Zničehonic výrazné zpomalení PC, prosím o kontrolu logu

[Lukas0801]

Zdravím všechny,

od začátku používání mého PC se ho snažím chránit co nejvíce to jde. Asi včera se počítač začal šíleně zpomalovat při všech činnostech, dokonce i video ve full screen se seká. Moc prosím o kontrolu logu. Děkuji moc předem

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukáš at 2011-03-17 21:41:06
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 41 GB (58%) free of 71 GB
Total RAM: 2302 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:30, on 17.3.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Users\LUK~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Lukáš\Desktop\RSIT.exe
C:\Program Files\trend micro\Lukáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MI699F~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI699F~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

--
End of file - 5057 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{C99D44FE-6106-4B54-A7EB-7813D48159D8}.job
C:\Windows\tasks\User_Feed_Synchronization-{E72B3509-C51D-4B86-A132-343CFF2B166D}.job
C:\Windows\tasks\User_Feed_Synchronization-{F8B29309-FDE9-4E1E-A4AC-FFE381F28C99}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-22 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-04-12 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-04-12 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-04-12 81920]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-03-17 21:41:06 ----D---- C:\rsit
2011-03-17 21:33:39 ----D---- C:\Program Files\trend micro
2011-03-17 21:02:58 ----ASH---- C:\hiberfil.sys
2011-03-17 14:55:15 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-03-17 14:55:15 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-03-09 12:02:29 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 12:02:28 ----A---- C:\Windows\system32\sbeio.dll
2011-03-09 12:02:28 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 12:02:26 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 12:02:25 ----A---- C:\Windows\system32\mstsc.exe
2011-03-01 21:31:26 ----D---- C:\Program Files\CPUID
2011-03-01 19:41:16 ----A---- C:\Windows\system32\drivers\nhcDriver.sys
2011-03-01 19:41:08 ----D---- C:\Users\Lukáš\AppData\Roaming\Notebook Hardware Control
2011-02-28 19:22:32 ----D---- C:\Program Files\Microsoft Security Client
2011-02-28 19:21:51 ----A---- C:\Windows\system32\drivers\netio.sys
2011-02-28 16:46:27 ----D---- C:\NVIDIA
2011-02-21 14:04:33 ----D---- C:\Users\Lukáš\AppData\Roaming\Media Player Classic

======List of files/folders modified in the last 1 months======

2011-03-17 21:41:00 ----D---- C:\Windows\Temp
2011-03-17 21:39:39 ----D---- C:\Windows\Prefetch
2011-03-17 21:33:39 ----RD---- C:\Program Files
2011-03-17 21:07:38 ----HD---- C:\Windows\system32\GroupPolicyUsers
2011-03-17 21:02:02 ----A---- C:\Windows\ntbtlog.txt
2011-03-17 18:20:56 ----SHD---- C:\System Volume Information
2011-03-17 18:18:51 ----D---- C:\Windows\system32\drivers
2011-03-17 18:18:51 ----D---- C:\Windows\System32
2011-03-17 18:17:41 ----SHD---- C:\Windows\Installer
2011-03-17 18:17:40 ----HD---- C:\ProgramData
2011-03-17 18:16:44 ----D---- C:\Windows\winsxs
2011-03-17 18:16:40 ----D---- C:\Program Files\Common Files
2011-03-17 01:02:12 ----D---- C:\Windows\system32\LogFiles
2011-03-16 19:59:49 ----D---- C:\Users\Lukáš\AppData\Roaming\Skype
2011-03-11 17:24:34 ----SD---- C:\Users\Lukáš\AppData\Roaming\Microsoft
2011-03-10 16:09:05 ----AD---- C:\ProgramData\TEMP
2011-03-09 14:52:24 ----D---- C:\Users\Lukáš\AppData\Roaming\ICQ
2011-03-09 14:12:57 ----D---- C:\Windows\Debug
2011-03-09 14:12:55 ----A---- C:\Windows\system32\mrt.exe
2011-03-09 14:12:51 ----D---- C:\Windows\system32\catroot
2011-03-09 14:11:58 ----D---- C:\Windows\system32\catroot2
2011-03-06 00:41:56 ----D---- C:\Program Files\Mozilla Firefox
2011-03-01 16:11:22 ----A---- C:\Windows\ODBC.INI
2011-03-01 15:57:14 ----D---- C:\ProgramData\Microsoft Help
2011-03-01 15:57:06 ----RSD---- C:\Windows\assembly
2011-03-01 15:56:47 ----D---- C:\Program Files\Microsoft Office
2011-03-01 15:56:47 ----D---- C:\Program Files\Common Files\microsoft shared
2011-03-01 15:54:43 ----D---- C:\Windows\ShellNew
2011-03-01 10:34:39 ----RSD---- C:\Windows\Fonts
2011-02-28 23:08:42 ----D---- C:\Windows\inf
2011-02-28 23:08:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-28 19:23:37 ----AD---- C:\Windows
2011-02-28 19:23:00 ----SD---- C:\ProgramData\Microsoft
2011-02-28 19:21:16 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\Windows\system32\drivers\nhcDriver.sys [2011-03-01 71680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-23 691696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl5109a082;MpKsl5109a082; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{546F47AF-E6DD-403A-A786-20E798329779}\MpKsl5109a082.sys [2011-03-17 28752]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-18 95744]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-18 737280]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-17 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-04-12 7476640]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-05-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-02 1749376]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys []
S3 afdmch97;afdmch97; C:\Windows\system32\drivers\afdmch97.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\Windows\system32\DRIVERS\MSIRCOMM.sys [2008-01-18 24064]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\Windows\system32\DRIVERS\irstusb.sys [2008-01-18 30208]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 XDva367;XDva367; \??\C:\Windows\system32\XDva367.sys []
S3 XDva368;XDva368; \??\C:\Windows\system32\XDva368.sys []
S3 XDva370;XDva370; \??\C:\Windows\system32\XDva370.sys []
S3 XDva372;XDva372; \??\C:\Windows\system32\XDva372.sys []
S3 XDva374;XDva374; \??\C:\Windows\system32\XDva374.sys []
S3 XDva377;XDva377; \??\C:\Windows\system32\XDva377.sys []
S3 XDva383;XDva383; \??\C:\Windows\system32\XDva383.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-13 136176]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[JaRon]

