VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Mění se datum, pomalý počítač

https://forum.viry.cz:443/viewtopic.php?t=126409

Stránka 2 z 3

Re: Mění se datum, pomalý počítač

Napsal: 14 pro 2012 10:23
od vyosek
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Search
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Re: Mění se datum, pomalý počítač

Napsal: 15 pro 2012 00:14
od Martin_Pan
# AdwCleaner v2.100 - Logfile created 12/15/2099 at 00:12:57
# Updated 09/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Martini - MA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Martini\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\uTorrentControl2

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\uTorrentControl2
Key Found : HKCU\Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D24AF12-DDB2-48BF-98CC-D4D8308C2B13}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{854858F2-FF50-421E-AA54-B49A8C13D670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Found : HKLM\Software\uTorrentControl2
Key Found : HKU\S-1-5-21-1715567821-1123561945-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-1715567821-1123561945-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

*************************

AdwCleaner[R1].txt - [4224 octets] - [15/12/2099 00:12:57]

########## EOF - C:\AdwCleaner[R1].txt - [4284 octets] ##########

Re: Mění se datum, pomalý počítač

Napsal: 15 pro 2012 05:44
od vyosek
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Delete
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Re: Mění se datum, pomalý počítač

Napsal: 15 pro 2012 09:12
od Martin_Pan
# AdwCleaner v2.100 - Logfile created 12/15/2012 at 09:08:54
# Updated 09/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Martini - MA
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Martini\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\uTorrentControl2

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\uTorrentControl2
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D24AF12-DDB2-48BF-98CC-D4D8308C2B13}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{854858F2-FF50-421E-AA54-B49A8C13D670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\Software\uTorrentControl2
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/ --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [4353 octets] - [15/12/2099 00:12:57]
AdwCleaner[S1].txt - [4126 octets] - [15/12/2012 09:08:54]

########## EOF - C:\AdwCleaner[S1].txt - [4186 octets] ##########

Re: Mění se datum, pomalý počítač

Napsal: 15 pro 2012 22:46
od vyosek
:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Re: Mění se datum, pomalý počítač

Napsal: 18 pro 2012 21:26
od Martin_Pan
Byl jsem na služebce.

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/18/2012 09:24:48 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\tsnp325.exe (PID: 1384) [WD-HEUR]
* C:\WINDOWS\vsnp325.exe (PID: 2108) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* AppMgmt [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

Program finished at: 12/18/2012 09:25:19 PM
Execution time: 0 hours(s), 0 minute(s), and 31 seconds(s)

Re: Mění se datum, pomalý počítač

Napsal: 18 pro 2012 21:59
od Martin_Pan
a Combofix se spustí, licenční ujednání odkliknu, ale ke konzoli už nedojde, ani nescanuje.

Re: Mění se datum, pomalý počítač

Napsal: 18 pro 2012 22:08
od Martin_Pan
Tak jsem to zkusil i v nouzovém režimu. Píše: Combofix zjistil, že následující bezpečnostní programy mají zapnuté rezidentní štíty: antivirus: AVG Anti-Virus Free Edition 2012. atd...

Tak jsem ho spustil i přes to.

