Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Občasné zamrznutí PC po startu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Občasné zamrznutí PC po startu
a máte na mysli nějaké konkrétní dopoledne? .)
Re: Občasné zamrznutí PC po startu
Pardon,dostal jsem se k pc az ted 
:arrow:Doinstalujte Service Pack 3
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!
Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
V operacnich systemech Windows Vista a Windows 7 je nutno spoustet aplikaci jako spravce (kliknutim pravym tlacitkem mysi na ikonu ComboFixu a klepnutim levym na volbu "Spustit jako spravce")
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
:arrow:Doinstalujte Service Pack 3
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
V operacnich systemech Windows Vista a Windows 7 je nutno spoustet aplikaci jako spravce (kliknutim pravym tlacitkem mysi na ikonu ComboFixu a klepnutim levym na volbu "Spustit jako spravce")
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Občasné zamrznutí PC po startu
log z ComboFixu:
ComboFix 10-10-15.03 - Uživatel 16.10.2010 15:53:05.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2915 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-16 do 2010-10-16 )))))))))))))))))))))))))))))))
.
2010-10-14 13:35 . 2010-10-14 13:35 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2010-10-14 13:35 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-14 13:35 . 2010-10-14 13:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-14 13:35 . 2010-10-14 13:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-10-14 13:35 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-14 07:18 . 2010-10-15 14:55 -------- d-----w- c:\program files\SpeedFan
2010-10-13 22:30 . 2010-10-16 11:41 -------- d-----w- c:\program files\HD Tune
2010-10-13 12:41 . 2010-10-13 13:04 -------- d-----w- C:\Unreal2
2010-10-13 12:41 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-10-13 12:41 . 2001-09-05 01:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-10-13 12:41 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-10-13 12:41 . 2001-09-05 01:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-10-13 12:41 . 2002-07-26 00:07 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2010-10-12 20:40 . 2010-10-12 20:40 -------- d-----w- C:\rsit
2010-10-09 11:43 . 2010-10-10 08:05 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\codeblocks
2010-10-09 11:42 . 2010-10-09 11:43 -------- d-----w- c:\program files\CodeBlocks
2010-10-06 21:11 . 2010-09-15 15:18 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe
2010-09-25 15:44 . 2010-09-25 15:44 -------- d-----w- c:\program files\OO Software
2010-09-25 15:41 . 2010-09-25 15:41 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Downloaded Installations
2010-09-25 15:39 . 2010-09-25 15:39 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2010-09-10 2771784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [10.9.2010 13:01 2320712]
S3 ES;ES;c:\docume~1\UIVATE~1\LOCALS~1\Temp\ES.exe --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\ES.exe [?]
S3 PPUXMFIFC;PPUXMFIFC;c:\docume~1\UIVATE~1\LOCALS~1\Temp\PPUXMFIFC.exe --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\PPUXMFIFC.exe [?]
S3 SVAXXOAC;SVAXXOAC;c:\docume~1\UIVATE~1\LOCALS~1\Temp\SVAXXOAC.exe --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\SVAXXOAC.exe [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