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
XDva367
XDva368
XDva370
XDva372
XDva374
XDva377
XDva383

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[Lukas0801]

Děkuji za odpověď, přikládám log...ačkoliv provedl combofix i kontrolu počítače, ale žádné zlepšení necítím Ačkoliv jsem přes správce úloh vypnul MSSE, Combofix stále hlásil, že je zapnutý, a tak jsem to ignoroval. Děkuji za další instrukce, L.
--

ComboFix 11-03-17.02 - Lukáš 18.03.2011 14:41:25.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2302.1363 [GMT 1:00]
Spuštěný z: c:\users\Lukáš\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lukáš\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 48 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20101007.txt
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera \Uninstall.lnk
c:\users\Kamil\ntuser.pol
c:\users\Radek\ntuser.pol
c:\windows\System32\Desktop_.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA367
-------\Legacy_XDVA368
-------\Legacy_XDVA370
-------\Legacy_XDVA372
-------\Legacy_XDVA374
-------\Legacy_XDVA377
-------\Legacy_XDVA383
-------\Service_XDva367
-------\Service_XDva368
-------\Service_XDva370
-------\Service_XDva372
-------\Service_XDva374
-------\Service_XDva377
-------\Service_XDva383
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-18 do 2011-03-18 )))))))))))))))))))))))))))))))
.
.
2011-03-18 14:02 . 2011-03-18 14:03 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{546F47AF-E6DD-403A-A786-20E798329779}\MpKsl7e0b65f4.sys
2011-03-18 13:59 . 2011-03-18 14:03 -------- d-----w- c:\users\Lukáš\AppData\Local\temp
2011-03-18 13:59 . 2011-03-18 13:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-18 13:59 . 2011-03-18 13:59 -------- d-----w- c:\users\Radek\AppData\Local\temp
2011-03-18 13:59 . 2011-03-18 13:59 -------- d-----w- c:\users\Kamil\AppData\Local\temp
2011-03-18 10:39 . 2011-03-18 10:39 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{546F47AF-E6DD-403A-A786-20E798329779}\MpKsl7afff2c6.sys
2011-03-17 20:41 . 2011-03-17 20:41 -------- d-----w- C:\rsit
2011-03-17 20:33 . 2011-03-17 20:41 -------- d-----w- c:\program files\trend micro
2011-03-17 13:55 . 2011-03-17 17:14 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-03-17 13:55 . 2011-03-17 13:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-03-16 21:03 . 2011-02-10 21:54 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{546F47AF-E6DD-403A-A786-20E798329779}\mpengine.dll
2011-03-13 09:18 . 2011-03-13 09:19 -------- d-----w- c:\users\Radek\Nová složka
2011-03-09 11:02 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 11:02 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 11:02 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 11:02 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 11:02 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 11:02 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-01 20:31 . 2011-03-01 20:31 -------- d-----w- c:\program files\CPUID
2011-03-01 18:41 . 2011-03-01 18:41 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-03-01 18:41 . 2011-03-01 18:41 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Notebook Hardware Control
2011-03-01 09:35 . 2011-03-01 09:35 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-02-28 18:44 . 2011-02-10 21:54 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-28 18:44 . 2011-02-28 18:43 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06712E3F-D793-4CAA-ABF3-2300E33CC698}\gapaengine.dll
2011-02-28 18:22 . 2011-02-28 18:23 -------- d-----w- c:\program files\Microsoft Security Client
2011-02-28 18:21 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-28 15:46 . 2011-02-28 15:46 -------- d-----w- C:\NVIDIA
2011-02-25 08:38 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A53C615-C8DD-4A2E-A193-C909863DFE8B}\mpengine.dll
2011-02-21 13:04 . 2011-02-21 13:04 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Media Player Classic
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 09:28 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-01-28 23:58 . 2011-01-28 23:58 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-20 16:37 . 2011-02-09 11:35 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 11:35 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 11:35 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 11:35 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 11:35 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 11:35 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 11:35 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 11:35 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 11:35 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 11:35 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 11:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 11:35 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 11:35 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 11:35 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 11:35 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 11:35 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 11:35 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 11:35 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-09 11:35 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 11:35 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 11:35 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 11:35 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 11:35 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 11:35 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 11:35 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 11:35 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-09 11:35 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-09 11:35 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47 . 2011-02-09 11:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 11:30 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-09 11:34 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-12 12:29 413696 ----a-w- c:\windows\system32\odbc32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"Skytel"="Skytel.exe" [2007-06-15 1826816]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-04-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-13 136176]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-23 691696]
S1 MpKsl7afff2c6;MpKsl7afff2c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{546F47AF-E6DD-403A-A786-20E798329779}\MpKsl7afff2c6.sys [2011-03-18 28752]
S1 MpKsl7e0b65f4;MpKsl7e0b65f4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{546F47AF-E6DD-403A-A786-20E798329779}\MpKsl7e0b65f4.sys [2011-03-18 28752]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL7E0B65F4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-13 17:13]
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-13 17:13]
.
2011-03-18 c:\windows\Tasks\User_Feed_Synchronization-{C99D44FE-6106-4B54-A7EB-7813D48159D8}.job
- c:\windows\system32\msfeedssync.exe [2011-02-09 04:47]
.
2011-03-18 c:\windows\Tasks\User_Feed_Synchronization-{E72B3509-C51D-4B86-A132-343CFF2B166D}.job
- c:\windows\system32\msfeedssync.exe [2011-02-09 04:47]
.
2011-03-17 c:\windows\Tasks\User_Feed_Synchronization-{F8B29309-FDE9-4E1E-A4AC-FFE381F28C99}.job
- c:\windows\system32\msfeedssync.exe [2011-02-09 04:47]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MI699F~1\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\6473hh3r.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe
.
**************************************************************************
.
Celkový čas: 2011-03-18 15:11:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-18 14:11
.
Před spuštěním: Volných bajtů: 42 839 367 680
Po spuštění: Volných bajtů: 42 778 992 640
.
- - End Of File - - B896662F719E0181732373D4203CC874

[motji]

Dobrý večer, záskok za kolegu

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[Lukas0801]

Dobrý den, děkuji za odpověď i záskok a omlouvám se za pozdní odpověď. První, kratší log je zde:

--
GMER 1.0.15.15565 - http://www.gmer.net
Rootkit quick scan 2011-03-20 00:25:06
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 ST9160314AS rev.0001SDM1
Running: gmer.exe; Driver: C:\Users\LUK~1\AppData\Local\Temp\awloapow.sys


---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8539C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-3 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort0 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort1 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort2 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort3 8539C1F8
Device \Driver\ay0fztwp \Device\Scsi\ay0fztwp1 862191F8
Device \Driver\ay0fztwp \Device\Scsi\ay0fztwp1Port5Path0Target0Lun0 862191F8
Device \FileSystem\Ntfs \Ntfs 8539D1F8

---- EOF - GMER 1.0.15 ----
*************************************************************************

A druhý log přikládám tady:

--

[motji]

druhý log asi utekl

[Lukas0801]

Ale neutekl Ten je tady, jen to trvalo déle, než jsem čekal:

--
GMER 1.0.15.15565 - http://www.gmer.net
Rootkit scan 2011-03-20 12:13:40
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 ST9160314AS rev.0001SDM1
Running: gmer.exe; Driver: C:\Users\LUK~1\AppData\Local\Temp\awloapow.sys


---- System - GMER 1.0.15 ----

INT 0x53 ? 861B1F00
INT 0x63 ? 861B1F00
INT 0x72 ? 85398BF8
INT 0x73 ? 861B1F00
INT 0x82 ? 85398BF8
INT 0x92 ? 85398BF8
INT 0x92 ? 85398BF8
INT 0x92 ? 861B1F00
INT 0x92 ? 85398BF8

