VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

preventivka - vysoka odezva

https://forum.viry.cz:443/viewtopic.php?t=102366

Stránka 1 z 1

preventivka - vysoka odezva

Napsal: 01 črc 2010 17:22
od Marek Braniš
Zdravim, když pingnu kterykoli server z přikazového řádku, ping je průměrně 150ms a když spustím kteroukoli mp hru, tak ping ve hře je cca 500ms. Jinak když ve hře nejsem a monitotuji server na který se připoiím, tak ping na něj je zase kolem 150, po připojení 500. Zde je log, děkuji.
---------------------------------------------------------------------------------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Mr.bullet at 2010-07-01 18:19:09
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (22%) free of 50 GB
Total RAM: 4094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:19:10, on 1.7.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
D:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
D:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files (x86)\Teamspeak2_RC2\TeamSpeak.exe
D:\Program Files (x86)\QIP\qip.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Users\Mr.bullet\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Mr.bullet.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Mr.bullet\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Mr.bullet\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [cleansweep.exe] C:\cleansweep.exe\cleansweep.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: hp psc 2000 Series.lnk = D:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O8 - Extra context menu item: &Download All by FlashGet - D:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - D:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\WIDEST~1\FREEQU~1\QUICKA~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Unknown owner - C:\Windows\system32\sfrem01.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8435 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{CE0A9DA6-257B-4908-BDE9-702B5FB63018}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - D:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Mr.bullet\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"Adobe Reader Speed Launcher"=D:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WinampAgent"=D:\Program Files (x86)\Winamp\winampa.exe [2008-03-27 36352]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"QuickTime Task"=D:\Program Files (x86)\QuickTime\QTTask.exe [2009-01-05 413696]
"LogMeIn Hamachi Ui"=D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"DAEMON Tools Lite"=D:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"cleansweep.exe"=C:\cleansweep.exe\cleansweep.exe [2008-01-21 122880]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
hp psc 2000 Series.lnk - D:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\Windows\WIDEST~1\FREEQU~1\QUICKA~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe"="D:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"D:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe"="D:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"D:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="D:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2af1a771-42d8-11dd-b98e-806e6f6e6963}]
shell\AutoRun\command - E:\MafiaLauncher.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c96a092-6927-11dd-b83c-001d7dac7b91}]
shell\AutoRun\command - K:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43a16f6f-42d3-11dd-a52d-806e6f6e6963}]
shell\AutoRun\command - E:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1207dba-8e04-11dd-a22d-001d7dac7b91}]
shell\AutoRun\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1207dbc-8e04-11dd-a22d-001d7dac7b91}]
shell\AutoRun\command - G:\autorun.exe


======File associations======

.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-07-01 01:01:52 ----D---- C:\Windows\WideStep Software
2010-07-01 00:35:48 ----D---- C:\Windows\system32\vi-VN
2010-07-01 00:35:48 ----D---- C:\Windows\system32\eu-ES
2010-07-01 00:35:48 ----D---- C:\Windows\system32\ca-ES
2010-06-27 22:00:30 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-27 22:00:30 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-27 22:00:30 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-27 22:00:30 ----A---- C:\Windows\system32\mscoree.dll
2010-06-27 22:00:30 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 13:38:01 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-23 13:38:01 ----A---- C:\Windows\system32\gameux.dll
2010-06-23 13:38:01 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-14 23:01:31 ----D---- C:\ProgramData\BioWare
2010-06-10 13:59:01 ----A---- C:\Windows\system32\atmlib.dll
2010-06-10 13:59:01 ----A---- C:\Windows\system32\atmfd.dll
2010-06-10 13:59:00 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-10 13:58:54 ----A---- C:\Windows\system32\mshtml.dll
2010-06-10 13:58:53 ----A---- C:\Windows\system32\ieframe.dll
2010-06-10 13:58:51 ----A---- C:\Windows\system32\wininet.dll
2010-06-10 13:58:51 ----A---- C:\Windows\system32\urlmon.dll
2010-06-10 13:58:50 ----A---- C:\Windows\system32\ieapfltr.dll
2010-06-10 13:58:49 ----A---- C:\Windows\system32\mshtmled.dll
2010-06-10 13:58:49 ----A---- C:\Windows\system32\ieui.dll
2010-06-10 13:58:49 ----A---- C:\Windows\system32\iepeers.dll
2010-06-10 13:58:49 ----A---- C:\Windows\system32\ieencode.dll