"OODEFRAG14.00.00.01PROFESSIONAL"="C3EAA2E7449BB131F40EC4396137FB052CE21B7B29ACBDB707DFCC710D7EEAF8537A6450F261B2579B8029A78842E507C0CD8C1124237080A4CA2C39B9BFDB7266BADDB25D85E77328E2CD1951DEB21970F12D082E4C6CCE8D4875DB91C71D8195032FCCE3037EA0ED60D3CA27ED6066E66E3FB9DA0CA076658DAA70F1A2AE499E3A3B124DABA5EBE13721AC58A3F006F277C8B4239D80BDF3E19242982D15DDE1DEAAABC1A193571E3A5EE416096789865492BADF8D826225A3B94EAB9C58486501FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6171C11EC38DE3DBA7FD869164D6794D926C61030215B3810D23628D0B2B5BABD826FCAAE4D52A1BC8FB229507C11555EF43D172AA11FD5EF4DB6B1A0DEB5944728B6D91B54E80D6232547DAEABF5BB13224D2E5577BB59418635882F5BAA6E3853B572DD0DD5B581C7E59A6C1D0945D927ACDA3D167616A9362DD89AE66FD39595D102C7A33079A264D6D4A80A394459B1F0F675E538F58C46819F09B88660A937544EAC3B33CA8CC8F65509A197217A2295B194428AF31956F4B09F781445FC356C6E65693AB0CD707E19B8885DD7EC107B8A367C20A03B3830320C436148E23D29CD4FB7C9C5360688EF6554E4762243E4D77757C99FA7F13F9FFB2B5AC26C3380ACC92506375B6A91FE3F102C1F503979C47C0B822BD43F93C625B38FA1752ECC9E39A2B8C618B2FD3F7C3BD60CF024C4CD6A44648DFE8C804CBD5638E517FA4A8B0818514C87A791FD58492B06446AB546EC23AE28247FBEA40280ACA532971CAF22DC60310B4479DA0D20946E49A320D1B1BBC76F876BEA9B3293E78AEBB9C599F7C19C74C83B424C609C2236499F3C6AEC9435EAB15D855090630C4F2C46B0AD7E86DEA7A86E5F19150B0666CCDC2360D42B24B66B1272B4663BDDC81EDA2C242D632670D9F9275F753118192193D553236F6484C6FC7B117D54465A334668888280148ACAA6D310CF4453FE5A2DB8B89745E81794C4CA7E2763D27C1E0C7ABA7D7CEDC4B27703ED7570D4D94EC490DB7383CA47EBC3F2ECB58C333E58E35C6D24E81EFD0A9F3815BBD3E10216AE8B59FEF74681A987669E02E63EBF9DB8EAAAFE4DB2308E8959EEFC815FE2906FB6A2836239456CD400A96781E9B6ED2AE7CB99225E643F4FB0BE9581D9FA5F3F07005075A8A89620F97AC4DDD5EC8C0DF80206D5743864C2EC18E8CD7EDC698DD308B85BBDD1CF9474CEFD6EC13E836728D0D64BF05E05E72164DAD522B2D7FA57AA12ADC17E0391F5397B1E129D1EF5600F27D7721D6FF7C1DE56FBBAB4995D31A8377EA77EDF27E521A8C9D00FEB26756991C4394FB3DEAA1A499863B3613E669887CF0036D89F90C174C2"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-10-16 15:58:33
ComboFix-quarantined-files.txt 2010-10-16 13:58
Před spuštěním: Volných bajtů: 771 472 887 808
Po spuštění: Volných bajtů: 771 974 561 792
- - End Of File - - A125ED17C97B33B944881FF73E17837A
ComboFix 10-10-15.03 - Uživatel 16.10.2010 15:53:05.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2915 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-16 do 2010-10-16 )))))))))))))))))))))))))))))))
.
2010-10-14 13:35 . 2010-10-14 13:35 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2010-10-14 13:35 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-14 13:35 . 2010-10-14 13:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-14 13:35 . 2010-10-14 13:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-10-14 13:35 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-14 07:18 . 2010-10-15 14:55 -------- d-----w- c:\program files\SpeedFan
2010-10-13 22:30 . 2010-10-16 11:41 -------- d-----w- c:\program files\HD Tune
2010-10-13 12:41 . 2010-10-13 13:04 -------- d-----w- C:\Unreal2
2010-10-13 12:41 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-10-13 12:41 . 2001-09-05 01:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-10-13 12:41 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-10-13 12:41 . 2001-09-05 01:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-10-13 12:41 . 2002-07-26 00:07 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2010-10-12 20:40 . 2010-10-12 20:40 -------- d-----w- C:\rsit
2010-10-09 11:43 . 2010-10-10 08:05 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\codeblocks
2010-10-09 11:42 . 2010-10-09 11:43 -------- d-----w- c:\program files\CodeBlocks
2010-10-06 21:11 . 2010-09-15 15:18 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe
2010-09-25 15:44 . 2010-09-25 15:44 -------- d-----w- c:\program files\OO Software
2010-09-25 15:41 . 2010-09-25 15:41 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Downloaded Installations
2010-09-25 15:39 . 2010-09-25 15:39 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2010-09-10 2771784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [10.9.2010 13:01 2320712]
S3 ES;ES;c:\docume~1\UIVATE~1\LOCALS~1\Temp\ES.exe --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\ES.exe [?]
