FB1A18938DAED0FD92BD1D547F4FD6E01B6A2E81C5B0AC2269B5ED276F1B20739D1BC7BE496C4D6CB840CF9F9FD3DF398D306D754C27B0DE6FB5564C1BBA210FC3445EA9F454D409D2E991BA65A6340CF4DB210B6A6341D90B0622CE8E543B4AC4B416C1E30E17ECB8CDC80CBBAFBDBBD09200C1BB2D265D7F79F3693DAFB4F7C7139D99FC03F4131901D1211D199C0C737BB141F2915A9565EA61FBAC5A044C4C0998E93CE1055AF51EFD281A52A1A484C2D3D0D5DF0F14A6B4F3067826D7E320451E0C301D8F06A4468F76D60FD313FD1777DDBCACA64F84392BADCDA810BCE977B8007DE9913ECF98BF838CC56DC62F2D21F8954FB89E135D773E6EB9BF382256E6E75AC2BD8D733F3AE986B0DD14393B4A57616511C139883FA4B177311E151C9D8A91E5F9E362629EEBA5D0473494FEDE5134CE2F58B3A6DDF18143E018640542530355DE94C23181EBDD6801430CB64264392E466990AB9F5E5C41FDB3835431512257BA578E5FEA7238FE1341BDA647B1ACEC3E5D3508C6C1D45AED65BBCE373676768DC692A1D52B505FBE131D16B8FC60B6B181D8380A1B8F3D4982AABD1A5B1B800FE370B5B3655599F5816F505131B8FC728787B6938B485ADCC4406F8E393E8727109FD668160DFE5EB7D0A544D8B0F28183A00480DA4E66A8CB42B541EEA5E0F39468CA4BD3CFA752C73069"
.
--------------------- Knihovny navázané na běící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(600)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné sputené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WgaTray.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2012-08-19 19:05:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-19 17:05
.
Před sputěním: 8 145 371 136
Po sputění: 8 001 478 656
.
- - End Of File - - AD36447FE5AF87FD3F35BDB6B57544B2
ComboFix 12-08-18.03 - User1 19.08.2012 18:47:46.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.269 [GMT 2:00]
Sputěný z: c:\documents and settings\User1\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Sluby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_PPDRV
-------\Service_PPDrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-19 do 2012-08-19 )))))))))))))))))))))))))))))))
.
.
2012-08-19 09:33 . 2012-08-19 09:33 -------- d-----w- c:\program files\Defraggler
2012-08-19 08:55 . 2012-08-19 08:56 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\User1\Data aplikací\Malwarebytes
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-08-17 10:43 . 2012-08-17 10:43 -------- d-----w- c:\program files\DesetiPrsty
2012-08-15 19:55 . 2012-08-15 19:55 -------- d-----w- c:\documents and settings\User1\Local Settings\Data aplikací\Sun
2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\program files\Common Files\Java
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\program files\Oracle
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\documents and settings\User1\Data aplikací\Oracle
2012-08-15 18:57 . 2012-07-05 20:06 772544 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-14 19:24 . 2012-08-14 19:24 -------- d-----w- c:\documents and settings\User1\Data aplikací\Fighters
2012-08-14 19:21 . 2012-08-14 19:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Fighters
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-05 20:07 . 2010-08-15 16:27 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-05 20:06 . 2010-08-15 16:27 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 14:05 . 2007-02-26 11:45 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-03 16:21 . 2010-11-16 13:38 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2011-05-04 12:57 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2010-11-16 13:38 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-07-03 16:21 . 2010-11-16 13:38 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-07-03 16:21 . 2010-11-16 13:38 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-07-03 16:21 . 2010-11-16 13:38 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2010-11-16 13:38 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-11-16 13:38 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-07-03 16:21 . 2010-11-16 13:38 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2010-11-16 13:38 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-09-04 05:38 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-02-26 11:47 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-02-26 11:47 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2008-09-04 05:38 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-02-26 11:47 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2005-05-26 03:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-02-26 11:47 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-02-26 11:47 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-08-11 19:41 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-08-11 19:41 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-08-11 19:41 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-24 08:48 . 2012-07-16 12:27 21376 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-04-27 18:21 . 2011-04-27 18:17 18734784 ----a-w- c:\program files\WDM_A406.exe
2011-04-27 18:06 . 2011-04-27 18:06 1045320 ----a-w- c:\program files\DriverDetective.exe
2008-11-11 16:21 . 2008-11-10 22:29 607640 ----a-w- c:\program files\xpiinstall.exe
2008-10-14 11:41 . 2008-10-14 11:39 2207280 ----a-w- c:\program files\tcmd704a.exe
2012-08-15 18:25 . 2012-06-28 19:00 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spoutěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 61440]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2009-02-20 326656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po sputění\
Hlavní panel ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-6 61440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-03-23 16:06 1398272 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-10-11 17:25 1961984 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"InCDsrv"=2 (0x2)
"OODefragAgent"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"CTDevice_Srv"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.3.2007 16:54 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4.5.2011 14:57 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.11.2010 15:38 353688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.11.2010 15:38 21256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [27.8.2008 23:28 93440]
S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21.5.2008 13:42 64000]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9.5.2012 12:07 113120]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\PPEMSCAN.sys --> c:\protector plus\PPEMSCAN.sys [?]