======List of files/folders modified in the last 1 months======

2010-07-01 18:19:10 ----D---- C:\Program Files (x86)\trend micro
2010-07-01 18:17:47 ----D---- C:\Windows\Prefetch
2010-07-01 18:17:39 ----D---- C:\Windows\Temp
2010-07-01 11:31:53 ----D---- C:\Windows\winsxs
2010-07-01 11:31:40 ----D---- C:\Windows\System32
2010-07-01 11:31:40 ----D---- C:\Windows\inf
2010-07-01 01:01:52 ----D---- C:\Windows
2010-07-01 00:55:15 ----D---- C:\Windows\rescache
2010-07-01 00:51:32 ----D---- C:\Users\Mr.bullet\AppData\Roaming\HLSW
2010-07-01 00:47:35 ----D---- C:\Windows\Microsoft.NET
2010-07-01 00:47:34 ----RSD---- C:\Windows\assembly
2010-07-01 00:41:32 ----SHD---- C:\Boot
2010-07-01 00:40:54 ----D---- C:\Windows\SysWOW64
2010-07-01 00:40:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Windows Photo Gallery
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Windows Media Player
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Windows Mail
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Windows Calendar
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Internet Explorer
2010-07-01 00:36:24 ----D---- C:\Program Files (x86)\Common Files\System
2010-07-01 00:36:23 ----D---- C:\Windows\servicing
2010-07-01 00:36:23 ----D---- C:\Windows\ehome
2010-07-01 00:36:17 ----D---- C:\Windows\system32\XPSViewer
2010-07-01 00:36:17 ----D---- C:\Windows\system32\sk-SK
2010-07-01 00:36:17 ----D---- C:\Windows\system32\oobe
2010-07-01 00:36:17 ----D---- C:\Windows\system32\migration
2010-07-01 00:36:17 ----D---- C:\Windows\system32\lv-LV
2010-07-01 00:36:17 ----D---- C:\Windows\system32\ko-KR
2010-07-01 00:36:17 ----D---- C:\Windows\system32\it-IT
2010-07-01 00:36:17 ----D---- C:\Windows\system32\hr-HR
2010-07-01 00:36:17 ----D---- C:\Windows\system32\et-EE
2010-07-01 00:36:17 ----D---- C:\Windows\system32\en-US
2010-07-01 00:36:17 ----D---- C:\Windows\system32\el-GR
2010-07-01 00:36:17 ----D---- C:\Windows\system32\de-DE
2010-07-01 00:36:17 ----D---- C:\Windows\system32\da-DK
2010-07-01 00:36:16 ----D---- C:\Windows\system32\sv-SE
2010-07-01 00:36:16 ----D---- C:\Windows\system32\SLUI
2010-07-01 00:36:16 ----D---- C:\Windows\system32\setup
2010-07-01 00:36:16 ----D---- C:\Windows\system32\ru-RU
2010-07-01 00:36:16 ----D---- C:\Windows\system32\pt-PT
2010-07-01 00:36:16 ----D---- C:\Windows\system32\hu-HU
2010-07-01 00:36:16 ----D---- C:\Windows\system32\he-IL
2010-07-01 00:36:16 ----D---- C:\Windows\system32\fr-FR
2010-07-01 00:36:16 ----D---- C:\Windows\system32\fi-FI
2010-07-01 00:36:16 ----D---- C:\Windows\system32\cs-CZ
2010-07-01 00:36:16 ----D---- C:\Windows\system32\cs
2010-07-01 00:36:16 ----D---- C:\Windows\system32\AdvancedInstallers
2010-07-01 00:36:15 ----D---- C:\Windows\system32\zh-TW
2010-07-01 00:36:15 ----D---- C:\Windows\system32\zh-CN
2010-07-01 00:36:15 ----D---- C:\Windows\system32\wbem
2010-07-01 00:36:15 ----D---- C:\Windows\system32\uk-UA
2010-07-01 00:36:15 ----D---- C:\Windows\system32\tr-TR
2010-07-01 00:36:15 ----D---- C:\Windows\system32\th-TH
2010-07-01 00:36:15 ----D---- C:\Windows\system32\sr-Latn-CS
2010-07-01 00:36:15 ----D---- C:\Windows\system32\sl-SI
2010-07-01 00:36:15 ----D---- C:\Windows\system32\ro-RO
2010-07-01 00:36:15 ----D---- C:\Windows\system32\pt-BR
2010-07-01 00:36:15 ----D---- C:\Windows\system32\pl-PL
2010-07-01 00:36:15 ----D---- C:\Windows\system32\nl-NL
2010-07-01 00:36:15 ----D---- C:\Windows\system32\nb-NO
2010-07-01 00:36:15 ----D---- C:\Windows\system32\migwiz
2010-07-01 00:36:15 ----D---- C:\Windows\system32\manifeststore
2010-07-01 00:36:15 ----D---- C:\Windows\system32\lt-LT
2010-07-01 00:36:15 ----D---- C:\Windows\system32\ja-JP
2010-07-01 00:36:15 ----D---- C:\Windows\system32\es-ES
2010-07-01 00:36:15 ----D---- C:\Windows\system32\bg-BG
2010-07-01 00:36:15 ----D---- C:\Windows\system32\ar-SA
2010-07-01 00:36:07 ----D---- C:\Windows\IME
2010-07-01 00:35:53 ----RSD---- C:\Windows\Fonts
2010-07-01 00:35:53 ----D---- C:\Windows\AppPatch
2010-07-01 00:23:14 ----SHD---- C:\System Volume Information
2010-06-29 22:07:25 ----D---- C:\Users\Mr.bullet\AppData\Roaming\OpenOffice.org2
2010-06-28 00:59:44 ----A---- C:\Windows\system32\PnkBstrB.exe
2010-06-23 00:33:20 ----SHD---- C:\Windows\Installer
2010-06-23 00:32:08 ----D---- C:\Program Files (x86)\Common Files
2010-06-23 00:29:46 ----RD---- C:\Program Files (x86)
2010-06-23 00:25:09 ----HD---- C:\ProgramData
2010-06-22 12:12:46 ----D---- C:\Windows\Debug
2010-06-20 22:40:48 ----D---- C:\cleansweep.exe
2010-06-14 23:00:16 ----D---- C:\ProgramData\Media Center Programs
2010-06-14 23:00:14 ----D---- C:\Program Files (x86)\Common Files\BioWare

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
S3 auiz0otb;auiz0otb; C:\Windows\system32\drivers\auiz0otb.sys []
S3 b57nd60a;%SvcDispName%; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-08-01 20544]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.11\RivaTuner64.sys [2008-09-20 19952]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1823112]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-01 75064]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\Windows\system32\sfrem01.exe svc []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-03-24 85096]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

-----------------EOF-----------------

Re: preventivka - vysoka odezva

Napsal: 01 črc 2010 18:05
od Caroprd111
Zdravím :)


Obrázek Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Re: preventivka - vysoka odezva

Napsal: 01 črc 2010 23:04
od Marek Braniš
Zálohuji důležitá data ... :/

Re: preventivka - vysoka odezva

Napsal: 01 črc 2010 23:11
od Caroprd111
OK :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz