Zdravím, po prečistení prachu v pc mi začal trošku sekať, neskôr som si dal vyhľadať aj nejaké viry, pár mi ich našlo(cca 4) ale od vtedy už 2 dni nejde spustiť žiadna hra, a CS 1.6 mi dokonca ide iba na 4 FPS.Ostatok mi zatiaľ ide ok, no len windows mi načítava pomaly.Neskôr som dal znova vyhľadať viry a našlo mi dokonca 2 také isté.(ukazovalo tam nejaké stránky, na niektorých si ani nepamatam zeby som tam bol).Od včera som si dokonca všimol, že keď sa prihlásim na account na mojom pc, tak do 5s mi vybehne čierna obrazovka a do 2s sa mi to vráti do normálu.
LOG Z RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-01-18 11:38:19
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 2047 MB (49% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-04 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-12-19 15708448]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-19 2602784]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-11-29 3806544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
c:\program files\poweriso\pwrisovm.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe [2014-01-14 1815976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
Rychlé hledání Microsoft.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
Spuštění Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client - TBFI"
"C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service - TBFI"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Games\Pro Cycling Manager - Season 2013\PCM.exe"="E:\Games\Pro Cycling Manager - Season 2013\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2013"
"E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe"="E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2013 - Autorun"
"C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe"="D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe"="D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic: Heroes VI"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe"="D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe:*:Enabled:Medieval II: Total War"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit -
.js - open -
.txt - open -
======List of files/folders created in the last 1 months======
2014-01-18 11:38:19 ----D---- C:\rsit
2014-01-18 11:38:19 ----D---- C:\Program Files\trend micro
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD86.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD57.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispgenco3233221.dll
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispco3233221.dll
2014-01-17 18:21:10 ----D---- C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 18:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2014-01-17 18:20:02 ----D---- C:\Documents and Settings\Owner\Application Data\IObit
2014-01-17 18:18:20 ----D---- C:\Program Files\IObit
2014-01-12 21:47:59 ----D---- C:\Documents and Settings\Owner\Application Data\LolClient
2014-01-12 20:05:42 ----D---- C:\Documents and Settings\Owner\Application Data\Riot Games
2014-01-05 17:03:22 ----D---- C:\Program Files\Fraps
2013-12-20 20:14:59 ----D---- C:\Documents and Settings\Owner\Application Data\TS3Client
2013-12-20 12:19:44 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 months======
2014-01-18 11:38:20 ----D---- C:\WINDOWS\Temp
2014-01-18 11:38:19 ----D---- C:\Program Files
2014-01-18 11:37:30 ----D---- C:\WINDOWS\system32
2014-01-18 11:01:23 ----D---- C:\WINDOWS\system32\drivers
2014-01-18 10:47:56 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2014-01-18 10:46:34 ----AH---- C:\WINDOWS\system32\FFASTLOG.TXT
2014-01-17 21:54:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-17 21:13:33 ----SHD---- C:\WINDOWS\Installer
2014-01-17 21:13:30 ----SHD---- C:\Config.Msi
2014-01-17 21:13:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-17 21:05:17 ----D---- C:\WINDOWS
2014-01-17 20:29:21 ----RSD---- C:\WINDOWS\assembly
2014-01-17 20:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-01-17 19:01:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-17 19:00:45 ----D---- C:\WINDOWS\WinSxS
2014-01-17 18:54:41 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2014-01-17 18:52:06 ----D---- C:\Documents and Settings\Owner\Application Data\Pro Cycling Manager 2013
2014-01-17 18:37:09 ----D---- C:\WINDOWS\system32\config
2014-01-17 18:34:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-17 18:34:10 ----D---- C:\WINDOWS\Logs
2014-01-17 18:33:46 ----D---- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
2014-01-17 18:32:26 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-01-17 18:32:21 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-01-17 18:30:17 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-17 18:26:44 ----HD---- C:\WINDOWS\inf
2014-01-17 18:25:58 ----D---- C:\Documents and Settings
2014-01-17 18:22:33 ----D---- C:\Program Files\Common Files
2014-01-17 18:20:58 ----D---- C:\WINDOWS\Prefetch
2014-01-17 18:20:50 ----SD---- C:\WINDOWS\Tasks
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Minidump
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Debug
2014-01-17 15:48:41 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2014-01-15 23:02:13 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 22:59:39 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 22:59:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-12 20:07:28 ----D---- C:\WINDOWS\system32\DirectX
2014-01-12 20:07:13 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2013-12-31 19:31:41 ----D---- C:\Documents and Settings\Owner\Application Data\Might & Magic Heroes VI
2013-12-21 09:43:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 19:17:26 ----A---- C:\WINDOWS\system32\nvwddi.dll
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvcolor.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-27 232512]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-12-19 12708160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 abbzk3ls;abbzk3ls; C:\WINDOWS\system32\drivers\abbzk3ls.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver; C:\WINDOWS\system32\drivers\KMdgiusb.sys []
S3 GGSAFERDriver;GGSAFER Driver; C:\WINDOWS\system32\drivers\GGSAFERDriver.sys []
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; C:\WINDOWS\system32\drivers\MSICPL.sys []
S3 NTACCESS;NTACCESS; C:\WINDOWS\system32\drivers\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; C:\WINDOWS\system32\drivers\SetupNTGLM7X.sys []
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-04 182184]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 1664336]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-12-19 156960]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalený PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
Prikázalo mi to reštart PC, videl som zmenu rýchlejšieho načítania windowsu, dokonca sa mi ani neobjavila tá spomínaná čierna obrazovka, ostatné veci bohužiaľ stále pretrvávajú.