---- Kernel code sections - GMER 1.0.15 ----

? System32\Drivers\spjs.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 887B441B 5 Bytes JMP 861B14E0
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8C403340, 0x33EBD7, 0xE8000020]
.text ay0fztwp.SYS 8C2C4000 22 Bytes [82, 33, 1C, 82, 6C, 32, 1C, ...]
.text ay0fztwp.SYS 8C2C4017 137 Bytes [00, 32, D7, 70, 80, 3D, D5, ...]
.text ay0fztwp.SYS 8C2C40A1 43 Bytes JMP E4A67481
.text ay0fztwp.SYS 8C2C40CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text ay0fztwp.SYS 8C2C40DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3276] ntdll.dll!LdrLoadDll 771F93A8 5 Bytes JMP 000113F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3572] USER32.dll!TrackPopupMenu 75AC14F3 5 Bytes JMP 6A706373 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [806116D6] \SystemRoot\System32\Drivers\spjs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80611042] \SystemRoot\System32\Drivers\spjs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80611800] \SystemRoot\System32\Drivers\spjs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [806110C0] \SystemRoot\System32\Drivers\spjs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8061113E] \SystemRoot\System32\Drivers\spjs.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [80620B90] \SystemRoot\System32\Drivers\spjs.sys
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortWritePortUchar] 838C2EAF
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] [100D8BA5] \Program Files\DAEMON Tools Lite\Engine.dll (Helper library/DT Soft Ltd)
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F8C2E80
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\ay0fztwp.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8539D1F8
Device \Driver\sptd \Device\3376627854 spjs.sys
Device \Driver\volmgr \Device\VolMgrControl 8539A1F8
Device \Driver\usbohci \Device\USBPDO-0 860F01F8
Device \Driver\usbehci \Device\USBPDO-1 860F21F8
Device \Driver\usbohci \Device\USBPDO-2 860F01F8
Device \Driver\usbehci \Device\USBPDO-3 860F21F8
Device \Driver\volmgr \Device\HarddiskVolume1 8539A1F8
Device \Driver\volmgr \Device\HarddiskVolume2 8539A1F8
Device \Driver\cdrom \Device\CdRom0 860F61F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8539C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-3 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort0 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort1 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort2 8539C1F8
Device \Driver\atapi \Device\Ide\IdePort3 8539C1F8
Device \Driver\volmgr \Device\HarddiskVolume3 8539A1F8
Device \Driver\cdrom \Device\CdRom1 860F61F8
Device \Driver\netbt \Device\NetBt_Wins_Export 87D47500
Device \Driver\Smb \Device\NetbiosSmb 8765D4A8
Device \Driver\PCI_PNP3840 \Device\0000004c spjs.sys
Device \Driver\iScsiPrt \Device\RaidPort0 8621D1F8
Device \Driver\usbohci \Device\USBFDO-0 860F01F8
Device \Driver\usbehci \Device\USBFDO-1 860F21F8
Device \Driver\usbohci \Device\USBFDO-2 860F01F8
Device \Driver\usbehci \Device\USBFDO-3 860F21F8
Device \Driver\netbt \Device\NetBT_Tcpip_{DA9C9DE5-6450-411D-81A4-0D6472948F80} 87D47500
Device \Driver\netbt \Device\NetBT_Tcpip_{1D3A7A4A-E705-43E6-8115-1A326A08D7F5} 87D47500
Device \Driver\ay0fztwp \Device\Scsi\ay0fztwp1 862191F8
Device \Driver\ay0fztwp \Device\Scsi\ay0fztwp1Port5Path0Target0Lun0 862191F8
Device \FileSystem\cdfs \Cdfs 8828A500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7F 0xD4 0x7B 0x0A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x72 0x99 0x71 0x84 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDA 0x86 0x3C 0x21 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7F 0xD4 0x7B 0x0A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x72 0x99 0x71 0x84 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDA 0x86 0x3C 0x21 ...

---- EOF - GMER 1.0.15 ----

Je to nějaké zpřeházené, tak snad z toho vyčtete co potřebujete, děkuji předem

[motji]

Vyčtu z toho akorát, že máte virtuální mechaniku a že ten divný driver, co se mi tam nelíbí, bude asi od ní .
Jak se ted chová počítač?

[Lukas0801]

Děkuji, chová se naprosto stejně jako předtím :-/ Budu bohužel asi muset zkusit formát, pokud by se to nezlepšilo je to samozřejmě hardwarová chyba, což je možné...tipoval bych pevný disk nebo grafiku. Ano, virtuální mechaniku mám dlouho, takže velmi pochybuji, že by to bylo kvůli ní... přesto děkuji

[motji]

Zkusíme otestovat ten disk

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

[Lukas0801]

Tak děkuji všem, problém vyřešila reinstalace Windows Vista po formátu pevného disku..bůhví čím to bylo...občas se někdy dějí věci mezi nebem a zemí ..

[motji]

Za všechny zučastněné není zač.