S3 PPUXMFIFC;PPUXMFIFC;c:\docume~1\UIVATE~1\LOCALS~1\Temp\PPUXMFIFC.exe --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\PPUXMFIFC.exe [?]
S3 SVAXXOAC;SVAXXOAC;c:\docume~1\UIVATE~1\LOCALS~1\Temp\SVAXXOAC.exe --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\SVAXXOAC.exe [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
"OODEFRAG14.00.00.01PROFESSIONAL"="C3EAA2E7449BB131F40EC4396137FB052CE21B7B29ACBDB707DFCC710D7EEAF8537A6450F261B2579B8029A78842E507C0CD8C1124237080A4CA2C39B9BFDB7266BADDB25D85E77328E2CD1951DEB21970F12D082E4C6CCE8D4875DB91C71D8195032FCCE3037EA0ED60D3CA27ED6066E66E3FB9DA0CA076658DAA70F1A2AE499E3A3B124DABA5EBE13721AC58A3F006F277C8B4239D80BDF3E19242982D15DDE1DEAAABC1A193571E3A5EE416096789865492BADF8D826225A3B94EAB9C58486501FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6171C11EC38DE3DBA7FD869164D6794D926C61030215B3810D23628D0B2B5BABD826FCAAE4D52A1BC8FB229507C11555EF43D172AA11FD5EF4DB6B1A0DEB5944728B6D91B54E80D6232547DAEABF5BB13224D2E5577BB59418635882F5BAA6E3853B572DD0DD5B581C7E59A6C1D0945D927ACDA3D167616A9362DD89AE66FD39595D102C7A33079A264D6D4A80A394459B1F0F675E538F58C46819F09B88660A937544EAC3B33CA8CC8F65509A197217A2295B194428AF31956F4B09F781445FC356C6E65693AB0CD707E19B8885DD7EC107B8A367C20A03B3830320C436148E23D29CD4FB7C9C5360688EF6554E4762243E4D77757C99FA7F13F9FFB2B5AC26C3380ACC92506375B6A91FE3F102C1F503979C47C0B822BD43F93C625B38FA1752ECC9E39A2B8C618B2FD3F7C3BD60CF024C4CD6A44648DFE8C804CBD5638E517FA4A8B0818514C87A791FD58492B06446AB546EC23AE28247FBEA40280ACA532971CAF22DC60310B4479DA0D20946E49A320D1B1BBC76F876BEA9B3293E78AEBB9C599F7C19C74C83B424C609C2236499F3C6AEC9435EAB15D855090630C4F2C46B0AD7E86DEA7A86E5F19150B0666CCDC2360D42B24B66B1272B4663BDDC81EDA2C242D632670D9F9275F753118192193D553236F6484C6FC7B117D54465A334668888280148ACAA6D310CF4453FE5A2DB8B89745E81794C4CA7E2763D27C1E0C7ABA7D7CEDC4B27703ED7570D4D94EC490DB7383CA47EBC3F2ECB58C333E58E35C6D24E81EFD0A9F3815BBD3E10216AE8B59FEF74681A987669E02E63EBF9DB8EAAAFE4DB2308E8959EEFC815FE2906FB6A2836239456CD400A96781E9B6ED2AE7CB99225E643F4FB0BE9581D9FA5F3F07005075A8A89620F97AC4DDD5EC8C0DF80206D5743864C2EC18E8CD7EDC698DD308B85BBDD1CF9474CEFD6EC13E836728D0D64BF05E05E72164DAD522B2D7FA57AA12ADC17E0391F5397B1E129D1EF5600F27D7721D6FF7C1DE56FBBAB4995D31A8377EA77EDF27E521A8C9D00FEB26756991C4394FB3DEAA1A499863B3613E669887CF0036D89F90C174C2"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-10-16 15:58:33
ComboFix-quarantined-files.txt 2010-10-16 13:58
Před spuštěním: Volných bajtů: 771 472 887 808
Po spuštění: Volných bajtů: 771 974 561 792
- - End Of File - - A125ED17C97B33B944881FF73E17837A
Re: Občasné zamrznutí PC po startu
Doinstalujte ten SP 3,jak jsem psal. Stahnete si OTM , spustte (pokud mate vistu spuste run as administrator) a do leveho policka se zlutym hornim okrajem Paste Instructions for Items to be Moved zkopirujte toto:
Kód: Vybrat vše
:processes
explorer.exe
:files
c:\Documents and Settings\Uzivatel\Local Settings\Temp\PPUXMFIFC.exe
c:\Documents and Settings\Uzivatel\Local Settings\Temp\SVAXXOAC.exe
c:\Documents and Settings\Uzivatel\Local Settings\Temp\ES.exe
:services
PPUXMFIFC
SVAXXOAC
ES
:commands
[purity]
[emptytemp]
[createrestorepoint]
[resethosts]
[start explorer]
[reboot]
Kliknete na MoveIt, v okne se zelenym hornim okrajem Results se objevi vysledek,obsah okna zkopirujte sem. Kdyby OTMoveIt vyzadoval restart - povolit. Nasledujici log najdete v C:\_OTMoveIt\MovedFiles\xxxxx.log (x je zastupny znak) ktery otevrete v poznamkovem bloku.
A popiste chovani pc.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Občasné zamrznutí PC po startu
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder c:\Documents and Settings\Uzivatel\Local Settings\Temp\PPUXMFIFC.exe not found.
File/Folder c:\Documents and Settings\Uzivatel\Local Settings\Temp\SVAXXOAC.exe not found.
File/Folder c:\Documents and Settings\Uzivatel\Local Settings\Temp\ES.exe not found.
========== SERVICES/DRIVERS ==========
Service PPUXMFIFC stopped successfully!
Service PPUXMFIFC deleted successfully!
Service SVAXXOAC stopped successfully!
Service SVAXXOAC deleted successfully!
Service ES stopped successfully!
Service ES deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Uživatel
->Temp folder emptied: 784654 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 58497435 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 7068 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 57,00 mb
Restore point Set: OTM Restore Point (0)
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.16.1 log created on 10162010_164248
Files moved on Reboot...
Registry entries deleted on Reboot...
nic neobvyklého se neděje - to že se mi po startu zasekne PC se stávalo jen občas a od doby co jsem napsal na Viry.cz se mi to nestalo (a to jsem restartoval mockrát...)
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder c:\Documents and Settings\Uzivatel\Local Settings\Temp\PPUXMFIFC.exe not found.
File/Folder c:\Documents and Settings\Uzivatel\Local Settings\Temp\SVAXXOAC.exe not found.
File/Folder c:\Documents and Settings\Uzivatel\Local Settings\Temp\ES.exe not found.
========== SERVICES/DRIVERS ==========
Service PPUXMFIFC stopped successfully!
Service PPUXMFIFC deleted successfully!
Service SVAXXOAC stopped successfully!
Service SVAXXOAC deleted successfully!
Service ES stopped successfully!
Service ES deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Uživatel
->Temp folder emptied: 784654 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 58497435 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 7068 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 57,00 mb
Restore point Set: OTM Restore Point (0)
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.16.1 log created on 10162010_164248
Files moved on Reboot...
Registry entries deleted on Reboot...
nic neobvyklého se neděje - to že se mi po startu zasekne PC se stávalo jen občas a od doby co jsem napsal na Viry.cz se mi to nestalo (a to jsem restartoval mockrát...)
Re: Občasné zamrznutí PC po startu
Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho
Stahnete OTCspustte a klepnete na CleanUp.
Vycistete pc Ccleanerem.Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.
Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich
(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo
)Aplikace-u prohlizecu internetu odskrtnout Historii internetu.
Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy
(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).
Taktez 2x-3x po sobe.
A hotovo.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Občasné zamrznutí PC po startu
hotovo - děkuji za pomoc
Re: Občasné zamrznutí PC po startu
Nemate zac. 
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Přispějete na provoz fóra?