.
--- Ostatní sluby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-16 16:21]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Tennis Critters - c:\program files\Nerd Riot Games\Tennis Critters\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-19 19:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých poloek 'Po sputění' ...
.
skenování skrytých souborů ...
.
sken byl úspeně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-602162358-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:30,79,b2,6c,4c,84,0b,cc,c7,5b,29,0d,19,6b,92,d8,1b,48,8e,d8,49,0b,f7,
d9,3e,be,ae,60,a9,dc,a9,97,9c,9c,08,74,c4,a5,93,8a,b3,07,65,f5,5e,e9,e1,0d,\
"??"=hex:db,04,0e,52,89,49,8c,2b,47,79,02,ff,71,4f,c8,12
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="AF63E0DA9690E40113E267A15C79EDD8033C343C889CCA3A177CA65F7B530740C4DFA9EAAA0590AD2198D98544BC80106DA76DCBA8C7B6F9ECC9FB0CA8E7BC451DF38B1A1E9C05EDA557F1AB4DEA6C742C0203C39DCA18D6710895B419131C97B9B9D02DC6FA72D30CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808C038D530D6EB3452BA7FD869164D6794A9C6AECB7A5D140728E4F0A84846D283FD775ECA18D945AA0A54399148A21AEA9717335401AE15B69FE2B7557305634E82B3F7185B97B57AD40084089113E41CB3A603E92F732786B6B3E6A1BD6E5B2DE6EBC4C7FEA9DA1EC7B12E8D39C5DFD1F4311C6F9E3401414A6579BB3BE432DC9FE3A2E57D375CBE13028F2C43C587BC6343FD8CFD848D45D917AC0664206207C5EEB030BABA6773089A4EA09B76588729F9E999614ABCE689FD061797AAEB4F96F6539BFA07ADCB1C39CB598F8A55C9150AE4A4BF3CFEEEA0E0CA3A12E253C873F8B2CFE6BCE1496931B2FC518C81941ABABAEFF4EBCB970B1E08EC797BA0FCDF073A270DD5BEE2ADE67063F8D6696AD067786F41B81E9359248AE1567C5DE905C51AB1DE9C7F02CA56361A001B98C1F0FDF0CEC55AF4843F796780963F9B7FB0EDC8B2B1316483C68EF7DF44DF22075B03BAE88CD8520414B375E208F2ECA3D34D7C23BD09B3BACB2E70A988FB1A18938DAED0FD92BD1D547F4FD6E01B6A2E81C5B0AC2269B5ED276F1B20739D1BC7BE496C4D6CB840CF9F9FD3DF398D306D754C27B0DE6FB5564C1BBA210FC3445EA9F454D409D2E991BA65A6340CF4DB210B6A6341D90B0622CE8E543B4AC4B416C1E30E17ECB8CDC80CBBAFBDBBD09200C1BB2D265D7F79F3693DAFB4F7C7139D99FC03F4131901D1211D199C0C737BB141F2915A9565EA61FBAC5A044C4C0998E93CE1055AF51EFD281A52A1A484C2D3D0D5DF0F14A6B4F3067826D7E320451E0C301D8F06A4468F76D60FD313FD1777DDBCACA64F84392BADCDA810BCE977B8007DE9913ECF98BF838CC56DC62F2D21F8954FB89E135D773E6EB9BF382256E6E75AC2BD8D733F3AE986B0DD14393B4A57616511C139883FA4B177311E151C9D8A91E5F9E362629EEBA5D0473494FEDE5134CE2F58B3A6DDF18143E018640542530355DE94C23181EBDD6801430CB64264392E466990AB9F5E5C41FDB3835431512257BA578E5FEA7238FE1341BDA647B1ACEC3E5D3508C6C1D45AED65BBCE373676768DC692A1D52B505FBE131D16B8FC60B6B181D8380A1B8F3D4982AABD1A5B1B800FE370B5B3655599F5816F505131B8FC728787B6938B485ADCC4406F8E393E8727109FD668160DFE5EB7D0A544D8B0F28183A00480DA4E66A8CB42B541EEA5E0F39468CA4BD3CFA752C73069"
.
