Zamrznuti PC po nacteni plochy WinXP - cerna obrazovka

[Cayler]

Prosim o kontrolu logu.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:36:44, on 25.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\My Documents\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4848645109
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5796 bytes

[Cayler]

pridavam log v RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-09-25 11:19:41
Microsoft Windows XP Professional Service Pack 3
System drive C: has 142 GB (59%) free of 238 GB
Total RAM: 1023 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:50, on 25.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4848645109
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6059 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-884357618-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-884357618-1801674531-1003UA.job
C:\WINDOWS\tasks\PCConfidential.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"NPSStartup"= []
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2010-09-10 2771784]
"egui"=C:\Program Files\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-09-06 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Petr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroHomeFirstStart]
C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [2008-01-22 16680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-01-08 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-09-25 11:19:41 ----D---- C:\rsit
2010-09-25 11:19:41 ----D---- C:\Program Files\trend micro
2010-09-25 01:06:21 ----D---- C:\WINDOWS\McAfee.com
2010-09-25 01:06:20 ----D---- C:\WINDOWS\LastGood.Tmp
2010-09-23 01:47:15 ----ASH---- C:\pagefile.sys
2010-09-23 00:54:35 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-09-23 00:43:32 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-09-23 00:43:32 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-09-23 00:43:32 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-09-23 00:43:31 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-09-23 00:43:30 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-09-23 00:43:30 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-09-23 00:43:30 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-09-23 00:43:29 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-09-23 00:43:28 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-09-23 00:43:28 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-09-23 00:43:28 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-09-23 00:43:27 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-09-23 00:43:27 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-09-23 00:43:26 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-09-23 00:43:26 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-09-23 00:43:25 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-09-23 00:43:24 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-09-23 00:43:24 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-09-23 00:43:23 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-09-22 19:56:16 ----D---- C:\Documents and Settings\Petr\Application Data\OpenOffice.org
2010-09-22 19:55:00 ----D---- C:\Program Files\OpenOffice.org 3
2010-09-22 19:54:32 ----D---- C:\Program Files\OpenOffice
2010-09-22 18:10:27 ----A---- C:\WINDOWS\ntbtlog.txt
2010-09-22 18:08:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-20 18:54:41 ----D---- C:\Program Files\ESET NOD32 Antivirus
2010-09-20 18:54:41 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-09-20 18:40:00 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-09-20 18:09:51 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys
2010-09-20 18:09:48 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2010-09-20 18:07:45 ----HDC---- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-20 18:07:31 ----D---- C:\Program Files\Lavasoft
2010-09-20 18:07:31 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-09-20 17:36:42 ----A---- C:\WINDOWS\oodjobd.INI
2010-09-20 17:13:53 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2010-09-20 16:17:04 ----D---- C:\WINDOWS\system32\oodag
2010-09-20 16:15:35 ----D---- C:\Program Files\OO Software
2010-09-20 16:09:55 ----D---- C:\WINDOWS\ie8updates
2010-09-20 16:08:03 ----HDC---- C:\WINDOWS\ie8
2010-09-20 01:17:07 ----D---- C:\WINDOWS\ie7updates
2010-09-20 01:10:25 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-09-20 01:10:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-09-20 01:09:01 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-20 01:08:08 ----D---- C:\Program Files\MSXML 4.0
2010-09-20 01:03:21 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-09-20 01:02:23 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2010-09-19 21:01:50 ----D---- C:\WINDOWS\pss
2010-09-19 20:52:12 ----D---- C:\Program Files\CCleaner
2010-09-19 00:24:26 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-09-19 00:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-09-19 00:16:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-09-19 00:16:49 ----D---- C:\Program Files\NVIDIA Corporation
2010-09-18 20:05:08 ----D---- C:\PFiles
2010-09-18 17:23:38 ----D---- C:\The Simpsons
2010-09-10 13:01:14 ----A---- C:\WINDOWS\system32\oodbs.exe
2010-09-10 12:59:50 ----A---- C:\WINDOWS\system32\oodssrs.dll
2010-09-10 12:59:26 ----A---- C:\WINDOWS\system32\oodbsrs.dll
2010-09-06 10:26:17 ----D---- C:\Documents and Settings\All Users\Application Data\Samsung
2010-08-31 20:03:51 ----D---- C:\Program Files\Free Offers from Freeze.com
2010-08-31 20:03:46 ----D---- C:\Program Files\Winferno
2010-08-30 17:56:31 ----D---- C:\Program Files\Free Space Screensaver

======List of files/folders modified in the last 1 months======

2010-09-25 11:19:41 ----RD---- C:\Program Files
2010-09-25 11:16:47 ----SHD---- C:\WINDOWS\CSC
2010-09-25 02:41:53 ----D---- C:\WINDOWS
2010-09-25 02:13:51 ----D---- C:\WINDOWS\system32
2010-09-25 01:43:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-09-25 01:06:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-25 01:06:21 ----HD---- C:\WINDOWS\inf
2010-09-25 01:06:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-25 00:33:50 ----D---- C:\WINDOWS\Temp
2010-09-23 00:42:49 ----D---- C:\WINDOWS\system32\DirectX
2010-09-22 19:55:17 ----SHD---- C:\WINDOWS\Installer
2010-09-22 18:52:12 ----D---- C:\WINDOWS\Prefetch
2010-09-20 18:55:01 ----D---- C:\WINDOWS\system32\drivers
2010-09-20 18:09:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-20 18:07:29 ----D---- C:\WINDOWS\WinSxS
2010-09-20 18:03:45 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-20 18:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\Agnitum
2010-09-20 18:02:52 ----D---- C:\WINDOWS\system32\config
2010-09-20 18:01:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-20 17:30:05 ----D---- C:\WINDOWS\Debug
2010-09-20 17:27:04 ----D---- C:\WINDOWS\system32\dllcache
2010-09-20 17:19:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-20 17:14:57 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-20 16:12:03 ----D---- C:\WINDOWS\system32\en-US
2010-09-20 16:12:03 ----D---- C:\WINDOWS\Media
2010-09-20 16:12:03 ----D---- C:\WINDOWS\Help
2010-09-20 16:12:03 ----D---- C:\Program Files\Internet Explorer
2010-09-20 15:32:29 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-20 15:00:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-20 14:26:54 ----SHD---- C:\RECYCLER
2010-09-20 01:18:53 ----D---- C:\WINDOWS\system32\wbem
2010-09-20 01:18:53 ----D---- C:\WINDOWS\AppPatch
2010-09-20 01:08:50 ----D---- C:\Program Files\Outlook Express
2010-09-20 01:08:26 ----D---- C:\Program Files\Movie Maker
2010-09-19 20:59:55 ----D---- C:\Documents and Settings\Petr\Application Data\Media Player Classic
2010-09-19 20:57:31 ----D---- C:\WINDOWS\Minidump
2010-09-19 00:24:11 ----D---- C:\WINDOWS\SoftwareDistribution
2010-09-19 00:07:54 ----D---- C:\Documents and Settings
2010-09-18 19:21:07 ----D---- C:\Documents and Settings\Petr\Application Data\vlc
2010-09-18 18:08:44 ----D---- C:\Documents and Settings\Petr\Application Data\dvdcss
2010-09-09 18:31:36 ----D---- C:\Documents and Settings\Petr\Application Data\Skype
2010-09-09 16:08:03 ----D---- C:\Documents and Settings\Petr\Application Data\skypePM
2010-09-06 10:28:24 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-09-06 10:26:49 ----D---- C:\Program Files\Samsung
2010-08-31 20:04:04 ----SD---- C:\WINDOWS\Tasks
2010-08-31 20:03:48 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2009-01-08 61824]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-01-08 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-03-30 230400]
S1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
S2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
S2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
S2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
S2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2009-01-08 62848]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2009-01-08 60800]
S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
S3 ipw_bus;IPWireless; C:\WINDOWS\system32\DRIVERS\ipw_bus.sys [2005-09-27 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter; C:\WINDOWS\system32\DRIVERS\ipw_mdfl.sys [2005-09-27 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM); C:\WINDOWS\system32\DRIVERS\ipw_mdm.sys [2005-09-27 95440]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2009-01-08 61824]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-01-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-01-08 82944]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2005-10-11 110080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-09-25 1355928]
S2 ekrn;ESET Service; C:\Program Files\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
S2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
S2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-09-10 2320712]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\Petr.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

NBService - Nero AG

NMIndexingService - Nero AG

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\McAfee.com

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

[Cayler]

Diky za reakci.
Zde log z OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\LastGood.Tmp\INF folder moved successfully.
C:\WINDOWS\LastGood.Tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\McAfee.com\FreeScan folder moved successfully.
C:\WINDOWS\McAfee.com folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 654 bytes
->Temporary Internet Files folder emptied: 22293022 bytes
->Flash cache emptied: 405 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Petr
->Temp folder emptied: 837768 bytes
->Temporary Internet Files folder emptied: 496750 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 163887490 bytes
->Flash cache emptied: 34947 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1134907 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 180,00 mb


OTM by OldTimer - Version 3.1.16.1 log created on 09262010_010926

[Roli]

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !


Stáhni HD Tune a otestuj HDD.

Benchmark - Test disku Klikni na tlačítko Start a vyčkej dokud se nezaplní celý graf. Poté se dozvíš přenosovou rychlost a přístupový čas pevného disku.

Info Přesná kapacita, souborový systém, podporované funkce, verze firmware, sériové číslo a typ zapojení disků.

Health - Kondice Seznam důležitých parametrů a jejich hodnoty. Ideální je mít všude OK.

Když je nějaká položka žlutá pravděpodobně brzy změní status na failed. Když je červená má status failed, to by znamenalo výměnu disku.

Error Scan - Hledání chyb Klikni na tlačítko Start a program prozkoumá disk zda na něm nejsou vadné bloky.

Pokud na konci testu jsou všechny zelené, je vše v pořádku. Když je byť jeden z nich červený, doporučuji zazálohovat data a počítat s výměnou disku.

Teplota Teploměr nahoře a číslo vedle něj znázorňují teplotu disku. Normální hodnota je pod 50°C. Teplota ale nesmí přesáhnout 60°C, program upozorní když dosáhne hranice 55°C.

[Cayler]

tak CCleaner netreba predstavovat pouzivam ho s oblibou jak na cisteni registru, tak na kontrolu po startu spoustenych aplikaci i cisteni. HDD bezne sleduji pomoci SpeedFAN, ale zkusil jsem tedy i HD Tune a nasel jsem jeden poskozeny block. ovsem muj problem pretrvava. po nacteni plochy dojde k zamrznuti a do monitoru nejde zadny signal aktualizoval jsem ovladace graficke karty, aktualizoval jsem directX, zkontroloval jsem aktualizace win a porad jsem na tom samem.

[Roli]

Pokud lze s PC něco dělat a dochází jen ke "chvilkovému" zamrznutí jako že asi ano

když z něho posíláš log a něco na něm provádíš zkusíme použít větší kalibr a podíváme se zda

to nedělá nějaký šmejd jen upozorním abys pozorně četl návod, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

[Cayler]

bohuzel nejde o chvilkove zamrznuti.pro klasickem bootu systemu se nacte plocha,vse vypada ok,ale pri jakemkoli kliknuti na cokoli dojde k padu,zcernani obrazovky=totalni vytuh:-).system jde pouze v nouzovem rezimu.jdu zkusit combofix.

[Roli]

Dobře tedy zkus spustit ComboFix v nouzovém režimu.

[Cayler]

zde je log z Comba:


ComboFix 10-09-25.07 - Petr 26.09.2010 23:25:25.1.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1023.717 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petr\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-08-26 do 2010-09-26 )))))))))))))))))))))))))))))))
.

2010-09-26 09:49 . 2010-09-26 09:49 -------- d-----w- c:\program files\HD Tune
2010-09-26 00:37 . 2010-09-26 00:37 23510720 ----a-w- C:\dotnetfx.exe
2010-09-25 23:09 . 2010-09-25 23:09 -------- d-----w- C:\_OTM
2010-09-25 09:19 . 2010-09-26 00:23 -------- d-----w- c:\program files\trend micro
2010-09-25 09:19 . 2010-09-25 09:19 -------- d-----w- C:\rsit
2010-09-24 23:03 . 2010-09-24 23:03 -------- d-sh--w- c:\documents and settings\Petr\IECompatCache
2010-09-24 23:02 . 2010-09-24 23:02 -------- d-sh--w- c:\documents and settings\Petr\PrivacIE
2010-09-22 17:56 . 2010-09-22 17:56 1 ----a-w- c:\documents and settings\Petr\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-22 17:56 . 2010-09-22 17:56 -------- d-----w- c:\documents and settings\Petr\Application Data\OpenOffice.org
2010-09-22 17:55 . 2010-09-22 17:55 -------- d-----w- c:\program files\OpenOffice.org 3
2010-09-22 17:54 . 2010-09-22 17:54 -------- d-----w- c:\program files\OpenOffice
2010-09-22 16:57 . 2010-09-22 16:57 -------- d-----w- c:\documents and settings\Petr\Local Settings\Application Data\ESET
2010-09-22 16:46 . 2010-09-22 16:46 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-09-20 16:09 . 2010-09-20 16:09 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-09-20 16:08 . 2010-09-20 16:08 -------- d-----w- c:\documents and settings\Petr\Local Settings\Application Data\Sunbelt Software
2010-09-20 16:07 . 2010-09-26 00:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-09-20 15:14 . 2009-10-21 05:38 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll
2010-09-20 15:14 . 2009-10-21 05:38 25088 ------w- c:\windows\system32\dllcache\httpapi.dll
2010-09-20 15:14 . 2009-10-20 16:20 265728 ------w- c:\windows\system32\dllcache\http.sys
2010-09-20 15:13 . 2010-09-20 15:13 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2010-09-20 14:15 . 2010-09-20 14:15 -------- d-----w- c:\documents and settings\Petr\Local Settings\Application Data\O&O
2010-09-20 14:12 . 2010-09-20 14:12 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-09-20 14:12 . 2010-09-20 14:12 -------- d-sh--w- c:\documents and settings\Petr\IETldCache
2010-09-20 14:10 . 2010-06-18 11:39 16896 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-09-20 14:09 . 2010-09-20 15:14 -------- d-----w- c:\windows\ie8updates
2010-09-20 14:09 . 2010-06-24 12:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-09-20 14:09 . 2010-06-24 12:21 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-09-20 14:09 . 2010-06-24 12:21 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-09-20 14:08 . 2010-09-20 14:09 -------- dc-h--w- c:\windows\ie8
2010-09-20 12:36 . 2010-09-20 12:36 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Downloaded Installations
2010-09-20 11:59 . 2010-09-20 11:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\AdobeUM
2010-09-20 11:58 . 2010-09-20 11:58 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2010-09-19 23:10 . 2008-04-14 04:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-09-19 23:10 . 2009-01-07 16:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-09-19 23:08 . 2010-09-19 23:08 -------- d-----w- c:\program files\MSXML 4.0
2010-09-19 23:05 . 2010-04-16 15:36 406016 ------w- c:\windows\system32\dllcache\usp10.dll
2010-09-19 23:04 . 2010-06-30 12:23 149504 ------w- c:\windows\system32\dllcache\schannel.dll
2010-09-19 23:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-09-19 23:02 . 2010-06-18 13:36 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-09-19 23:02 . 2010-07-22 05:57 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-09-19 23:02 . 2008-04-21 12:08 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-09-19 23:02 . 2009-12-09 05:53 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll
2010-09-19 23:01 . 2009-12-24 06:42 178176 ------w- c:\windows\system32\dllcache\wintrust.dll
2010-09-19 23:01 . 2010-01-13 14:01 86016 ------w- c:\windows\system32\dllcache\cabview.dll
2010-09-19 18:52 . 2010-09-19 18:52 -------- d-----w- c:\program files\CCleaner
2010-09-18 22:16 . 2010-09-20 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-09-18 22:16 . 2010-09-20 12:25 -------- d-----w- c:\program files\NVIDIA Corporation
2010-09-18 22:11 . 2010-09-26 17:50 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-09-18 18:05 . 2010-09-18 18:05 -------- d-----w- C:\PFiles
2010-09-18 15:23 . 2010-09-18 18:23 -------- d-----w- C:\The Simpsons
2010-09-06 08:26 . 2010-09-06 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Samsung
2010-09-06 08:09 . 2010-09-06 08:21 142480808 ----a-w- c:\documents and settings\Petr\Application Data\Samsung\New PC Studio\LiveUpdate\Setup_Full_Update_NPS2_10064_2.exe
2010-08-31 18:03 . 2010-08-31 18:03 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-08-30 15:56 . 2010-08-30 15:56 -------- d-----w- c:\program files\Free Space Screensaver