Re: Mění se datum, pomalý počítač

Napsal: 18 pro 2012 22:42
od Martin_Pan
ComboFix 12-12-17.02 - Martini 18.12.2012 22:20:34.1.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1786 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martini\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regedit.com
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\PowerToyReadme.htm
c:\windows\system32\SET360.tmp
c:\windows\system32\SET364.tmp
c:\windows\system32\SET365.tmp
c:\windows\system32\SET36C.tmp
c:\windows\system32\swctl.dll
c:\windows\system32\taskmgr.com
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-18 do 2012-12-18 )))))))))))))))))))))))))))))))
.
.
2012-12-13 19:54 . 2012-12-13 19:54 -------- d---a-w- c:\windows\rundll16.exe
2012-12-13 19:54 . 2012-12-13 19:54 -------- d---a-w- c:\windows\logo1_.exe
2012-12-09 22:15 . 2012-06-02 14:18 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-12-09 19:11 . 2012-12-13 20:24 512 ----a-w- C:\PhysicalMBR.bin
2012-12-09 13:24 . 2012-12-09 13:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2012-12-09 12:28 . 2012-12-09 12:28 -------- d-----w- c:\program files\VS Revo Group
2012-12-09 10:27 . 2012-12-09 10:27 -------- d-----w- C:\rsit
2012-12-09 10:27 . 2012-12-09 10:27 -------- d-----w- c:\program files\trend micro
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\URE
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\readmes
2012-12-08 20:10 . 2012-12-09 10:34 -------- d-----w- c:\program files\program
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\share
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\Basis
2012-12-08 19:56 . 2012-12-08 19:56 -------- d-----w- c:\documents and settings\Martini\Local Settings\Data aplikací\Secunia PSI
2012-12-08 19:56 . 2012-12-08 19:56 -------- d-----w- c:\program files\Secunia
2012-12-01 13:58 . 2012-12-01 13:58 -------- d-----w- c:\documents and settings\Vanda\Data aplikací\Xilisoft
2012-11-27 13:30 . 2012-11-27 13:30 -------- d-----w- c:\documents and settings\Vanda\Local Settings\Data aplikací\Aimersoft
2012-11-24 22:30 . 2012-11-24 22:30 -------- d-----w- c:\program files\Verbatim
2012-11-24 15:06 . 2012-11-24 15:06 -------- d-----w- c:\documents and settings\Pája.MA\Local Settings\Data aplikací\Aimersoft
2012-11-24 12:43 . 2009-04-22 06:20 216576 ----a-w- c:\windows\system32\fwpuclnt.dll
2012-11-24 12:31 . 2012-11-24 12:31 -------- d-----w- c:\documents and settings\Martini\Data aplikací\Xilisoft
2012-11-24 12:30 . 2012-11-24 12:30 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Xilisoft
2012-11-24 08:46 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-11-24 08:46 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-11-24 08:45 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-24 08:45 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-11-24 08:45 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-23 23:16 . 2012-11-23 23:16 -------- d-----w- c:\documents and settings\Martini\Local Settings\Data aplikací\Aimersoft
2012-11-23 23:16 . 2012-11-23 23:16 -------- d-----w- c:\program files\Common Files\Aimersoft
2012-11-23 21:14 . 2012-11-23 21:14 -------- d-----w- C:\DVDTemp
2012-11-23 21:14 . 2008-10-04 09:22 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2012-11-23 21:13 . 2012-11-24 09:17 -------- d-----w- c:\program files\Free DVD Creator
2012-11-23 21:01 . 2012-11-23 21:02 -------- d-----w- c:\documents and settings\Martini\Data aplikací\DVD Flick
2012-11-23 20:34 . 2007-08-31 17:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-11-23 20:34 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-11-23 20:34 . 2012-11-23 20:34 -------- d-----w- c:\program files\DVD Flick
2012-11-23 20:34 . 2008-08-31 12:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
16512-12-06 21:44 . 16512-12-06 21:44 -------- d-----w- c:\documents and settings\filmy\Local Settings\Data aplikací\Aimersoft