--------------------- Knihovny navázané na běící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(600)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné sputené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WgaTray.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2012-08-19 19:05:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-19 17:05
.
Před sputěním: 8 145 371 136
Po sputění: 8 001 478 656
.
- - End Of File - - AD36447FE5AF87FD3F35BDB6B57544B2
Re: Pomalý PC
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni a ukoncete vsechny spustene programy
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kód: Vybrat vše
KillAll::
Firefox::
FF - ProfilePath - c:\documents and settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.5.3&q=
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
Regnull::
[HKEY_USERS\S-1-5-21-1409082233-602162358-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
Reboot::Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni a ukoncete vsechny spustene programy
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfiguracePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
omlouvám se, ale momentálně jsem mimo problémový PC a dostanu se k němu nejspíš o víkendu, tak omluvte čekání
Re: Pomalý PC
Jasne, diky za info 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý PC
tak tady je nový log z combofix, omlouvám se za prodlevy
ComboFix 12-08-18.03 - User1 25.08.2012 17:41:36.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.249 [GMT 2:00]
Spuštěný z: c:\documents and settings\User1\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\User1\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\dlimport.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-25 do 2012-08-25 )))))))))))))))))))))))))))))))
.
.
2012-08-19 09:33 . 2012-08-19 09:33 -------- d-----w- c:\program files\Defraggler
2012-08-19 08:55 . 2012-08-19 08:56 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\User1\Data aplikací\Malwarebytes
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-08-17 10:43 . 2012-08-17 10:43 -------- d-----w- c:\program files\DesetiPrsty
2012-08-15 19:55 . 2012-08-15 19:55 -------- d-----w- c:\documents and settings\User1\Local Settings\Data aplikací\Sun
2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\program files\Common Files\Java
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\program files\Oracle
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\documents and settings\User1\Data aplikací\Oracle
2012-08-15 18:57 . 2012-07-05 20:06 772544 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-14 19:24 . 2012-08-14 19:24 -------- d-----w- c:\documents and settings\User1\Data aplikací\Fighters
2012-08-14 19:21 . 2012-08-14 19:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Fighters
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2011-05-04 12:57 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2010-11-16 13:38 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2010-11-16 13:38 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2010-11-16 13:38 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2010-11-16 13:38 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2010-11-16 13:38 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2010-11-16 13:38 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2010-11-16 13:38 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:12 . 2010-11-16 13:38 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2010-11-16 13:38 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-05 20:07 . 2010-08-15 16:27 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-05 20:06 . 2010-08-15 16:27 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 14:05 . 2007-02-26 11:45 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-09-04 05:38 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-02-26 11:47 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-02-26 11:47 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2008-09-04 05:38 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-02-26 11:47 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2005-05-26 03:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-02-26 11:47 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-02-26 11:47 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-08-11 19:41 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-08-11 19:41 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-08-11 19:41 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-04-27 18:21 . 2011-04-27 18:17 18734784 ----a-w- c:\program files\WDM_A406.exe
2011-04-27 18:06 . 2011-04-27 18:06 1045320 ----a-w- c:\program files\DriverDetective.exe
2008-11-11 16:21 . 2008-11-10 22:29 607640 ----a-w- c:\program files\xpiinstall.exe
2008-10-14 11:41 . 2008-10-14 11:39 2207280 ----a-w- c:\program files\tcmd704a.exe
2012-08-15 18:25 . 2012-06-28 19:00 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 61440]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2009-02-20 326656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Hlavní panel ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-6 61440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-03-23 16:06 1398272 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-10-11 17:25 1961984 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"InCDsrv"=2 (0x2)
"OODefragAgent"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"CTDevice_Srv"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.3.2007 16:54 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4.5.2011 14:57 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.11.2010 15:38 355632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.11.2010 15:38 21256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [27.8.2008 23:28 93440]
S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21.5.2008 13:42 64000]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9.5.2012 12:07 113120]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\PPEMSCAN.sys --> c:\protector plus\PPEMSCAN.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-16 09:12]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\
FF - prefs.js: browser.startup.homepage - google.cz
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-25 17:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2560)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-08-25 17:51:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-25 15:51
.
