Dlouhý start PC

Zpráva

kala · #1 Příspěvek od **kala** » 21 dub 2013 07:45

Dobrý den, mám problém ode dneska s tim, ze po zapnuti PC a probehnuti hlavni obrazovky WinXP kdy přijde černá obrazovka jen s kurzorem, ktera je tam dost dlouho nez naskoci moznost prihlaseni k uctu uzivatele PC. Wise Care 356 pise, ze start trval 244 sekund (me to prislo snad i vice) Cim to muze byt nebo jak a co s tim? Děkuji!

(edit: take nacitani internetovych stranek se mi zda dost pomale, a nekdy se ani nenactou. PC mi dokonce psal ze IP koliduje s jinym systemem v siti... Tak to jen pro doplnujici info)

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2013-04-21 08:40:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 795 GB (83%) free of 954 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:40:22, on 21.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Common Files\COMODO\launcher_service.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\Comodo\GeekBuddy\unit.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Documents and Settings\Uzivatel\Plocha\Download\ostatní\RSIT.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://get.adobe.com/flashplayer/comple ... pe=install
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [gbrspcontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB424AF6-A993-4DE1-8AD5-2079413CD839}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 6455 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
C:\WINDOWS\tasks\Wise Care 365.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uzivatel\Data aplikací\Mozilla\Firefox\Profiles\ah7fsb89.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro\Reader 3\npnitromozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-08-25 33660928]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 98304]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-04-15 3012816]
"gbrspcontrol"=C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Start GeekBuddy.lnk - C:\Program Files\Comodo\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-07-04 192512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe"="C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2013-04-21 07:39:28 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Wise Care 365
2013-04-21 07:39:11 ----D---- C:\Program Files\Wise
2013-04-21 07:20:37 ----D---- C:\WINDOWS\Minidump
2013-04-19 19:19:08 ----A---- C:\WINDOWS\system32\certsentry.dll
2013-04-19 11:11:15 ----D---- C:\Program Files\Common Files\Java
2013-04-19 11:10:51 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-04-19 11:10:51 ----A---- C:\WINDOWS\system32\javaw.exe
2013-04-19 11:10:51 ----A---- C:\WINDOWS\system32\java.exe
2013-04-18 15:33:14 ----D---- C:\Program Files\Common Files\COMODO
2013-04-12 09:03:18 ----D---- C:\Program Files\Mozilla Firefox
2013-04-11 10:26:07 ----D---- C:\totalcmd
2013-04-11 10:26:07 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\GHISLER
2013-04-08 00:07:08 ----D---- C:\Program Files\Common Files\Nero
2013-04-07 22:25:42 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\AnvSoft
2013-04-07 13:19:43 ----A---- C:\WINDOWS\system32\drivers\sfi.dat
2013-04-07 13:17:27 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Shared Space
2013-04-07 13:15:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2013-04-07 13:15:16 ----D---- C:\Program Files\Comodo
2013-04-07 13:15:14 ----A---- C:\WINDOWS\system32\gdiplus.dll
2013-04-07 13:15:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
2013-04-06 15:22:57 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Malwarebytes
2013-04-06 15:21:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-04-06 15:21:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-04-06 15:21:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-04-06 13:24:27 ----A---- C:\TDSSKiller.2.8.16.0_06.04.2013_13.24.27_log.txt
2013-04-05 12:13:03 ----A---- C:\TDSSKiller.2.8.16.0_05.04.2013_12.13.03_log.txt
2013-04-05 11:16:48 ----D---- C:\rsit
2013-04-05 11:16:48 ----D---- C:\Program Files\trend micro
2013-04-04 18:21:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-04-04 18:21:20 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-04-04 17:10:57 ----HD---- C:\WINDOWS\PIF
2013-04-04 17:10:25 ----A---- C:\WINDOWS\system32\zip32.dll
2013-04-04 17:10:24 ----A---- C:\WINDOWS\system32\asmwmenu.dll
2013-04-04 17:10:22 ----A---- C:\WINDOWS\system32\Zipit.dll
2013-04-04 17:10:22 ----A---- C:\WINDOWS\system32\Zipdll.dll
2013-04-04 17:10:17 ----D---- C:\Program Files\AsmwSoft
2013-03-26 16:41:29 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Nitro
2013-03-26 16:41:29 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\FileOpen
2013-03-26 16:41:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\FileOpen
2013-03-26 14:35:14 ----D---- C:\WINDOWS\Sun
2013-03-26 14:32:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2013-03-26 14:32:07 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-03-26 14:32:07 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-03-26 14:31:43 ----D---- C:\Program Files\Java
2013-03-26 14:30:52 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Sun
2013-03-25 23:27:03 ----RD---- C:\DLP 11-2012 KOMPLET 3 PůLENé PO 01-45H 2.čáST 2 DVD3
2013-03-25 23:26:59 ----RD---- C:\DLP 11-2012 KOMPLET 3 PůLENé PO 01-45H 2.čáST 2 DVD4
2013-03-25 18:24:31 ----D---- C:\Program Files\GetFLV
2013-03-25 17:43:03 ----D---- C:\HD exporty video projektů a DVD

======List of files/folders modified in the last 1 month======

2013-04-21 08:39:05 ----D---- C:\WINDOWS\Temp
2013-04-21 08:34:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-21 08:29:46 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-21 08:28:04 ----D---- C:\WINDOWS\system32
2013-04-21 08:28:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-21 08:19:24 ----D---- C:\WINDOWS\system32\config
2013-04-21 08:05:33 ----D---- C:\WINDOWS
2013-04-21 08:04:36 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-21 08:04:17 ----D---- C:\WINDOWS\Prefetch
2013-04-21 08:00:13 ----D---- C:\WINDOWS\Debug
2013-04-21 07:59:21 ----SD---- C:\WINDOWS\Tasks
2013-04-21 07:55:14 ----SHD---- C:\WINDOWS\Installer
2013-04-21 07:48:28 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-04-21 07:39:11 ----RD---- C:\Program Files
2013-04-21 00:10:55 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\vlc
2013-04-20 13:36:35 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Nitro PDF
2013-04-19 18:26:21 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-04-19 11:11:15 ----D---- C:\Program Files\Common Files
2013-04-18 15:33:17 ----D---- C:\WINDOWS\WinSxS
2013-04-15 19:38:37 ----A---- C:\WINDOWS\system32\guard32.dll
2013-04-15 19:38:37 ----A---- C:\WINDOWS\system32\cmdcsr.dll
2013-04-15 19:38:25 ----A---- C:\WINDOWS\system32\cmdvrt32.dll
2013-04-15 19:38:24 ----A---- C:\WINDOWS\system32\cmdkbd32.dll
2013-04-12 13:31:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-04-12 13:27:30 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-04-12 11:36:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-10 09:53:45 ----HD---- C:\WINDOWS\inf
2013-04-10 09:53:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-04-10 09:53:25 ----D---- C:\Program Files\Internet Explorer
2013-04-10 09:52:40 ----HD---- C:\WINDOWS\$hf_mig$
2013-04-10 09:52:36 ----A---- C:\WINDOWS\imsins.BAK
2013-04-10 09:50:05 ----A---- C:\WINDOWS\system32\MRT.exe
2013-04-09 21:04:10 ----SHD---- C:\System Volume Information
2013-04-09 21:04:10 ----D---- C:\WINDOWS\system32\Restore
2013-04-09 21:02:02 ----D---- C:\WINDOWS\system32\drivers
2013-04-06 14:05:02 ----RSD---- C:\WINDOWS\Fonts
2013-04-06 13:09:51 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Skype
2013-04-05 12:04:36 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-04-04 16:51:01 ----SD---- C:\Documents and Settings\Uzivatel\Data aplikací\Microsoft
2013-03-28 11:12:29 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2013-04-18 99392]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 CFRMD;CFRMD; C:\WINDOWS\system32\DRIVERS\CFRMD.sys [2012-09-03 36112]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2013-04-15 18528]
R1 cmdGuard;COMODO Internet Security Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2013-04-15 592384]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2013-04-15 32816]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-07-04 7874560]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-07-10 1381632]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-07-04 643072]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files\Common Files\COMODO\launcher_service.exe [2013-04-17 70344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-04-15 4443912]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2013-04-19 2074760]
R2 GeekBuddyRSP;GeekBuddyRSP Service; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2013-04-17 1851088]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [2012-07-17 580648]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-04-15 127184]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-03-05 196624]
S3 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 21 dub 2013 10:32

Zdravím!
1. DNS servery máte v USA. Má to tak být?
2. Máte v PC Comodo IS a zároveň rezidentní MBAM. Pokud je Comodo užíván jako kompletní bezpečnostní balík, je to nesprávné, neboť může být v konfliktu s MBAM.

kala · #3 Příspěvek od **kala** » 21 dub 2013 11:22

DNS v USA? To vubec nevim co znamena a kde by to melo spravne byt?
COMODO mam free verzi, tak nevim jestli je dostatecna. Mam MBAM odstranit?

#4 Příspěvek od **Rudy** » 21 dub 2013 12:03

DNS v USA znamená, že pokud váš poskytovatel připojení není v USA, že byly servery pžesměrovány. Jde o toto:

O17 - HKLM\System\CCS\Services\Tcpip\..\{AB424AF6-A993-4DE1-8AD5-2079413CD839}: NameServer = 8.26.56.26,156.154.70.22

Ty IP adresy patří USA, což v tuzemských poměrech je neobvyklé.

Pokud máte Comodo free, pak máte pouze firewall. MBAM tedy ponechte.

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

kala · #5 Příspěvek od **kala** » 21 dub 2013 12:19

Pripojeni je od O2, takze by asi nemel byt v USA? Co s tim?

Stahl jsem ten vami navrhovany program.Spustil a zaclo to hazet chyby asi v tom miste kdy se tvoril bod obnoveni, musel jsem potvrdit ANo aby to pokracovalo i kdyz se nezdarilo... A skoncil jsem u tohoto okna a dal to nejede...

V tomto bode ted cekam na Vasi odpoved s vypnutym Comodem...

#6 Příspěvek od **Rudy** » 21 dub 2013 16:14

Zkuste spustit v nouz. režimu.

kala · #7 Příspěvek od **kala** » 21 dub 2013 16:18

Asi budu za hlupaka, ale muzete mi prosim napsat presny postup jak to udelat v nouzovem rezimu (vcetne nouzoveho rezimu? V PC a techto vecech a postupech se moc nevyznam a nerad bych neco pokazil. Nema mi s tim kdo pomoct. Dekuji!

#8 Příspěvek od **Rudy** » 21 dub 2013 16:42

Restartujte PC a při startu před skončením úvodních postů tiskněte >F8<. Objeví se menu, v němž se budete pohybovat kurzorovými šipkami. Označíte "Stav nouze s prací v síti" a stisknete >Enter<. PC nastartuje do nouz. režimu.

kala · #9 Příspěvek od **kala** » 21 dub 2013 19:55

Jsem v tom nouzovem rezimu. Kde a jak tu vypnout ten Comodo, kdyz dole u casu neni jeho ikona a v nabidce Start je jen odinstalovani?

Nemuzu ted nic delat dokud neukoncim ten Comodo, ani vypnout PC - kdyz jsem zavrel varovani o tom ze Comodo jede naskocilo jeste jedno - nejde to prerusit. SPECHA pomozte prosim!

kala · #10 Příspěvek od **kala** » 21 dub 2013 20:09

Prosím, spěchá to! (ommlouvam se za tento dalsi post)

#11 Příspěvek od **Rudy** » 21 dub 2013 20:18

Já dělám, co mohu, ale bohužel tu nejste sám. Zkuste vypnout ve správci úloh, případně hlášku ignorujte.

kala · #12 Příspěvek od **kala** » 21 dub 2013 20:19

Chapu.

Ve spravci uloh je to zkratka cmd.3XE? Odignorovani pise, ze muze poskodit system - a celkem vyhruzne uz podruhe, tak nevim.

edit: Nebo muzu ted pocitac restartovat kdyz program je rozjetej?

#13 Příspěvek od **Rudy** » 21 dub 2013 20:26

V nouz. režimu to ignorovat lze. To přepsání IP asi bude souviset s upgrade Comoda na poslední verzi.

kala · #14 Příspěvek od **kala** » 21 dub 2013 20:28

Nebude teda lepsi rovnou ted restartovat PC i kdyz je ten program rozjetej a nechat to jak to je?

#15 Příspěvek od **Rudy** » 21 dub 2013 20:39

Zkuste nastavit síť. připojení podle smlouvy o připojení k internetu.

VIRY.CZ

Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC

Re: Dlouhý start PC