Vytížení CPU na 99%

Zpráva

#16 Příspěvek od **cernohous13** » 06 říj 2013 17:27

OK - je to spolehlivý nástroj a bylo by škoda ho nenechat dokončit - počkáme

Madlis · #17 Příspěvek od **Madlis** » 12 říj 2013 16:34

Ntb jsem testem projela 2x, ani jednou už nic nenašel. Chcete vidět log?

#18 Příspěvek od **cernohous13** » 12 říj 2013 17:21

Když je to čisté, tak logu netřeba

Vytížení CPU stále vyskakuje

Madlis · #19 Příspěvek od **Madlis** » 12 říj 2013 22:05

Myslela jsem si to

CPU vyzkouším zítra.

Madlis · #20 Příspěvek od **Madlis** » 13 říj 2013 15:37

Po zapnutí automatických aktualizací Win vyletělo CPU opět na 100%, schvost.exe +/- 99%. Avast mi našel nějaký vir, teď zkouším kontrolu avastem po spuštění. Ještě nějaký nápad?

#21 Příspěvek od **cernohous13** » 13 říj 2013 16:10

Nový RSIT - budeme čistit

Madlis · #22 Příspěvek od **Madlis** » 13 říj 2013 17:47

Tady je log ze RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Marie Bedlivá at 2013-10-13 18:45:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 35 GB (15%) free of 238 GB
Total RAM: 1526 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:22, on 13.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marie Bedlivá\Plocha\RSIT.exe
C:\Program Files\trend micro\Marie Bedlivá.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = seznam.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{04356E23-A614-4712-AEA0-D3D2092F88A6}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{04356E23-A614-4712-AEA0-D3D2092F88A6}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: COMODO IceDragon Update Service (IceDragonUpdater) - Unknown owner - C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 5477 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Marie Bedlivá\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "noia2_option@kk.noia:3.76, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

C:\Documents and Settings\Marie Bedlivá\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\
NuvolaFF@paenglab.ch
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Marie Bedlivá\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\
abz-slovnik-cizich-slov.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-05 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-05 688218]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20130923]
C:\Program Files\AVAST Software\Avast\setup\emupdate\58e9366a-c45e-44f2-8490-83d77addb7dd.exe [2013-09-27 75112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer]
C:\WINDOWS\inf\unregmp2.exe [2007-06-27 317952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2010-10-15 380416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-03-22 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\QIP 2010\qip.exe"="C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Disabled:QIP Infium"
"C:\Program Files\QIP 2012\qip.exe"="C:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2013-10-03 22:21:11 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-10-13 18:45:20 ----D---- C:\Program Files\trend micro
2013-10-13 18:33:37 ----D---- C:\WINDOWS\Temp
2013-10-13 18:26:09 ----D---- C:\WINDOWS\Prefetch
2013-10-13 16:10:38 ----D---- C:\WINDOWS
2013-10-12 23:04:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-12 23:03:58 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-12 19:16:12 ----D---- C:\WINDOWS\system32\drivers
2013-10-12 19:12:28 ----SD---- C:\WINDOWS\Tasks
2013-10-12 13:53:14 ----SHD---- C:\System Volume Information
2013-10-12 13:52:03 ----D---- C:\WINDOWS\inf
2013-10-11 18:57:39 ----D---- C:\WINDOWS\system32
2013-10-11 18:57:32 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-06 15:10:03 ----D---- C:\Program Files\CCleaner
2013-10-03 22:45:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-03 22:45:43 ----D---- C:\Program Files
2013-09-27 21:06:51 ----D---- C:\Program Files\The KMPlayer
2013-09-22 15:36:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2530548$
2013-09-22 14:03:25 ----D---- C:\Program Files\PDFCreator
2013-09-21 21:17:39 ----D---- C:\WINDOWS\Debug
2013-09-16 19:50:31 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-30 177864]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-08-30 56080]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2010-03-18 10448]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-04-25 135168]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2010-11-11 15664]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-03-22 827196]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-04-26 839436]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-05 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-05 160768]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 DM9USB;DM9601 USB To Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\dm9usb.sys [2002-03-21 21376]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-02-13 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-02-13 25512]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 s217mdfl;Sony Ericsson Device 217 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s217mdfl.sys [2007-11-02 15016]
S3 s217mdm;Sony Ericsson Device 217 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s217mdm.sys [2007-11-02 109992]
S3 s217obex;Sony Ericsson Device 217 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s217obex.sys [2007-11-02 100008]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IceDragonUpdater;COMODO IceDragon Update Service; C:\Program Files\Comodo\IceDragon\icedragon_updater.exe [2013-07-14 1821384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-12 182184]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-03 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-03 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-03 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#23 Příspěvek od **cernohous13** » 13 říj 2013 18:06

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]
[ResetHosts]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job
C:\Program Files\AVAST Software\Avast\setup\emupdate\58e9366a-c45e-44f2-8490-83d77addb7dd.exe

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20130923]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:Services
IceDragonUpdater
JavaQuickStarterService
gupdate
SkypeUpdate
gupdatem

Pak pokud máš zapnuté Automatické aktualizace tak je vypni a restartuj - znovu je zapni

Madlis · #24 Příspěvek od **Madlis** » 13 říj 2013 18:50

Tady je log. Ale po restartu se mi zasekl, nešel spustit ani správce úloh, tak jsem ho musela vypnout natvrdo a pustit znova

Což mě přivádí ještě k dotazu - co způsobuje, že se občas načte jen tapeta, ikony na ploše, ale bez hlavní lišty, nebo se nenačte něco jiného (např. vpravo na liště soubor ikon), případně se načte, ale pořád se jen točí hodiny a nedá se nic dělat, na nic nereaguje?

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 35195866 bytes

User: Marie Bedlivá
->Temp folder emptied: 30188197 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 5185983 bytes
->FireFox cache emptied: 100190558 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 89292 bytes

User: Marie Bedlivß

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 623128 bytes

%systemdrive% .tmp files removed: 100677894 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2832840 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36006659 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 256431324 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 398678042 bytes

Total Files Cleaned = 922,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Marie Bedlivá
->Flash cache emptied: 0 bytes

User: Marie Bedlivß

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: Marie Bedlivá
->Java cache emptied: 0 bytes

User: Marie Bedlivß

User: NetworkService

Total Java Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13C0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1954.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19E6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AD4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AE4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B48.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP204.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP206.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP226.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP37E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D93.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4DD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55ED.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP56C0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5BD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5DF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP68.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP68E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP708.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7E6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP810.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP816.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC24.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD5.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI14E.tmp moved successfully.
C:\WINDOWS\Installer\MSI15A.tmp moved successfully.
C:\WINDOWS\system32\Com\COM394.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD647.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD648.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD649.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD64A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD64B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD64C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD64D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD64E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD64F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD650.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD651.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD652.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD653.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD654.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD655.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD656.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD657.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD658.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD659.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD65A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD65B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD65C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD65D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD65E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD65F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD660.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD661.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD662.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD663.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD664.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD665.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD666.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD667.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD668.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD669.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD66A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD66B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD66C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD66D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD66E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD66F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD670.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD671.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD672.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD673.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD674.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD675.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD676.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD677.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD678.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD679.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD67A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD67B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD67C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD67D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD67E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD67F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD680.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD681.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD682.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD683.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD684.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD685.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD686.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD687.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD688.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD689.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD68A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD68B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD68C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD68D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD68E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD68F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD690.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD691.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD692.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD693.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD694.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD695.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD696.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD697.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD698.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD699.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD69A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD69B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD69C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD69D.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD69E.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD69F.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A0.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A1.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A2.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A3.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A4.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A5.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A6.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A7.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A8.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6A9.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6AA.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6AB.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6AC.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6AD.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6AE.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6AF.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B0.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B1.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B2.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B3.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B4.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B5.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B6.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B7.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B8.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6B9.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6BA.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6BB.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6BC.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6BD.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6BE.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6BF.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C0.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C1.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C2.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C3.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C4.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C5.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C6.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C7.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C8.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6C9.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6CA.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6CB.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6CC.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6CD.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6CE.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6CF.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D0.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D1.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D2.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D3.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D4.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D5.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D6.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D7.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D8.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6D9.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6DA.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6DB.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6DC.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6DD.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6DE.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6DF.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E0.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E1.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E2.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E3.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E4.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E5.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E6.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E7.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E8.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6E9.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6EA.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6EB.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6EC.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6ED.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6EE.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6EF.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F0.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F1.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F2.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F3.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F4.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F5.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F6.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F7.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F8.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6F9.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6FA.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6FB.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD6FC.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD709.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD70A.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD70B.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD70C.tmp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\BUD725.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\SmartDefrag_Startup.job moved successfully.
File move failed. C:\Program Files\AVAST Software\Avast\setup\emupdate\58e9366a-c45e-44f2-8490-83d77addb7dd.exe scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20130923\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service IceDragonUpdater stopped successfully!
Service IceDragonUpdater deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 10132013_192316

Files moved on Reboot...
File C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
File move failed. C:\Program Files\AVAST Software\Avast\setup\emupdate\58e9366a-c45e-44f2-8490-83d77addb7dd.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#25 Příspěvek od **cernohous13** » 14 říj 2013 08:29

Spusť opět OTM -> CleanUp! - odinstaluje a vyčistí po sobě.

Tak na to pustíme těžší kalibr
Stáhni si zde

: ComboFix
a ulož ho na plochu.
návod na použití: http://www.bleepingcomputer.com/combofi ... t-combofix
Ukonči všechna aktivní okna,vypni Antispy a Antivir a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Odmítni stažení Konzole...
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Pokud vyskočí hláška "Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění", tak jen restartuj PC - registr se dá do kupy

Kdyby ti po použití ComboFixu systém nenaběhl - při restartu F8 a "Poslední známá funkční konfigurace"

Madlis · #26 Příspěvek od **Madlis** » 14 říj 2013 10:50

Ok, vyzkouším, ale až ve středu, dřív se k němu zase nedostanu.

#27 Příspěvek od **cernohous13** » 14 říj 2013 13:35

žádný problém, budu tady

Madlis · #28 Příspěvek od **Madlis** » 19 říj 2013 12:17

Omlouvám se, ve středu mi nezbyl čas. Log z ComboFixu je níže.

ComboFix 13-10-16.02 - Marie Bedlivá 19.10.2013 13:06:14.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1526.1066 [GMT 2:00]
Spuštěný z: c:\documents and settings\Marie Bedlivß\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-19 do 2013-10-19 )))))))))))))))))))))))))))))))
.
.
2013-10-13 17:23 . 2013-10-13 17:23 -------- d-----w- C:\_OTM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-11 16:57 . 2012-04-02 17:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-11 16:57 . 2011-05-16 17:38 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-30 07:48 . 2013-03-13 21:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2012-11-18 13:17 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2012-06-24 16:31 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-03-13 21:13 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2012-06-24 16:31 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-08-30 07:48 . 2012-06-24 16:31 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-03-13 21:13 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:48 . 2012-06-24 16:31 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:47 . 2012-06-24 16:31 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2012-06-24 16:31 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-02 23:48 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-25 08:14 . 2004-08-18 12:00 669696 ----a-w- c:\windows\system32\wininet.dll
2013-07-25 08:14 . 2004-08-18 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-07-25 08:14 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-07-25 07:25 . 2004-08-18 12:00 370176 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 688218]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-8-17 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2013-08-30 07:47 4858968 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
2010-10-15 15:05 380416 ----a-w- c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [13.3.2013 23:13 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [13.3.2013 23:13 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.6.2012 18:31 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18.11.2012 15:17 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.6.2012 18:31 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [13.3.2013 23:13 66336]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [11.8.2010 19:51 10448]
S3 DM9USB;DM9601 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\dm9usb.sys [13.8.2010 20:03 21376]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [13.2.2011 16:52 13224]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [29.8.2010 17:16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [29.8.2010 17:16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [29.8.2010 17:16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [29.8.2010 17:16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [29.8.2010 17:16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [29.8.2010 17:16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [29.8.2010 17:16 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [29.8.2010 17:16 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [29.8.2010 17:16 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [29.8.2010 17:16 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [29.8.2010 17:16 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [29.8.2010 17:16 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [29.8.2010 17:16 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [29.8.2010 17:16 109736]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [26.7.2013 12:58 155824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uStart Page = seznam.cz
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{04356E23-A614-4712-AEA0-D3D2092F88A6}: NameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Marie Bedlivá\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Sony Ericsson PC Companion - c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-19 13:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(968)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
- - - - - - - > 'explorer.exe'(1548)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-10-19 13:12:42
ComboFix-quarantined-files.txt 2013-10-19 11:12
.
Před spuštěním: Volných bajtů: 36 681 314 304
Po spuštění: Volných bajtů: 36 691 292 160
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - E2CA5288F6976981C3D2B9A9C5AFFEF0
413FC2A0C716421B3158746D63736515

#29 Příspěvek od **cernohous13** » 19 říj 2013 14:33

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe - uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

Stáhni si ATF-Cleaner na plochu - http://www.atribune.org/ccount/click.php?id=1
- Spusť ho a na všech třech záložkách (Main, Firefox a Opera - pokud používáš) zaškrtni Select All, odmítni případnou výzvu na vymazání uložených hesel a klikni na Empty Selected, tím se vyčistí počítač od nepotřebných souborů

pro jistotu ještě vymazat cokies+mezipaměť prohlížeče - Ctrl+Shift+Delete

Odstranění konzoly pro zotavení
Otevři složku Tento počítač.
Poklikej na pevný disk, na kterém je nainstalována konzola pro zotavení.
V nabídce Nástroje klikni na příkaz Možnosti složky.
Klikni na kartu Zobrazit.
Klikni na přepínač Zobrazit skryté soubory a složky, zruš zaškrtnutí políčka Skrýt chráněné soubory operačního systému a klikni na tlačítko OK.
V kořenovém adresáři odstraň složku \Cmdcons.
V kořenovém adresáři odstraň soubor Cmldr.
V kořenovém adresáři klikni pravým tlačítkem myši na soubor Boot.ini a potom klepněte na příkaz Vlastnosti.
Zruš zaškrtnutí políčka Jen pro čtení a klikni na tlačítko OK.
Otevři soubor Boot.ini v programu Poznámkový blok a odstraň položku konzoly pro zotavení. Položka bude vypadat podobně jako tento řádek:
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

Ulož a zavři soubor.

Nesprávné změny souboru Boot.ini mohou zabránit restartování počítače. Přesvědčte se, že jste odstranili pouze položku konzoly pro zotavení.

Madlis · #30 Příspěvek od **Madlis** » 19 říj 2013 16:20

cernohous13 píše: ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Pokus o odinstalaci ComboFixu nevyšel, objevila se hláška, že soubor s takovým názvem nebyl nalezen. Nic jsem s ním nedělala, ikonu mám stále na ploše.

cernohous13 píše: V kořenovém adresáři odstraň složku \Cmdcons.
V kořenovém adresáři odstraň soubor Cmldr.

Podařilo se mi jen smazat ten řádek v Boot.ini (resp. měla jsem ho jen jako Boot, ale ten řádek tam byl úplně stejný). A ty soubory: 1) chybí "\"; 2) vůbec jsem ho nenašla (po rozkliknutí disku C v zobrazeném seznamu, pokud to chápu dobře).

VIRY.CZ

Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%

Re: Vytížení CPU na 99%