Tu je LOG:
# AdwCleaner v3.003 - Report created 18/01/2014 at 12:22:05
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ADAM
# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Owner\IECompatCache
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6000.21364
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\prefs.js ]
*************************
AdwCleaner[R0].txt - [7563 octets] - [18/01/2014 12:21:02]
AdwCleaner[S0].txt - [7578 octets] - [18/01/2014 12:22:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7638 octets] ##########
Tu je LOG:
# AdwCleaner v3.003 - Report created 18/01/2014 at 12:22:05
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ADAM
# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Owner\IECompatCache
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6000.21364
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v26.0 (sk)
[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\prefs.js ]
*************************
AdwCleaner[R0].txt - [7563 octets] - [18/01/2014 12:21:02]
AdwCleaner[S0].txt - [7578 octets] - [18/01/2014 12:22:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7638 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
Tu je:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-01-18 12:49:29
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 2047 MB (54% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-04 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-12-19 15708448]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-19 2602784]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-11-29 3806544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
c:\program files\poweriso\pwrisovm.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe [2014-01-16 1815976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
Rychlé hledání Microsoft.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
Spuštění Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client - TBFI"
"C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service - TBFI"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Games\Pro Cycling Manager - Season 2013\PCM.exe"="E:\Games\Pro Cycling Manager - Season 2013\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2013"
"E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe"="E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2013 - Autorun"
"C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe"="D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe"="D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic: Heroes VI"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe"="D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe:*:Enabled:Medieval II: Total War"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit -
.js - open -
.txt - open -
======List of files/folders created in the last 1 months======
2014-01-18 12:20:56 ----D---- C:\AdwCleaner
2014-01-18 11:38:19 ----D---- C:\rsit
2014-01-18 11:38:19 ----D---- C:\Program Files\trend micro
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD86.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD57.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispgenco3233221.dll
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispco3233221.dll
2014-01-17 18:21:10 ----D---- C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 18:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2014-01-17 18:20:02 ----D---- C:\Documents and Settings\Owner\Application Data\IObit
2014-01-17 18:18:20 ----D---- C:\Program Files\IObit
2014-01-12 21:47:59 ----D---- C:\Documents and Settings\Owner\Application Data\LolClient
2014-01-12 20:05:42 ----D---- C:\Documents and Settings\Owner\Application Data\Riot Games
2014-01-05 17:03:22 ----D---- C:\Program Files\Fraps
2013-12-20 20:14:59 ----D---- C:\Documents and Settings\Owner\Application Data\TS3Client
2013-12-20 12:19:44 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 months======
2014-01-18 12:49:30 ----D---- C:\WINDOWS\Temp
2014-01-18 12:35:57 ----D---- C:\WINDOWS\system32
2014-01-18 12:25:31 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2014-01-18 12:24:06 ----AH---- C:\WINDOWS\system32\FFASTLOG.TXT
2014-01-18 12:22:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-18 12:22:06 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2014-01-18 11:38:19 ----D---- C:\Program Files
2014-01-18 11:01:23 ----D---- C:\WINDOWS\system32\drivers
2014-01-17 21:13:33 ----SHD---- C:\WINDOWS\Installer
2014-01-17 21:13:30 ----SHD---- C:\Config.Msi
2014-01-17 21:13:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-17 21:05:17 ----D---- C:\WINDOWS
2014-01-17 20:29:21 ----RSD---- C:\WINDOWS\assembly
2014-01-17 20:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-01-17 19:01:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-17 19:00:45 ----D---- C:\WINDOWS\WinSxS
2014-01-17 18:54:41 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2014-01-17 18:52:06 ----D---- C:\Documents and Settings\Owner\Application Data\Pro Cycling Manager 2013
2014-01-17 18:37:09 ----D---- C:\WINDOWS\system32\config
2014-01-17 18:34:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-17 18:34:10 ----D---- C:\WINDOWS\Logs
2014-01-17 18:33:46 ----D---- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
2014-01-17 18:32:26 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-01-17 18:32:21 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-01-17 18:30:17 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-17 18:26:44 ----HD---- C:\WINDOWS\inf
2014-01-17 18:25:58 ----D---- C:\Documents and Settings
2014-01-17 18:22:33 ----D---- C:\Program Files\Common Files
2014-01-17 18:20:58 ----D---- C:\WINDOWS\Prefetch
2014-01-17 18:20:50 ----SD---- C:\WINDOWS\Tasks
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Minidump
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Debug
2014-01-17 15:48:41 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2014-01-15 23:02:13 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 22:59:39 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 22:59:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-12 20:07:28 ----D---- C:\WINDOWS\system32\DirectX
2014-01-12 20:07:13 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2013-12-31 19:31:41 ----D---- C:\Documents and Settings\Owner\Application Data\Might & Magic Heroes VI
2013-12-21 09:43:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 19:17:26 ----A---- C:\WINDOWS\system32\nvwddi.dll
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvcolor.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-27 232512]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-12-19 12708160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 af3it2wb;af3it2wb; C:\WINDOWS\system32\drivers\af3it2wb.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver; C:\WINDOWS\system32\drivers\KMdgiusb.sys []
S3 GGSAFERDriver;GGSAFER Driver; C:\WINDOWS\system32\drivers\GGSAFERDriver.sys []
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; C:\WINDOWS\system32\drivers\MSICPL.sys []
S3 NTACCESS;NTACCESS; C:\WINDOWS\system32\drivers\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; C:\WINDOWS\system32\drivers\SetupNTGLM7X.sys []
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 1664336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-04 182184]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-12-19 156960]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-01-18 12:49:29
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 2047 MB (54% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-04 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-12-19 15708448]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-19 2602784]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-11-29 3806544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
c:\program files\poweriso\pwrisovm.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe [2014-01-16 1815976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
Rychlé hledání Microsoft.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
Spuštění Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client - TBFI"
"C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service - TBFI"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Games\Pro Cycling Manager - Season 2013\PCM.exe"="E:\Games\Pro Cycling Manager - Season 2013\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2013"
"E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe"="E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2013 - Autorun"
"C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe"="D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe"="D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic: Heroes VI"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe"="D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe:*:Enabled:Medieval II: Total War"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit -
.js - open -
.txt - open -
======List of files/folders created in the last 1 months======
2014-01-18 12:20:56 ----D---- C:\AdwCleaner
2014-01-18 11:38:19 ----D---- C:\rsit
2014-01-18 11:38:19 ----D---- C:\Program Files\trend micro
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD86.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD57.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispgenco3233221.dll
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispco3233221.dll
2014-01-17 18:21:10 ----D---- C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 18:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2014-01-17 18:20:02 ----D---- C:\Documents and Settings\Owner\Application Data\IObit
2014-01-17 18:18:20 ----D---- C:\Program Files\IObit
2014-01-12 21:47:59 ----D---- C:\Documents and Settings\Owner\Application Data\LolClient
2014-01-12 20:05:42 ----D---- C:\Documents and Settings\Owner\Application Data\Riot Games
2014-01-05 17:03:22 ----D---- C:\Program Files\Fraps
2013-12-20 20:14:59 ----D---- C:\Documents and Settings\Owner\Application Data\TS3Client
2013-12-20 12:19:44 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 months======
2014-01-18 12:49:30 ----D---- C:\WINDOWS\Temp
2014-01-18 12:35:57 ----D---- C:\WINDOWS\system32
2014-01-18 12:25:31 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2014-01-18 12:24:06 ----AH---- C:\WINDOWS\system32\FFASTLOG.TXT
2014-01-18 12:22:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-18 12:22:06 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2014-01-18 11:38:19 ----D---- C:\Program Files
2014-01-18 11:01:23 ----D---- C:\WINDOWS\system32\drivers
2014-01-17 21:13:33 ----SHD---- C:\WINDOWS\Installer
2014-01-17 21:13:30 ----SHD---- C:\Config.Msi
2014-01-17 21:13:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-17 21:05:17 ----D---- C:\WINDOWS
2014-01-17 20:29:21 ----RSD---- C:\WINDOWS\assembly
2014-01-17 20:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-01-17 19:01:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-17 19:00:45 ----D---- C:\WINDOWS\WinSxS
2014-01-17 18:54:41 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2014-01-17 18:52:06 ----D---- C:\Documents and Settings\Owner\Application Data\Pro Cycling Manager 2013
2014-01-17 18:37:09 ----D---- C:\WINDOWS\system32\config
2014-01-17 18:34:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-17 18:34:10 ----D---- C:\WINDOWS\Logs
2014-01-17 18:33:46 ----D---- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
2014-01-17 18:32:26 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-01-17 18:32:21 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-01-17 18:30:17 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-17 18:26:44 ----HD---- C:\WINDOWS\inf
2014-01-17 18:25:58 ----D---- C:\Documents and Settings
2014-01-17 18:22:33 ----D---- C:\Program Files\Common Files
2014-01-17 18:20:58 ----D---- C:\WINDOWS\Prefetch
2014-01-17 18:20:50 ----SD---- C:\WINDOWS\Tasks
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Minidump
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Debug
2014-01-17 15:48:41 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2014-01-15 23:02:13 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 22:59:39 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 22:59:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-12 20:07:28 ----D---- C:\WINDOWS\system32\DirectX
2014-01-12 20:07:13 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2013-12-31 19:31:41 ----D---- C:\Documents and Settings\Owner\Application Data\Might & Magic Heroes VI
2013-12-21 09:43:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 19:17:26 ----A---- C:\WINDOWS\system32\nvwddi.dll
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvcolor.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-27 232512]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-12-19 12708160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 af3it2wb;af3it2wb; C:\WINDOWS\system32\drivers\af3it2wb.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver; C:\WINDOWS\system32\drivers\KMdgiusb.sys []
S3 GGSAFERDriver;GGSAFER Driver; C:\WINDOWS\system32\drivers\GGSAFERDriver.sys []
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; C:\WINDOWS\system32\drivers\MSICPL.sys []
S3 NTACCESS;NTACCESS; C:\WINDOWS\system32\drivers\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; C:\WINDOWS\system32\drivers\SetupNTGLM7X.sys []
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 1664336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-04 182184]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-12-19 156960]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\WINDOWS\system32\SETD86.tmp
C:\WINDOWS\system32\SETD57.tmp
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
:comnmands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
Spravil som presne to, ako ste mi napísali, ale po skenu mi to celé všetko zamrzlo a plocha zmizla celá(až na ten obrázok plochy), takže som musel natvrdo reštartovať PC.
A k tej čiernej obrazovke, neviem či to bola vtedy moja nevšímavosť, ale mám ju znova.
EDIT:Ešte som k tomu celému zabudol dopísať že vyťaženosť CPU A RAM je vyššia než pred týmito problémami a ram je dokonca priemerne vyťažená momentálne na 40%, čo sa mi predtým nestávalo a keď spušťam napr. prehliadač tak vyťaženosť ide tak vysoko ako keby som ich spúštal naraz 30.
tu je LOG z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-01-18 13:07:39
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 2047 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-04 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-12-19 15708448]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-19 2602784]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-11-29 3806544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
c:\program files\poweriso\pwrisovm.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe [2014-01-16 1815976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
Rychlé hledání Microsoft.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
Spuštění Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client - TBFI"
"C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service - TBFI"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Games\Pro Cycling Manager - Season 2013\PCM.exe"="E:\Games\Pro Cycling Manager - Season 2013\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2013"
"E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe"="E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2013 - Autorun"
"C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe"="D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe"="D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic: Heroes VI"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe"="D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe:*:Enabled:Medieval II: Total War"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit -
.js - open -
.txt - open -
======List of files/folders created in the last 1 months======
2014-01-18 13:00:43 ----D---- C:\_OTM
2014-01-18 12:20:56 ----D---- C:\AdwCleaner
2014-01-18 11:38:19 ----D---- C:\rsit
2014-01-18 11:38:19 ----D---- C:\Program Files\trend micro
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD86.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD57.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispgenco3233221.dll
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispco3233221.dll
2014-01-17 18:21:10 ----D---- C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 18:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2014-01-17 18:20:02 ----D---- C:\Documents and Settings\Owner\Application Data\IObit
2014-01-17 18:18:20 ----D---- C:\Program Files\IObit
2014-01-12 21:47:59 ----D---- C:\Documents and Settings\Owner\Application Data\LolClient
2014-01-12 20:05:42 ----D---- C:\Documents and Settings\Owner\Application Data\Riot Games
2014-01-05 17:03:22 ----D---- C:\Program Files\Fraps
2013-12-20 20:14:59 ----D---- C:\Documents and Settings\Owner\Application Data\TS3Client
2013-12-20 12:19:44 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 months======
2014-01-18 13:07:40 ----D---- C:\WINDOWS\Temp
2014-01-18 13:05:29 ----D---- C:\WINDOWS\system32
2014-01-18 13:04:54 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2014-01-18 13:02:29 ----AH---- C:\WINDOWS\system32\FFASTLOG.TXT
2014-01-18 12:22:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-18 12:22:06 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2014-01-18 11:38:19 ----D---- C:\Program Files
2014-01-18 11:01:23 ----D---- C:\WINDOWS\system32\drivers
2014-01-17 21:13:33 ----SHD---- C:\WINDOWS\Installer
2014-01-17 21:13:30 ----SHD---- C:\Config.Msi
2014-01-17 21:13:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-17 21:05:17 ----D---- C:\WINDOWS
2014-01-17 20:29:21 ----RSD---- C:\WINDOWS\assembly
2014-01-17 20:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-01-17 19:01:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-17 19:00:45 ----D---- C:\WINDOWS\WinSxS
2014-01-17 18:54:41 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2014-01-17 18:52:06 ----D---- C:\Documents and Settings\Owner\Application Data\Pro Cycling Manager 2013
2014-01-17 18:37:09 ----D---- C:\WINDOWS\system32\config
2014-01-17 18:34:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-17 18:34:10 ----D---- C:\WINDOWS\Logs
2014-01-17 18:33:46 ----D---- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
2014-01-17 18:32:26 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-01-17 18:32:21 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-01-17 18:30:17 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-17 18:26:44 ----HD---- C:\WINDOWS\inf
2014-01-17 18:25:58 ----D---- C:\Documents and Settings
2014-01-17 18:22:33 ----D---- C:\Program Files\Common Files
2014-01-17 18:20:58 ----D---- C:\WINDOWS\Prefetch
2014-01-17 18:20:50 ----SD---- C:\WINDOWS\Tasks
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Minidump
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Debug
2014-01-17 15:48:41 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2014-01-15 23:02:13 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 22:59:39 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 22:59:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-12 20:07:28 ----D---- C:\WINDOWS\system32\DirectX
2014-01-12 20:07:13 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2013-12-31 19:31:41 ----D---- C:\Documents and Settings\Owner\Application Data\Might & Magic Heroes VI
2013-12-21 09:43:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 19:17:26 ----A---- C:\WINDOWS\system32\nvwddi.dll
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvcolor.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-27 232512]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-12-19 12708160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 a9pghx21;a9pghx21; C:\WINDOWS\system32\drivers\a9pghx21.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver; C:\WINDOWS\system32\drivers\KMdgiusb.sys []
S3 GGSAFERDriver;GGSAFER Driver; C:\WINDOWS\system32\drivers\GGSAFERDriver.sys []
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; C:\WINDOWS\system32\drivers\MSICPL.sys []
S3 NTACCESS;NTACCESS; C:\WINDOWS\system32\drivers\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; C:\WINDOWS\system32\drivers\SetupNTGLM7X.sys []
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-04 182184]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 1664336]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-12-19 156960]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
A k tej čiernej obrazovke, neviem či to bola vtedy moja nevšímavosť, ale mám ju znova.
EDIT:Ešte som k tomu celému zabudol dopísať že vyťaženosť CPU A RAM je vyššia než pred týmito problémami a ram je dokonca priemerne vyťažená momentálne na 40%, čo sa mi predtým nestávalo a keď spušťam napr. prehliadač tak vyťaženosť ide tak vysoko ako keby som ich spúštal naraz 30.
tu je LOG z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-01-18 13:07:39
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 2047 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-04 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-17 752448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-27 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-27 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-27 150040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-12-19 15708448]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-19 2602784]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-11-29 3806544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
c:\program files\poweriso\pwrisovm.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe [2014-01-16 1815976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe [2013-09-06 1130576]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
Rychlé hledání Microsoft.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
Spuštění Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-21 217088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client - TBFI"
"C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service - TBFI"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Games\Pro Cycling Manager - Season 2013\PCM.exe"="E:\Games\Pro Cycling Manager - Season 2013\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2013"
"E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe"="E:\Games\Pro Cycling Manager - Season 2013\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2013 - Autorun"
"C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Owner\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe"="D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe"="D:\Program Files\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe:*:Enabled:Might & Magic: Heroes VI"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe"="D:\Program Files\Steam\SteamApps\common\Medieval II Total War\launcher.exe:*:Enabled:Medieval II: Total War"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\Program Files\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise: The Ultimate Box"
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe"="C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit -
.js - open -
.txt - open -
======List of files/folders created in the last 1 months======
2014-01-18 13:00:43 ----D---- C:\_OTM
2014-01-18 12:20:56 ----D---- C:\AdwCleaner
2014-01-18 11:38:19 ----D---- C:\rsit
2014-01-18 11:38:19 ----D---- C:\Program Files\trend micro
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD86.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\SETD57.tmp
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispgenco3233221.dll
2014-01-17 18:25:25 ----A---- C:\WINDOWS\system32\nvdispco3233221.dll
2014-01-17 18:21:10 ----D---- C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 18:21:04 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2014-01-17 18:20:02 ----D---- C:\Documents and Settings\Owner\Application Data\IObit
2014-01-17 18:18:20 ----D---- C:\Program Files\IObit
2014-01-12 21:47:59 ----D---- C:\Documents and Settings\Owner\Application Data\LolClient
2014-01-12 20:05:42 ----D---- C:\Documents and Settings\Owner\Application Data\Riot Games
2014-01-05 17:03:22 ----D---- C:\Program Files\Fraps
2013-12-20 20:14:59 ----D---- C:\Documents and Settings\Owner\Application Data\TS3Client
2013-12-20 12:19:44 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 months======
2014-01-18 13:07:40 ----D---- C:\WINDOWS\Temp
2014-01-18 13:05:29 ----D---- C:\WINDOWS\system32
2014-01-18 13:04:54 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2014-01-18 13:02:29 ----AH---- C:\WINDOWS\system32\FFASTLOG.TXT
2014-01-18 12:22:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-18 12:22:06 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2014-01-18 11:38:19 ----D---- C:\Program Files
2014-01-18 11:01:23 ----D---- C:\WINDOWS\system32\drivers
2014-01-17 21:13:33 ----SHD---- C:\WINDOWS\Installer
2014-01-17 21:13:30 ----SHD---- C:\Config.Msi
2014-01-17 21:13:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-17 21:05:17 ----D---- C:\WINDOWS
2014-01-17 20:29:21 ----RSD---- C:\WINDOWS\assembly
2014-01-17 20:29:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-01-17 19:01:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-17 19:00:45 ----D---- C:\WINDOWS\WinSxS
2014-01-17 18:54:41 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2014-01-17 18:52:06 ----D---- C:\Documents and Settings\Owner\Application Data\Pro Cycling Manager 2013
2014-01-17 18:37:09 ----D---- C:\WINDOWS\system32\config
2014-01-17 18:34:10 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-17 18:34:10 ----D---- C:\WINDOWS\Logs
2014-01-17 18:33:46 ----D---- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
2014-01-17 18:32:26 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-01-17 18:32:21 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-01-17 18:30:17 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-17 18:26:44 ----HD---- C:\WINDOWS\inf
2014-01-17 18:25:58 ----D---- C:\Documents and Settings
2014-01-17 18:22:33 ----D---- C:\Program Files\Common Files
2014-01-17 18:20:58 ----D---- C:\WINDOWS\Prefetch
2014-01-17 18:20:50 ----SD---- C:\WINDOWS\Tasks
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Minidump
2014-01-17 18:09:05 ----D---- C:\WINDOWS\Debug
2014-01-17 15:48:41 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2014-01-15 23:02:13 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 22:59:39 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 22:59:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-12 20:07:28 ----D---- C:\WINDOWS\system32\DirectX
2014-01-12 20:07:13 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2013-12-31 19:31:41 ----D---- C:\Documents and Settings\Owner\Application Data\Might & Magic Heroes VI
2013-12-21 09:43:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:17:40 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 19:17:26 ----A---- C:\WINDOWS\system32\nvwddi.dll
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2013-12-19 19:17:25 ----A---- C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:17:24 ----A---- C:\WINDOWS\system32\nvcolor.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-27 232512]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-12-19 12708160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 a9pghx21;a9pghx21; C:\WINDOWS\system32\drivers\a9pghx21.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver; C:\WINDOWS\system32\drivers\KMdgiusb.sys []
S3 GGSAFERDriver;GGSAFER Driver; C:\WINDOWS\system32\drivers\GGSAFERDriver.sys []
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-21 6048480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; C:\WINDOWS\system32\drivers\MSICPL.sys []
S3 NTACCESS;NTACCESS; C:\WINDOWS\system32\drivers\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; C:\WINDOWS\system32\drivers\SetupNTGLM7X.sys []
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-04 182184]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 375056]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 1664336]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-12-19 156960]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
Spravil som všetko, ale zmena sa nedostavila, teda až na to rychlejšie načitanie windowsu.
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
Ešte predtým som dal cez malwarebytes vyhľadať malwéry, a teraz mi ich našlo 18 a vypisuje mi v nich stránky ktoré ani nepoznám, mám to dať zmazať alebo nechať a začať s tým combofixom?
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Dejte ten CF.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
ComboFix 14-01-16.03 - Owner 18.01.2014 14:56:33.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1033.18.2047.1501 [GMT 1:00]
Spuštěný z: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\WINDOWS
C:\install.exe
c:\windows\d.ini
c:\windows\system32\Cache
c:\windows\system32\Cache\15bf3684d50aab5c.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\30eb251eadcd4ecd.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\4e7e910c914e3d8f.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\78f0539deeb87b9e.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\a89fb0662fbfdadd.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\frapsvid.dll
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\SET1305.tmp
c:\windows\system32\SET191.tmp
c:\windows\system32\SET192.tmp
c:\windows\system32\SET193.tmp
c:\windows\system32\SET194.tmp
c:\windows\system32\SET199.tmp
c:\windows\system32\SET19A.tmp
c:\windows\system32\SET19B.tmp
c:\windows\system32\SET19C.tmp
c:\windows\system32\SET1A0.tmp
c:\windows\system32\SET1A2.tmp
c:\windows\system32\SET1A3.tmp
c:\windows\system32\SET1A4.tmp
c:\windows\system32\SET1A6.tmp
c:\windows\system32\SET1A7.tmp
c:\windows\system32\SET1AC.tmp
c:\windows\system32\SET1AD.tmp
c:\windows\system32\SET1AE.tmp
c:\windows\system32\SET1AF.tmp
c:\windows\system32\SET1B0.tmp
c:\windows\system32\SET475.tmp
c:\windows\system32\SET489.tmp
c:\windows\system32\SET48A.tmp
c:\windows\system32\SET493.tmp
c:\windows\system32\SET499.tmp
c:\windows\system32\SET49A.tmp
c:\windows\system32\SET49B.tmp
c:\windows\system32\SET4B8.tmp
c:\windows\system32\SET4D4.tmp
c:\windows\system32\SET4DC.tmp
c:\windows\system32\SET4DD.tmp
c:\windows\system32\SET4FD.tmp
c:\windows\system32\SETD0.tmp
c:\windows\system32\SETD57.tmp
c:\windows\system32\SETD86.tmp
c:\windows\system32\SETE4.tmp
c:\windows\system32\SETE7.tmp
c:\windows\system32\SETE9.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETF3.tmp
c:\windows\system32\SETF4.tmp
c:\windows\system32\SETF9.tmp
c:\windows\system32\tmp1C74.tmp
c:\windows\system32\tmp1E6E.tmp
c:\windows\system32\tmp1E6F.tmp
c:\windows\system32\tmpEBC.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-18 do 2014-01-18 )))))))))))))))))))))))))))))))
.
.
2014-01-18 11:20 . 2014-01-18 11:22 -------- d-----w- C:\AdwCleaner
2014-01-18 10:38 . 2014-01-18 12:07 -------- d-----w- c:\program files\trend micro
2014-01-17 17:25 . 2013-12-19 20:17 893728 ----a-w- c:\windows\system32\nvdispgenco3233221.dll
2014-01-17 17:25 . 2013-12-19 20:17 1049888 ----a-w- c:\windows\system32\nvdispco3233221.dll
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\AppData
2014-01-17 17:21 . 2014-01-17 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ProductData
2014-01-17 17:20 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2014-01-17 17:18 . 2014-01-17 17:20 -------- d-----w- c:\program files\IObit
2014-01-12 20:47 . 2014-01-12 20:47 -------- d-----w- c:\documents and settings\Owner\Application Data\LolClient
2014-01-12 19:05 . 2014-01-12 19:07 -------- d-----w- c:\documents and settings\Owner\Application Data\Riot Games
2014-01-05 16:03 . 2014-01-05 16:10 -------- d-----w- c:\program files\Fraps
2013-12-20 19:14 . 2013-12-20 19:15 -------- d-----w- c:\documents and settings\Owner\Application Data\TS3Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-17 20:13 . 2011-06-10 11:32 65536 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2013-12-19 20:17 . 2012-12-29 23:54 9637888 ----a-w- c:\windows\system32\nvopencl.dll
2013-12-19 20:17 . 2011-08-04 11:53 9682944 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-19 20:17 . 2011-08-04 11:53 2952992 ----a-w- c:\windows\system32\nvcuvid.dll
2013-12-19 20:17 . 2011-08-04 11:53 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-12-19 20:17 . 2011-08-04 11:53 22188032 ----a-w- c:\windows\system32\nvoglnt.dll
2013-12-19 20:17 . 2011-08-04 11:53 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-12-19 20:17 . 2010-09-09 11:40 12708160 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-12-19 18:17 . 2011-08-04 11:54 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-12-19 18:17 . 2011-08-04 11:54 15708448 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:17 . 2011-08-04 11:54 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-12-19 18:17 . 2011-08-04 11:54 376096 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:17 . 2011-08-04 11:54 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-12-11 16:46 . 2012-11-27 10:08 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 16:46 . 2011-08-05 11:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 20:21 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2006-02-28 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2006-02-28 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2010-09-09 10:28 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2006-02-28 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-25 11:24 . 2006-02-28 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 11:24 . 2010-09-09 12:46 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-10-25 11:24 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-25 11:24 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-23 23:45 . 2006-02-28 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-17 17:21 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll" [2014-01-17 752448]
.
[HKEY_CLASSES_ROOT\clsid\{10921475-03ce-4e04-90ce-e2e7ef20c814}]
[HKEY_CLASSES_ROOT\UninstallExplorer32.ExplorerBtn]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe" [2013-09-06 1130576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-27 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-27 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-27 150040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"RTHDCPL"="RTHDCPL.EXE" [2013-03-12 20143688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-12-19 15708448]
"NvMediaCenter"="NvMCTray.dll" [2013-12-19 376096]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-12-19 2602784]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
Rychlé hledání Microsoft.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-2-21 111376]
Spuštění Office.lnk - c:\program files\Microsoft Office\Office\OSA.EXE -b [1997-2-21 51984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-11-29 15:20 3806544 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-01-16 17:39 1815976 ----a-w- d:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-09-06 16:23 1130576 ----a-w- c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\PCM.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\Autorun\\Exe\\Autorun.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Might and Magic Heroes VI\\Might & Magic Heroes VI.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Medieval II Total War\\launcher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [14.4.2012 8:49 232512]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 6:23 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 6:26 96408]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [17.1.2014 18:18 878368]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 6:24 735960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.11.2013 16:20 1664336]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [17.1.2014 18:20 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [11.10.2013 11:51 375056]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [17.1.2014 18:29 1494304]
S2 BBUpdate;BBUpdate; [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.9.2013 18:06 701512]
S2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.9.2010 10:40 1691480]
S3 BBSvc;Bing Bar Update Service; [x]
S3 DGIUSB;Panasonic MFSUSB Driver;c:\windows\system32\drivers\KMdgiusb.sys --> c:\windows\system32\drivers\KMdgiusb.sys [?]
S3 GGSAFERDriver;GGSAFER Driver; [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.9.2013 18:06 22856]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [19.12.2012 16:37 27136]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [19.12.2012 16:37 745368]
S3 WinRing0_1_2_0;WinRing0_1_2_0;\??\c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys --> c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 16:46]
.
2014-01-18 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-17 17:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 213.151.222.34 192.168.0.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\
FF - ExtSQL: 2014-01-17 19:21; ascsurfingprotection@iobit.com; c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\extensions\ascsurfingprotection@iobit.com
.
.
------- Asociace souborů -------
.
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-PWRISOVM - c:\program files\poweriso\pwrisovm.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-18 15:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-507921405-515967899-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:5d,ae,62,97,38,14,79,6b,32,38,77,32,58,af,99,c0,c3,e8,63,fc,d6,
6a,d7,b4,12,a4,7e,0f,ef,91,25,e9,fc,ab,05,be,bf,21,84,4f,25,90,25,3e,a4,b9,\
"rkeysecu"=hex:f8,b4,82,84,ec,5f,35,98,6e,de,e5,3a,a9,05,2c,73
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-01-18 15:02:01
ComboFix-quarantined-files.txt 2014-01-18 14:01
.
Před spuštěním: 51 476 951 040 bytes free
Po spuštění: 52 133 003 264 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 45E6AAAA8252599EDADF344F05A709B2
8F558EB6672622401DA993E1E865C861
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1033.18.2047.1501 [GMT 1:00]
Spuštěný z: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\WINDOWS
C:\install.exe
c:\windows\d.ini
c:\windows\system32\Cache
c:\windows\system32\Cache\15bf3684d50aab5c.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\30eb251eadcd4ecd.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\4e7e910c914e3d8f.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\78f0539deeb87b9e.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\a89fb0662fbfdadd.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\frapsvid.dll
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\SET1305.tmp
c:\windows\system32\SET191.tmp
c:\windows\system32\SET192.tmp
c:\windows\system32\SET193.tmp
c:\windows\system32\SET194.tmp
c:\windows\system32\SET199.tmp
c:\windows\system32\SET19A.tmp
c:\windows\system32\SET19B.tmp
c:\windows\system32\SET19C.tmp
c:\windows\system32\SET1A0.tmp
c:\windows\system32\SET1A2.tmp
c:\windows\system32\SET1A3.tmp
c:\windows\system32\SET1A4.tmp
c:\windows\system32\SET1A6.tmp
c:\windows\system32\SET1A7.tmp
c:\windows\system32\SET1AC.tmp
c:\windows\system32\SET1AD.tmp
c:\windows\system32\SET1AE.tmp
c:\windows\system32\SET1AF.tmp
c:\windows\system32\SET1B0.tmp
c:\windows\system32\SET475.tmp
c:\windows\system32\SET489.tmp
c:\windows\system32\SET48A.tmp
c:\windows\system32\SET493.tmp
c:\windows\system32\SET499.tmp
c:\windows\system32\SET49A.tmp
c:\windows\system32\SET49B.tmp
c:\windows\system32\SET4B8.tmp
c:\windows\system32\SET4D4.tmp
c:\windows\system32\SET4DC.tmp
c:\windows\system32\SET4DD.tmp
c:\windows\system32\SET4FD.tmp
c:\windows\system32\SETD0.tmp
c:\windows\system32\SETD57.tmp
c:\windows\system32\SETD86.tmp
c:\windows\system32\SETE4.tmp
c:\windows\system32\SETE7.tmp
c:\windows\system32\SETE9.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF1.tmp
c:\windows\system32\SETF3.tmp
c:\windows\system32\SETF4.tmp
c:\windows\system32\SETF9.tmp
c:\windows\system32\tmp1C74.tmp
c:\windows\system32\tmp1E6E.tmp
c:\windows\system32\tmp1E6F.tmp
c:\windows\system32\tmpEBC.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-18 do 2014-01-18 )))))))))))))))))))))))))))))))
.
.
2014-01-18 11:20 . 2014-01-18 11:22 -------- d-----w- C:\AdwCleaner
2014-01-18 10:38 . 2014-01-18 12:07 -------- d-----w- c:\program files\trend micro
2014-01-17 17:25 . 2013-12-19 20:17 893728 ----a-w- c:\windows\system32\nvdispgenco3233221.dll
2014-01-17 17:25 . 2013-12-19 20:17 1049888 ----a-w- c:\windows\system32\nvdispco3233221.dll
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\AppData
2014-01-17 17:21 . 2014-01-17 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ProductData
2014-01-17 17:20 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2014-01-17 17:18 . 2014-01-17 17:20 -------- d-----w- c:\program files\IObit
2014-01-12 20:47 . 2014-01-12 20:47 -------- d-----w- c:\documents and settings\Owner\Application Data\LolClient
2014-01-12 19:05 . 2014-01-12 19:07 -------- d-----w- c:\documents and settings\Owner\Application Data\Riot Games
2014-01-05 16:03 . 2014-01-05 16:10 -------- d-----w- c:\program files\Fraps
2013-12-20 19:14 . 2013-12-20 19:15 -------- d-----w- c:\documents and settings\Owner\Application Data\TS3Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-17 20:13 . 2011-06-10 11:32 65536 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2013-12-19 20:17 . 2012-12-29 23:54 9637888 ----a-w- c:\windows\system32\nvopencl.dll
2013-12-19 20:17 . 2011-08-04 11:53 9682944 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-19 20:17 . 2011-08-04 11:53 2952992 ----a-w- c:\windows\system32\nvcuvid.dll
2013-12-19 20:17 . 2011-08-04 11:53 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-12-19 20:17 . 2011-08-04 11:53 22188032 ----a-w- c:\windows\system32\nvoglnt.dll
2013-12-19 20:17 . 2011-08-04 11:53 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-12-19 20:17 . 2010-09-09 11:40 12708160 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-12-19 18:17 . 2011-08-04 11:54 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-12-19 18:17 . 2011-08-04 11:54 15708448 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:17 . 2011-08-04 11:54 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-12-19 18:17 . 2011-08-04 11:54 376096 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:17 . 2011-08-04 11:54 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-12-11 16:46 . 2012-11-27 10:08 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 16:46 . 2011-08-05 11:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 20:21 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2006-02-28 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2006-02-28 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2010-09-09 10:28 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2006-02-28 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-25 11:24 . 2006-02-28 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 11:24 . 2010-09-09 12:46 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-10-25 11:24 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-25 11:24 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-23 23:45 . 2006-02-28 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-17 17:21 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll" [2014-01-17 752448]
.
[HKEY_CLASSES_ROOT\clsid\{10921475-03ce-4e04-90ce-e2e7ef20c814}]
[HKEY_CLASSES_ROOT\UninstallExplorer32.ExplorerBtn]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe" [2013-09-06 1130576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-27 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-27 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-27 150040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"RTHDCPL"="RTHDCPL.EXE" [2013-03-12 20143688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-12-19 15708448]
"NvMediaCenter"="NvMCTray.dll" [2013-12-19 376096]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-12-19 2602784]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
Rychlé hledání Microsoft.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-2-21 111376]
Spuštění Office.lnk - c:\program files\Microsoft Office\Office\OSA.EXE -b [1997-2-21 51984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-11-29 15:20 3806544 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-01-16 17:39 1815976 ----a-w- d:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-09-06 16:23 1130576 ----a-w- c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\PCM.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\Autorun\\Exe\\Autorun.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Might and Magic Heroes VI\\Might & Magic Heroes VI.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Medieval II Total War\\launcher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [14.4.2012 8:49 232512]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 6:23 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 6:26 96408]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [17.1.2014 18:18 878368]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 6:24 735960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.11.2013 16:20 1664336]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [17.1.2014 18:20 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [11.10.2013 11:51 375056]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [17.1.2014 18:29 1494304]
S2 BBUpdate;BBUpdate; [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.9.2013 18:06 701512]
S2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.9.2010 10:40 1691480]
S3 BBSvc;Bing Bar Update Service; [x]
S3 DGIUSB;Panasonic MFSUSB Driver;c:\windows\system32\drivers\KMdgiusb.sys --> c:\windows\system32\drivers\KMdgiusb.sys [?]
S3 GGSAFERDriver;GGSAFER Driver; [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.9.2013 18:06 22856]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [19.12.2012 16:37 27136]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [19.12.2012 16:37 745368]
S3 WinRing0_1_2_0;WinRing0_1_2_0;\??\c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys --> c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 16:46]
.
2014-01-18 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-17 17:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 213.151.222.34 192.168.0.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\
FF - ExtSQL: 2014-01-17 19:21; ascsurfingprotection@iobit.com; c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\extensions\ascsurfingprotection@iobit.com
.
.
------- Asociace souborů -------
.
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-PWRISOVM - c:\program files\poweriso\pwrisovm.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-18 15:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-507921405-515967899-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:5d,ae,62,97,38,14,79,6b,32,38,77,32,58,af,99,c0,c3,e8,63,fc,d6,
6a,d7,b4,12,a4,7e,0f,ef,91,25,e9,fc,ab,05,be,bf,21,84,4f,25,90,25,3e,a4,b9,\
"rkeysecu"=hex:f8,b4,82,84,ec,5f,35,98,6e,de,e5,3a,a9,05,2c,73
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-01-18 15:02:01
ComboFix-quarantined-files.txt 2014-01-18 14:01
.
Před spuštěním: 51 476 951 040 bytes free
Po spuštění: 52 133 003 264 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 45E6AAAA8252599EDADF344F05A709B2
8F558EB6672622401DA993E1E865C861
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený PC
Ještě dočistíme. Otevřte poznámkový bloka zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll.:
Collect::
c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
Driver::
BBUpdate
BBSvc
Regnull::
[HKEY_USERS\S-1-5-21-507921405-515967899-725345543-1003\Software\SecuROM\License information*]
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený PC
Tak som to presne takto spravil a potom po rr pc chcelo spraviť log a chcelo spraviť nejaké detaily abo niečo také o malware a potom vypísalo že potrebuje sa pripojiť na nejaký server aby niečo nahralo, ale potom vypísalo že sa to nezdarilo a nahrávanie neúspešné.
ComboFix 14-01-16.03 - Owner 18.01.2014 17:32:06.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1033.18.2047.1334 [GMT 1:00]
Spuštěný z: c:\documents and settings\Owner\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
file zipped: c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BBSVC
-------\Legacy_BBUPDATE
-------\Service_BBSvc
-------\Service_BBUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-18 do 2014-01-18 )))))))))))))))))))))))))))))))
.
.
2014-01-18 11:20 . 2014-01-18 11:22 -------- d-----w- C:\AdwCleaner
2014-01-18 10:38 . 2014-01-18 12:07 -------- d-----w- c:\program files\trend micro
2014-01-17 17:25 . 2013-12-19 20:17 893728 ----a-w- c:\windows\system32\nvdispgenco3233221.dll
2014-01-17 17:25 . 2013-12-19 20:17 1049888 ----a-w- c:\windows\system32\nvdispco3233221.dll
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\AppData
2014-01-17 17:21 . 2014-01-17 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ProductData
2014-01-17 17:20 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2014-01-17 17:18 . 2014-01-17 17:20 -------- d-----w- c:\program files\IObit
2014-01-12 20:47 . 2014-01-12 20:47 -------- d-----w- c:\documents and settings\Owner\Application Data\LolClient
2014-01-12 19:05 . 2014-01-12 19:07 -------- d-----w- c:\documents and settings\Owner\Application Data\Riot Games
2014-01-05 16:03 . 2014-01-05 16:10 -------- d-----w- c:\program files\Fraps
2013-12-20 19:14 . 2013-12-20 19:15 -------- d-----w- c:\documents and settings\Owner\Application Data\TS3Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-19 20:17 . 2012-12-29 23:54 9637888 ----a-w- c:\windows\system32\nvopencl.dll
2013-12-19 20:17 . 2011-08-04 11:53 9682944 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-19 20:17 . 2011-08-04 11:53 2952992 ----a-w- c:\windows\system32\nvcuvid.dll
2013-12-19 20:17 . 2011-08-04 11:53 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-12-19 20:17 . 2011-08-04 11:53 22188032 ----a-w- c:\windows\system32\nvoglnt.dll
2013-12-19 20:17 . 2011-08-04 11:53 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-12-19 20:17 . 2010-09-09 11:40 12708160 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-12-19 18:17 . 2011-08-04 11:54 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-12-19 18:17 . 2011-08-04 11:54 15708448 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:17 . 2011-08-04 11:54 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-12-19 18:17 . 2011-08-04 11:54 376096 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:17 . 2011-08-04 11:54 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-12-11 16:46 . 2012-11-27 10:08 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 16:46 . 2011-08-05 11:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 20:21 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2006-02-28 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2006-02-28 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2010-09-09 10:28 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2006-02-28 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-25 11:24 . 2006-02-28 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 11:24 . 2010-09-09 12:46 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-10-25 11:24 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-25 11:24 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-23 23:45 . 2006-02-28 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-17 17:21 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll" [2014-01-17 752448]
.
[HKEY_CLASSES_ROOT\clsid\{10921475-03ce-4e04-90ce-e2e7ef20c814}]
[HKEY_CLASSES_ROOT\UninstallExplorer32.ExplorerBtn]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe" [2013-09-06 1130576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-27 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-27 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-27 150040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"RTHDCPL"="RTHDCPL.EXE" [2013-03-12 20143688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-12-19 15708448]
"NvMediaCenter"="NvMCTray.dll" [2013-12-19 376096]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-12-19 2602784]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
Rychlé hledání Microsoft.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-2-21 111376]
Spuštění Office.lnk - c:\program files\Microsoft Office\Office\OSA.EXE -b [1997-2-21 51984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-11-29 15:20 3806544 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-01-16 17:39 1815976 ----a-w- d:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-09-06 16:23 1130576 ----a-w- c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\PCM.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\Autorun\\Exe\\Autorun.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Might and Magic Heroes VI\\Might & Magic Heroes VI.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Medieval II Total War\\launcher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [14.4.2012 8:49 232512]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 6:23 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 6:26 96408]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [17.1.2014 18:18 878368]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 6:24 735960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.11.2013 16:20 1664336]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [17.1.2014 18:20 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [11.10.2013 11:51 375056]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.9.2013 18:06 701512]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [17.1.2014 18:29 1494304]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.9.2013 18:06 22856]
S2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.9.2010 10:40 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver;c:\windows\system32\drivers\KMdgiusb.sys --> c:\windows\system32\drivers\KMdgiusb.sys [?]
S3 GGSAFERDriver;GGSAFER Driver; [x]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [19.12.2012 16:37 27136]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [19.12.2012 16:37 745368]
S3 WinRing0_1_2_0;WinRing0_1_2_0;\??\c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys --> c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 16:46]
.
2014-01-18 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-17 17:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 213.151.222.34 192.168.0.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\
FF - ExtSQL: 2014-01-17 19:21; ascsurfingprotection@iobit.com; c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\extensions\ascsurfingprotection@iobit.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-18 17:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1072)
c:\windows\system32\WININET.dll
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\program files\NVIDIA Corporation\nView\NVWRSSK.DLL
c:\program files\ESET\ESET NOD32 Antivirus\eplgHooks.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\RTHDCPL.EXE
c:\program files\Microsoft Office\Office\OSA.EXE
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2014-01-18 17:57:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-18 16:57
ComboFix2.txt 2014-01-18 14:02
.
Před spuštěním: 52 157 849 600 bytes free
Po spuštění: 9 adresárov, 52 039 249 920 voľných bajtov
.
- - End Of File - - A5B7E1FA8D7630021A86FACB3BEB7C64
8F558EB6672622401DA993E1E865C861
ComboFix 14-01-16.03 - Owner 18.01.2014 17:32:06.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1033.18.2047.1334 [GMT 1:00]
Spuštěný z: c:\documents and settings\Owner\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
file zipped: c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BBSVC
-------\Legacy_BBUPDATE
-------\Service_BBSvc
-------\Service_BBUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-18 do 2014-01-18 )))))))))))))))))))))))))))))))
.
.
2014-01-18 11:20 . 2014-01-18 11:22 -------- d-----w- C:\AdwCleaner
2014-01-18 10:38 . 2014-01-18 12:07 -------- d-----w- c:\program files\trend micro
2014-01-17 17:25 . 2013-12-19 20:17 893728 ----a-w- c:\windows\system32\nvdispgenco3233221.dll
2014-01-17 17:25 . 2013-12-19 20:17 1049888 ----a-w- c:\windows\system32\nvdispco3233221.dll
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 17:21 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\AppData
2014-01-17 17:21 . 2014-01-17 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ProductData
2014-01-17 17:20 . 2014-01-17 17:21 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2014-01-17 17:18 . 2014-01-17 17:20 -------- d-----w- c:\program files\IObit
2014-01-12 20:47 . 2014-01-12 20:47 -------- d-----w- c:\documents and settings\Owner\Application Data\LolClient
2014-01-12 19:05 . 2014-01-12 19:07 -------- d-----w- c:\documents and settings\Owner\Application Data\Riot Games
2014-01-05 16:03 . 2014-01-05 16:10 -------- d-----w- c:\program files\Fraps
2013-12-20 19:14 . 2013-12-20 19:15 -------- d-----w- c:\documents and settings\Owner\Application Data\TS3Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-19 20:17 . 2012-12-29 23:54 9637888 ----a-w- c:\windows\system32\nvopencl.dll
2013-12-19 20:17 . 2011-08-04 11:53 9682944 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-19 20:17 . 2011-08-04 11:53 2952992 ----a-w- c:\windows\system32\nvcuvid.dll
2013-12-19 20:17 . 2011-08-04 11:53 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-12-19 20:17 . 2011-08-04 11:53 22188032 ----a-w- c:\windows\system32\nvoglnt.dll
2013-12-19 20:17 . 2011-08-04 11:53 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-12-19 20:17 . 2010-09-09 11:40 12708160 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-12-19 18:17 . 2011-08-04 11:54 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-12-19 18:17 . 2011-08-04 11:54 15708448 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:17 . 2011-08-04 11:54 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-12-19 18:17 . 2011-08-04 11:54 376096 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:17 . 2011-08-04 11:54 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-12-11 16:46 . 2012-11-27 10:08 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 16:46 . 2011-08-05 11:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 20:21 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2006-02-28 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2006-02-28 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2010-09-09 10:28 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2006-02-28 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-25 11:24 . 2006-02-28 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 11:24 . 2010-09-09 12:46 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-10-25 11:24 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-25 11:24 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-23 23:45 . 2006-02-28 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-17 17:21 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll" [2014-01-17 752448]
.
[HKEY_CLASSES_ROOT\clsid\{10921475-03ce-4e04-90ce-e2e7ef20c814}]
[HKEY_CLASSES_ROOT\UninstallExplorer32.ExplorerBtn]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe" [2013-09-06 1130576]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-10-28 2283296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-27 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-27 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-27 150040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"RTHDCPL"="RTHDCPL.EXE" [2013-03-12 20143688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-12-19 15708448]
"NvMediaCenter"="NvMCTray.dll" [2013-12-19 376096]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-12-19 2602784]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
Rychlé hledání Microsoft.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-2-21 111376]
Spuštění Office.lnk - c:\program files\Microsoft Office\Office\OSA.EXE -b [1997-2-21 51984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-11-29 15:20 3806544 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-01-16 17:39 1815976 ----a-w- d:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-09-06 16:23 1130576 ----a-w- c:\documents and settings\Owner\Application Data\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\PCM.exe"=
"e:\\Games\\Pro Cycling Manager - Season 2013\\Autorun\\Exe\\Autorun.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Might and Magic Heroes VI\\Might & Magic Heroes VI.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Medieval II Total War\\launcher.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"d:\\Program Files\\Steam\\SteamApps\\common\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [14.4.2012 8:49 232512]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 6:23 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 6:26 96408]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [17.1.2014 18:18 878368]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 6:24 735960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.11.2013 16:20 1664336]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [17.1.2014 18:20 2151200]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [11.10.2013 11:51 375056]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.9.2013 18:06 701512]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [17.1.2014 18:29 1494304]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.9.2013 18:06 22856]
S2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.9.2010 10:40 1691480]
S3 DGIUSB;Panasonic MFSUSB Driver;c:\windows\system32\drivers\KMdgiusb.sys --> c:\windows\system32\drivers\KMdgiusb.sys [?]
S3 GGSAFERDriver;GGSAFER Driver; [x]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [19.12.2012 16:37 27136]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [19.12.2012 16:37 745368]
S3 WinRing0_1_2_0;WinRing0_1_2_0;\??\c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys --> c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 16:46]
.
2014-01-18 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-17 17:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 213.151.222.34 192.168.0.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\
FF - ExtSQL: 2014-01-17 19:21; ascsurfingprotection@iobit.com; c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2207qpex.default-1375858183281\extensions\ascsurfingprotection@iobit.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-18 17:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1072)
c:\windows\system32\WININET.dll
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\program files\NVIDIA Corporation\nView\NVWRSSK.DLL
c:\program files\ESET\ESET NOD32 Antivirus\eplgHooks.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\RTHDCPL.EXE
c:\program files\Microsoft Office\Office\OSA.EXE
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2014-01-18 17:57:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-18 16:57
ComboFix2.txt 2014-01-18 14:02
.
Před spuštěním: 52 157 849 600 bytes free
Po spuštění: 9 adresárov, 52 039 249 920 voľných bajtov
.
- - End Of File - - A5B7E1FA8D7630021A86FACB3BEB7C64
8F558EB6672622401DA993E1E865C861
Přispějete na provoz fóra?