Před spuštěním: 6 974 078 976
Po spuštění: 6 958 714 880
.
- - End Of File - - 62ED149392E709FCB56CF7BC07B05C98
ComboFix 12-08-18.03 - User1 25.08.2012 17:41:36.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.249 [GMT 2:00]
Spuštěný z: c:\documents and settings\User1\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\User1\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\dlimport.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-25 do 2012-08-25 )))))))))))))))))))))))))))))))
.
.
2012-08-19 09:33 . 2012-08-19 09:33 -------- d-----w- c:\program files\Defraggler
2012-08-19 08:55 . 2012-08-19 08:56 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\User1\Data aplikací\Malwarebytes
2012-08-18 16:08 . 2012-08-18 16:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-08-17 10:43 . 2012-08-17 10:43 -------- d-----w- c:\program files\DesetiPrsty
2012-08-15 19:55 . 2012-08-15 19:55 -------- d-----w- c:\documents and settings\User1\Local Settings\Data aplikací\Sun
2012-08-15 19:47 . 2012-08-15 19:47 -------- d-----w- c:\program files\Common Files\Java
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\program files\Oracle
2012-08-15 19:45 . 2012-08-15 19:45 -------- d-----w- c:\documents and settings\User1\Data aplikací\Oracle
2012-08-15 18:57 . 2012-07-05 20:06 772544 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-14 19:24 . 2012-08-14 19:24 -------- d-----w- c:\documents and settings\User1\Data aplikací\Fighters
2012-08-14 19:21 . 2012-08-14 19:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Fighters
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2011-05-04 12:57 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2010-11-16 13:38 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2010-11-16 13:38 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2010-11-16 13:38 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2010-11-16 13:38 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2010-11-16 13:38 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2010-11-16 13:38 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2010-11-16 13:38 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:12 . 2010-11-16 13:38 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2010-11-16 13:38 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-05 20:07 . 2010-08-15 16:27 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-05 20:06 . 2010-08-15 16:27 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 14:05 . 2007-02-26 11:45 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-09-04 05:38 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-02-26 11:47 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-02-26 11:47 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2008-09-04 05:38 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-09-04 05:38 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-02-26 11:47 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-02-26 11:47 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2005-05-26 03:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-02-26 11:47 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-02-26 11:47 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-08-11 19:41 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-08-11 19:41 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-08-11 19:41 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-04-27 18:21 . 2011-04-27 18:17 18734784 ----a-w- c:\program files\WDM_A406.exe
2011-04-27 18:06 . 2011-04-27 18:06 1045320 ----a-w- c:\program files\DriverDetective.exe
2008-11-11 16:21 . 2008-11-10 22:29 607640 ----a-w- c:\program files\xpiinstall.exe
2008-10-14 11:41 . 2008-10-14 11:39 2207280 ----a-w- c:\program files\tcmd704a.exe
2012-08-15 18:25 . 2012-06-28 19:00 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 61440]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2009-02-20 326656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Hlavní panel ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-6 61440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 14:09 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-03-23 16:06 1398272 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-10-11 17:25 1961984 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"InCDsrv"=2 (0x2)
"OODefragAgent"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"CTDevice_Srv"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.3.2007 16:54 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4.5.2011 14:57 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.11.2010 15:38 355632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.11.2010 15:38 21256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [27.8.2008 23:28 93440]
S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [21.5.2008 13:42 64000]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9.5.2012 12:07 113120]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\PPEMSCAN.sys --> c:\protector plus\PPEMSCAN.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-16 09:12]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\User1\Data aplikací\Mozilla\Firefox\Profiles\li3qoa3b.default\
FF - prefs.js: browser.startup.homepage - google.cz
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-25 17:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2560)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-08-25 17:51:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-25 15:51
.
Před spuštěním: 6 974 078 976
Po spuštění: 6 958 714 880
.
- - End Of File - - 62ED149392E709FCB56CF7BC07B05C98
Přispějete na provoz fóra?