16512-10-24 18:34 . 16512-10-24 18:35 -------- d-----w- c:\documents and settings\Administrator.MA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-15 08:07 . 2012-03-29 20:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-15 08:07 . 2012-01-21 21:33 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-13 11:55 . 2006-03-02 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:41 . 2006-03-02 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03 . 2006-03-02 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:12 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-10-20 22:32 . 2012-10-20 22:32 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-20 22:32 . 2012-10-20 22:32 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-20 22:32 . 2012-04-04 20:48 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-20 22:32 . 2010-04-29 20:55 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2006-03-02 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
2008-08-19 22:22 . 2008-08-19 22:21 284248 ----a-w- c:\program files\npmusicn.dll
2012-12-01 20:12 . 2012-12-01 20:12 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCWinTray"="c:\windows\Tray\wintmr.exe" [2008-12-03 5926328]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-08-14 352256]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-06-05 273544]
"ChicoSys"="c:\windows\system32\cc32\webtmr.exe" [2008-12-03 4976056]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-31 307200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Aimersoft Helper Compact.exe"="c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" [2012-02-20 1666560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Pája\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.2.lnk - i:\program files\OpenOffice.org 2.2\program\quickstart.exe [N/A]
.
c:\documents and settings\Pája.MA\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
c:\documents and settings\filmy\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
c:\documents and settings\Martini\Nabídka Start\Programy\Po spuštění\
Nikon Monitor.lnk - c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [2007-5-15 479232]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"c:\\Program Files\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 phylock;phylock;c:\windows\system32\drivers\phylock.sys [8.3.2009 19:38 8064]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [18.11.2007 20:40 33792]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.8.2010 9:55 436792]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [27.3.2012 19:47 21992]
S2 RVIEGVST;VSC VST Engine;c:\program files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys [26.4.2009 15:49 188276]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S2 Windows-CCHook-Service;Windows-CCHook-Service;c:\windows\system32\cchservice.exe [13.12.2011 23:20 967344]
S3 CLAVIAUSB;CLAVIAUSB;c:\windows\system32\drivers\ClaviaUSB.sys [5.8.2008 17:52 19712]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [27.9.2009 8:55 47360]
S3 Saffire;Saffire;c:\windows\system32\drivers\Saffire.sys [15.6.2012 20:35 169056]
S3 SaffireAudio;Saffire Audio;c:\windows\system32\drivers\SaffireAudio.sys [15.6.2012 20:35 32992]
S3 SaffireMidi;Saffire MIDI;c:\windows\system32\drivers\SaffireMidi.sys [15.6.2012 20:35 40672]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [7.5.2009 18:27 10251904]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [13.8.2012 12:10 104280]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1123561945-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-12-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1123561945-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Martini\Data aplikací\Mozilla\Firefox\Profiles\ej6dd3j1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.http - 123.122.56.55
FF - prefs.js: network.proxy.http_port - 56
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-09-05 10:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-pdfSaver3 - (no file)
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1123561945-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{73AE5928-E9B8-9725-7498-2AD79C533D5B}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(208)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-12-18 22:38:23
ComboFix-quarantined-files.txt 2012-12-18 21:38
.
Před spuštěním: 9 945 833 472
Po spuštění: Volných bajtů: 11 746 250 752
.
- - End Of File - - D662C500A6FB3562E2D364672F7D7E23