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-26 00:45 . 2010-09-26 00:39 -------- d-----w- c:\program files\WinXP Manager
2010-09-20 16:02 . 2009-05-15 22:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Agnitum
2010-09-20 16:01 . 2009-09-28 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-19 18:59 . 2009-06-20 16:22 -------- d-----w- c:\documents and settings\Petr\Application Data\Media Player Classic
2010-09-18 17:21 . 2009-09-28 18:00 -------- d-----w- c:\documents and settings\Petr\Application Data\vlc
2010-09-18 16:08 . 2009-09-28 18:29 -------- d-----w- c:\documents and settings\Petr\Application Data\dvdcss
2010-09-09 16:31 . 2009-05-21 09:23 -------- d-----w- c:\documents and settings\Petr\Application Data\Skype
2010-09-09 14:08 . 2009-05-16 16:53 -------- d-----w- c:\documents and settings\Petr\Application Data\skypePM
2010-09-06 08:26 . 2009-11-02 14:30 -------- d-----w- c:\program files\Samsung
2010-08-17 13:17 . 2008-04-14 04:42 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-22 15:49 . 2008-04-14 04:42 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-09 22:38 . 2009-05-15 22:30 604776 ----a-w- c:\windows\system32\nvudisp.exe
2010-07-07 11:46 . 2009-05-15 22:30 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-30 12:23 . 2009-01-08 19:11 149504 ----a-w- c:\windows\system32\schannel.dll
.

------- Sigcheck -------

[-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys

[-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2010-09-06 08:23 90112 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-06-10 06:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-06-10 06:28 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-06-10 06:29 1657376 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-04-17 07:34 16143872 ------r- c:\windows\RTHDCPL.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

S2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [16.5.2009 18:21 9728]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2.11.2009 16:33 233472]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [15.5.2009 10:34 5824]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2.11.2009 16:33 36608]
S3 ipw_bus;IPWireless;c:\windows\system32\drivers\ipw_bus.sys [16.5.2009 18:21 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter;c:\windows\system32\drivers\ipw_mdfl.sys [16.5.2009 18:21 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM);c:\windows\system32\drivers\ipw_mdm.sys [16.5.2009 18:21 95440]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-884357618-1801674531-1003Core.job
- c:\documents and settings\Petr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 10:45]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-884357618-1801674531-1003UA.job
- c:\documents and settings\Petr\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 10:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-RealFlight2 - D:\CPanel.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-26 23:27
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="F17C54E04EA0B29F74C8163E04F24B699A8FC87F02DE4BA675DC08FEA29EB44F2C0A61D5D0444C1CF74924F14DF3757F2E86B67803E815F55B1F10FA61D387A1EB59B07DD87E2CB36A3730C85648F3ACC31D5D0FD8E890E8A8B7EF639310A4797348BFF99FC60C5325FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794C038D530D6EB34525D575E7D6A3B9808A97C23928D1933C94B63D27B79BFF4191C51F9E4FBE9A52F1C3F53B78E05EE5A9E71BFBAA9D574B9903B0DBF284708BD8449056C05B7212C930158075DE8ACBD1070D05ED0EC294B06CB54B822349181077CB957B4A19B31D23EF086D4AC4427BFCEF0C6CD21A796012C8377555D36973163529E3F2B29A93CEFD2B80C28D3D605A5739C3FB9BCD8EDB6296E05180D53A43B3920AB5C4DA3C6D2E483F1316EB54CD4DEF19680A76F4F8A08F7C640A52F17820E9CD5C384507BE846B1C4A89CCC147DE93818C49DDF370C174F87B58046D07DA33A6EF1BB07F976C5F11AED57CC6E068447DF59465250600194845D905B2F350302F77954BF7385E8D6DAE810078597505BD9143D91D475224DD01D4152A4F5E662CA75A51AAEE2E5D54581A7F312A22013C84F930F95F78F61D3E16E3335CE3EAA93817956059F2C496725762E64D700F1426BCB5CF5DB0E9D489AE9AC7A15AE11503E8CDBE6115B7128C64773DFACACDF2F49DEB370581A313BBAF70FA0DF8CB0D54F9234544F466EBF5C59A77A5D98A74E5139708FE8E0B1123BD1CEEB0C6585CBDE310CE539F748BADDDE5142E5E678326CB990F34C441781962405AE3A786F2D990137C36E2C697A4AFE9BD389F3663F8935BAD2055BBD95CB90EED34D3A374C2F122AACD5529D3222D4D463CD4B68AF9CF2B5735CF1E6ACDF2CEDD76E5004C9D4E400F297101BEB6C7070B8FD2F5B909B306D31DA05B5785A8005CC0917621FC27075FD203DF584325386AEA695FBC5801CF0FE52C7320246885ED7CD9E4618369D6CC6A16729AC01764F349BA66F82C9DB755F53A04B22B3374731302A045470CCEBDB90CD926969422B4CF2C1BDD17C06526A362A4E88B571AFA6693154C634CC1E6027E5751204971E8F05F6CF121C27044D96B272B7E410AC1A745E55B74B66CE89E057F7D4E6C9CCA8F18CF7F336BE29C6533DCD065DDD7880921288C40252F0A18000A332331E83D69AFB687D57C106AD0F005E9FBC20EE63C76053D92A3E9B880AEEE7FE0851B1EDA572B688921804E7B1E4040228088F5FDB8F7E3E174D072E476A17640B11E753FDD16144FE9CACF2650C0200C6C002A5DA9C37882215119A46E8685E67025F04CFAE4630B7A1B2DE1A468241C3678DFB94B411A3279EBD665618F33DC9B9720F8E54A8225A69"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2036)
c:\windows\system32\WININET.dll
.
Celkový čas: 2010-09-26 23:28:07
ComboFix-quarantined-files.txt 2010-09-26 21:28

Před spuštěním: 148 676 395 008 bytes free
Po spuštění: 148 646 055 936 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=""
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="" /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 77EC158E87D152BA6FBB5467FA0A35D2

[Roli]

Než budeme pokračovat, tohle :

c:\windows\system32\drivers\tcpip.sys

c:\windows\system32\sfcfiles.dll

otestuj na VIRUSTOTAL

(po načtení stránky klikni na tlačítko Procházet, najdi cestu k výše zmíněnému souboru a klikni na tlačítko Odeslat soubor

trvá to okolo deseti minut pak mi sem zkopíruj link, to je ten řádek nahoře v prohlížeči)

[Cayler]

takze zde jsou linky:
http://www.virustotal.com/file-scan/rep ... 1285611345

http://www.virustotal.com/file-scan/rep ... 1285611598

[Roli]

Šmejdem to tedy nebude tak že přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


No jo co tedy s tebou takhle na dálku

Může se jednat o grafiku, její výstup nebo problém s napájením.

Pokud to tvoje grafika umožňuje zkus použít jiný výstup na monitor nebo pokud ho má tvoje základní deska

přepoj to do ní, jen to před tím budeš muset povolit v BIOSu, nebo tu stávající odpojit (fyzicky odebrat) z PC.

Pak dej vědět jak si dopadl.

[Cayler]

Tak jsem procistil PC dle rad a hral si s grafarnou. Zkousel jsem ruzne vystupy na ruzne monitory a jsem porad na tom samem. To ze by se mohlo jednat o problem s grafikou jsem si myslel od sameho zacatku, ovsem, kdyz se vyskytla havet, tak jsme dosel k zaveru, ze za to muze ona. Pak jsem premyslel, jestli ona havet uz nezacala nicit samotna Wokna. Tzn. pravdepodobne by pomohl reinstal, lepe vsak cista nova instalace? Nebo je tu najhorsi variqanta, ze odesla grafika. Jeste ji muzu vyzkouset zapojit do jineho PC?

[Roli]

Ano do jiného PC ji zkusit můžeš jen budeš muset nainstalovat i její ovladače.

Nebo to vem přes samotný OS.

Přes Start >> Spustit zkopíruj do okna:

dxdiag

a stiskni Enter

Otevře se okno ve kterém na kartě Zobrazení můžeš svojí grafiku svým způsobem testnout.

Nenacpal jsi tam nějaké jiné ovladače než potřebuje tvoje grafika ?

Co jsi naposled instaloval než to spadlo ?