Re: Mění se datum, pomalý počítač

Napsal: 18 pro 2012 22:52
od vyosek
:arrow: Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

Re: Mění se datum, pomalý počítač

Napsal: 18 pro 2012 23:04
od Martin_Pan
V zájmu ochrany počítače systém Windows tento program ukončil. Název: Příkazový řádek systému Windows.

Re: Mění se datum, pomalý počítač

Napsal: 19 pro 2012 09:32
od Martin_Pan
V nouzovém režimu to šlo.

DDS (Ver_2012-11-20.01) - NTFS_x86 MINIMAL
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Martini at 9:24:49 on 2012-12-19
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1766 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com/ie
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Pomocník pro přihlášení ke službě Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [CCWinTray] c:\windows\tray\wintmr.exe
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\AxAutoMntSrv.exe" -automount
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [JMB36X Configure] c:\windows\system32\JMRaidTool.exe boot
mRun: [tsnp325] c:\windows\tsnp325.exe
mRun: [snp325] c:\windows\vsnp325.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [ChicoSys] c:\windows\system32\cc32\webtmr.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Aimersoft Helper Compact.exe] c:\program files\common files\aimersoft\aimersoft helper compact\ASHelper.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\martini\nabdka~1\programy\posput~1\nikonm~1.lnk - c:\program files\common files\nikon\monitor\NkMonitor.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-System: DisableClock = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxps://www.update.microsoft.com/microsoftupdat ... 4996668920
TCP: NameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{06ECE2C4-E418-4395-81E9-79D2DE3155C1} : DHCPNameServer = 213.46.172.36 213.46.172.37
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\martini\data aplikací\mozilla\firefox\profiles\ej6dd3j1.default\
.
============= SERVICES / DRIVERS ===============
.
R0 phylock;phylock;c:\windows\system32\drivers\phylock.sys [2009-3-8 8064]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2007-11-18 33792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-3-27 21992]
S2 RVIEGVST;VSC VST Engine;c:\program files\roland\virtual sound canvas vst\RVIEg01VST.sys [2009-4-26 188276]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2009-12-23 370688]
S2 Windows-CCHook-Service;Windows-CCHook-Service;c:\windows\system32\cchservice.exe [2011-12-13 967344]
S3 CLAVIAUSB;CLAVIAUSB;c:\windows\system32\drivers\ClaviaUSB.sys [2008-8-5 19712]
S3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
S3 Saffire;Saffire;c:\windows\system32\drivers\Saffire.sys [2012-6-15 169056]
S3 SaffireAudio;Saffire Audio;c:\windows\system32\drivers\SaffireAudio.sys [2012-6-15 32992]
S3 SaffireMidi;Saffire MIDI;c:\windows\system32\drivers\SaffireMidi.sys [2012-6-15 40672]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2009-5-7 10251904]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2012-8-13 104280]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1"
ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4"
ShellExec: Transcribe.exe: open="c:\program files\transcribe!\Transcribe.exe"
.
=============== Created Last 30 ================
.
2012-12-18 21:40:46 99 ----a-w- c:\windows\system32\swctl.dll
2012-12-18 21:08:49 98816 ----a-w- c:\windows\sed.exe
2012-12-18 21:08:49 256000 ----a-w- c:\windows\PEV.exe
2012-12-18 21:08:49 208896 ----a-w- c:\windows\MBR.exe
2012-12-13 19:54:22 -------- d---a-w- c:\windows\rundll16.exe
2012-12-13 19:54:22 -------- d---a-w- c:\windows\logo1_.exe
2012-12-09 22:15:38 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-12-09 22:13:32 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-12-09 19:11:17 512 ----a-w- C:\PhysicalMBR.bin
2012-12-09 12:28:58 -------- d-----w- c:\program files\VS Revo Group
2012-12-09 10:27:51 -------- d-----w- c:\program files\trend micro
2012-12-08 20:10:21 -------- d-----w- c:\program files\URE
2012-12-08 20:10:21 -------- d-----w- c:\program files\readmes
2012-12-08 20:10:20 -------- d-----w- c:\program files\share
2012-12-08 20:10:20 -------- d-----w- c:\program files\program
2012-12-08 20:10:20 -------- d-----w- c:\program files\Basis
2012-12-08 19:56:05 -------- d-----w- c:\program files\Secunia
2012-11-24 22:30:05 -------- d-----w- c:\program files\Verbatim
2012-11-24 12:43:12 216576 ----a-w- c:\windows\system32\fwpuclnt.dll
2012-11-24 12:31:34 -------- d-----w- c:\documents and settings\martini\data aplikací\Xilisoft
2012-11-24 08:46:02 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-11-24 08:46:00 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-11-24 08:45:58 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-24 08:45:55 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-11-24 08:45:53 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-23 23:16:12 -------- d-----w- c:\program files\common files\Aimersoft
2012-11-23 21:14:36 -------- d-----w- C:\DVDTemp
2012-11-23 21:14:05 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2012-11-23 21:13:44 -------- d-----w- c:\program files\Free DVD Creator
2012-11-23 21:01:44 -------- d-----w- c:\documents and settings\martini\data aplikací\DVD Flick
2012-11-23 20:34:54 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-11-23 20:34:54 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-11-23 20:34:53 28672 ----a-w- c:\windows\system32\mousewheel.ocx
2012-11-23 20:34:53 -------- d-----w- c:\program files\DVD Flick
.
==================== Find3M ====================
.
2012-12-15 08:07:13 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-15 08:07:12 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-13 11:55:10 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:41:17 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03:56 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12:24 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12:24 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:12:24 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:48 385024 ----a-w- c:\windows\system32\html.iec
2012-10-20 22:32:20 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-20 22:32:20 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-20 22:32:20 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-20 22:32:20 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-02 18:04:39 58368 ----a-w- c:\windows\system32\synceng.dll
2008-08-19 22:22:14 284248 ----a-w- c:\program files\npmusicn.dll
.
============= FINISH: 9:26:20,18 ===============

Re: Mění se datum, pomalý počítač

Napsal: 19 pro 2012 22:16
od Martin_Pan
Je log v pořádku? Znovu mi to změnilo datum.

Re: Mění se datum, pomalý počítač

Napsal: 20 pro 2012 09:42
od vyosek
Prave ze log se mi zda OK, udelejte jeste AVPTool http://forum.viry.cz/viewtopic.php?f=29&t=58179

Re: Mění se datum, pomalý počítač

Napsal: 23 pro 2012 20:36
od Martin_Pan
Nakonec se mi to seklo tak, že v Biosu nešel přenastavit čas - a pak už se to ani nezaplo. V opravě mi řekli, že je chybná zákl. deska. Díky za pomoc a hezký svátky M.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz