VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zamrzlý PC

https://forum.viry.cz:443/viewtopic.php?t=112546

Stránka 1 z 1

Zamrzlý PC

Napsal: 18 čer 2011 15:37
od brankar
Nazdar Rudy na youtube jsem chtěl kouknout na jeden odkaz z hudbou ale PC zamrzlo a po deseti vteřinách přešlo do modré smrti kde se asi po pěti vteřinách začal načítat znova operační system
prosím o kontrolu

Re: Zamrzlý PC

Napsal: 18 čer 2011 17:24
od Rudy
Dejte pro začátek log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

Re: Zamrzlý PC

Napsal: 19 čer 2011 05:50
od brankar
Zdravím tady je log


Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-06-19 06:47:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 75 GB (49%) free of 153 GB
Total RAM: 1022 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:47:45, on 19.6.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Opera\opera.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\user\Plocha\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-602162358-1292428093-1547161642-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5838183312
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{03E0E805-2D9E-4C5B-A476-D4BCCF85E0C7}: NameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{03E0E805-2D9E-4C5B-A476-D4BCCF85E0C7}: NameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{03E0E805-2D9E-4C5B-A476-D4BCCF85E0C7}: NameServer = 10.1.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

--
End of file - 6223 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-05-05 2257760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-04-14 20053608]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]

C:\Documents and Settings\user\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\install\openarena-0.8.1\openarena.exe"="C:\install\openarena-0.8.1\openarena.exe:*:Enabled:openarena"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\EA Sports\FIFA 11 Demo\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11 Demo\Game\fifa.exe:*:Enabled:FIFA 11"
"C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe"="C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe:*:Enabled:F1 2010"
"C:\Program Files\AVG\AVG10\avgdiagex.exe"="C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostika 2011"
"C:\Program Files\AVG\AVG10\avgnsx.exe"="C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG10\avgemcx.exe"="C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-06-19 06:47:28 ----D---- C:\Program Files\trend micro
2011-06-19 06:47:27 ----D---- C:\rsit
2011-06-17 13:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-06-17 13:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-06-17 13:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-06-17 13:23:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2011-06-17 13:22:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-06-17 13:22:00 ----D---- C:\WINDOWS\SxsCaPendDel
2011-06-11 09:24:05 ----D---- C:\My Shared Folder
2011-06-08 11:25:34 ----A---- C:\WINDOWS\ODBC.INI
2011-06-08 11:25:26 ----A---- C:\WINDOWS\system32\mdimon.dll
2011-06-08 11:23:37 ----D---- C:\Program Files\Microsoft ActiveSync
2011-06-08 11:22:58 ----D---- C:\Program Files\Common Files\DESIGNER
2011-06-08 11:22:22 ----D---- C:\WINDOWS\SHELLNEW
2011-06-08 11:22:18 ----D---- C:\Program Files\Microsoft.NET
2011-06-08 11:22:18 ----D---- C:\Program Files\Microsoft Office
2011-06-08 11:19:31 ----RHD---- C:\MSOCache
2011-06-08 10:40:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-06 17:31:42 ----D---- C:\Documents and Settings\user\Data aplikací\FlightSimTools.com
2011-06-06 17:27:21 ----D---- C:\Documents and Settings\user\Data aplikací\Flight1
2011-06-04 07:09:34 ----D---- C:\Program Files\Opera
2011-06-03 16:40:14 ----SHD---- C:\Config.Msi
2011-06-03 13:31:23 ----D---- C:\Program Files\MSXML 4.0
2011-06-03 10:56:35 ----D---- C:\Program Files\CCleaner
2011-06-03 08:40:17 ----D---- C:\Games (x86)
2011-06-02 21:03:28 ----D---- C:\Program Files\Codemasters
2011-06-02 20:08:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-06-02 20:04:54 ----D---- C:\Program Files\TML-Studios
2011-06-02 13:49:57 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-06-02 13:49:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-06-02 13:49:53 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-05-31 14:50:53 ----D---- C:\WINDOWS\Minidump
2011-05-31 09:34:19 ----D---- C:\Program Files\SysShield Tools
2011-05-31 08:59:49 ----D---- C:\Documents and Settings\user\Data aplikací\vlc
2011-05-31 08:59:00 ----D---- C:\Program Files\VideoLAN
2011-05-28 22:23:02 ----RHD---- C:\Documents and Settings\user\Data aplikací\SecuROM
2011-05-28 15:46:56 ----HD---- C:\$AVG
2011-05-28 15:42:40 ----D---- C:\Documents and Settings\user\Data aplikací\AVG10
2011-05-28 15:41:50 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2011-05-28 15:40:50 ----D---- C:\WINDOWS\system32\drivers\AVG
2011-05-28 15:40:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2011-05-28 15:40:26 ----D---- C:\Program Files\AVG
2011-05-28 15:36:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-05-28 14:50:57 ----D---- C:\Documents and Settings\user\Data aplikací\OpenArena
2011-05-28 14:25:35 ----A---- C:\WINDOWS\system32\oeminfo.ini
2011-05-28 14:21:35 ----D---- C:\Program Files\Google
2011-05-28 13:56:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2011-05-28 13:55:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-05-28 13:43:40 ----D---- C:\Program Files\SpeedFan
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\nvgenco322060.dll
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\nvdispco3220140.dll
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2011-05-28 13:41:16 ----A---- C:\WINDOWS\system32\nvcuda.dll
2011-05-28 13:41:15 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-05-28 13:41:15 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-05-28 13:41:15 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2011-05-28 13:41:15 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-05-28 13:40:53 ----D---- C:\Program Files\NVIDIA Corporation
2011-05-28 13:40:16 ----D---- C:\Program Files\NVIDIA
2011-05-28 13:13:57 ----A---- C:\WINDOWS\WININIT.INI
2011-05-27 21:43:06 ----D---- C:\Documents and Settings\user\Data aplikací\PriceGong
2011-05-27 21:40:47 ----A---- C:\WINDOWS\system32\drivers\PciBus.sys
2011-05-27 21:40:46 ----D---- C:\WINDOWS\system32\Futuremark
2011-05-27 21:40:46 ----A---- C:\WINDOWS\system32\drivers\Entech64.sys
2011-05-27 21:40:46 ----A---- C:\WINDOWS\system32\drivers\Entech.sys
2011-05-27 20:55:10 ----D---- C:\WINDOWS\pss
2011-05-27 20:13:19 ----D---- C:\Program Files\Lavalys
2011-05-26 13:30:37 ----D---- C:\Documents and Settings\user\Data aplikací\Opera
2011-05-24 15:04:32 ----D---- C:\WINDOWS\system32\NtmsData
2011-05-24 10:00:03 ----D---- C:\Documents and Settings\user\Data aplikací\Malwarebytes
2011-05-24 09:59:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-05-23 16:12:19 ----D---- C:\Program Files\Common Files\Adobe
2011-05-23 12:15:36 ----D---- C:\Program Files\Adobe
2011-05-22 10:18:22 ----D---- C:\Program Files\Creative
2011-05-22 10:18:22 ----A---- C:\WINDOWS\system32\eax.dll
2011-05-22 10:14:56 ----D---- C:\Program Files\Mafia
2011-05-22 10:14:52 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe
2011-05-22 08:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-05-21 22:25:50 ----HD---- C:\4693b3f192cfa20e26fcc6a9038c66
2011-05-21 21:50:41 ----A---- C:\WINDOWS\game.ini
2011-05-21 21:43:18 ----D---- C:\Program Files\Activision
2011-05-21 12:55:49 ----SHD---- C:\WINDOWS\ftpcache
2011-05-21 03:08:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-05-21 03:07:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-05-21 03:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-05-21 02:09:21 ----D---- C:\Documents and Settings\user\Data aplikací\Media Player Classic
2011-05-21 01:16:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Codemasters
2011-05-21 01:06:13 ----A---- C:\WINDOWS\system32\mkl_blueripple.dll
2011-05-21 01:06:12 ----A---- C:\WINDOWS\system32\rapture3d_oal.dll
2011-05-21 01:06:08 ----D---- C:\Program Files\BRS
2011-05-21 01:06:05 ----D---- C:\Program Files\OpenAL
2011-05-21 01:06:05 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2011-05-21 01:06:05 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-05-21 01:06:04 ----RA---- C:\WINDOWS\system32\tmp368.tmp
2011-05-21 01:06:04 ----RA---- C:\WINDOWS\system32\tmp367.tmp
2011-05-21 01:06:00 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-05-21 01:06:00 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-05-21 01:05:59 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-05-21 01:05:58 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-05-21 01:05:57 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-05-21 01:05:56 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-05-21 01:05:55 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-05-21 01:05:54 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-05-21 01:05:52 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-05-21 01:05:52 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-05-21 01:05:51 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-05-21 01:05:50 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-05-21 01:05:48 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-05-21 01:05:47 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-05-21 01:05:46 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-05-21 01:05:44 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-05-21 01:05:42 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-05-21 01:01:33 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-21 01:01:26 ----D---- C:\Program Files\MSBuild
2011-05-21 01:01:22 ----D---- C:\WINDOWS\system32\en-US
2011-05-21 01:01:11 ----D---- C:\Program Files\Reference Assemblies
2011-05-21 00:59:59 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-05-21 00:59:58 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-05-21 00:59:56 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-05-21 00:59:54 ----HD---- C:\901609c118ef001733
2011-05-21 00:53:13 ----D---- C:\Program Files\Ares
2011-05-21 00:50:41 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-05-21 00:50:37 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-05-21 00:50:19 ----D---- C:\WINDOWS\system32\xlive
2011-05-21 00:27:47 ----D---- C:\Documents and Settings\user\Data aplikací\Leadertech
2011-05-21 00:20:48 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-05-21 00:20:48 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-05-21 00:20:47 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-05-21 00:20:47 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-05-21 00:20:47 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-05-21 00:20:46 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-05-21 00:20:46 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-05-21 00:20:45 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-05-21 00:20:45 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-05-21 00:20:44 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-05-21 00:20:44 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-05-21 00:20:44 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-05-21 00:20:43 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-05-21 00:20:43 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-05-21 00:20:42 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-05-21 00:20:42 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-05-21 00:20:42 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-05-21 00:20:41 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-05-21 00:20:41 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-05-21 00:20:41 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-05-21 00:20:40 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-05-21 00:20:40 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-05-21 00:20:39 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-05-21 00:20:39 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-05-21 00:20:39 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-05-21 00:20:38 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-05-21 00:20:38 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-05-21 00:20:37 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-05-21 00:20:37 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-05-21 00:20:37 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-05-21 00:20:36 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-05-21 00:20:36 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-05-21 00:20:35 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-05-21 00:20:35 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-05-21 00:20:34 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-05-21 00:20:34 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-05-21 00:20:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-05-21 00:20:33 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-05-21 00:20:32 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-05-21 00:20:32 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-05-21 00:20:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-05-21 00:20:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-05-21 00:20:31 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-05-21 00:20:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-05-21 00:20:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-05-21 00:20:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-05-21 00:20:29 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-05-21 00:20:28 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-05-21 00:20:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-05-21 00:20:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-05-21 00:20:27 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-05-21 00:20:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-05-21 00:20:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-05-21 00:20:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-05-21 00:20:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-05-21 00:20:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-05-21 00:20:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-05-21 00:20:24 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-05-21 00:20:23 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-05-21 00:20:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-05-21 00:20:23 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-05-21 00:20:22 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-05-21 00:20:14 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-05-21 00:20:14 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-05-21 00:20:14 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-05-21 00:20:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-05-21 00:20:12 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-05-21 00:20:12 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-05-21 00:20:12 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-05-21 00:20:11 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-05-21 00:20:10 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-05-21 00:20:09 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-05-21 00:19:59 ----D---- C:\WINDOWS\Logs
2011-05-21 00:19:58 ----D---- C:\Program Files\EA Sports
2011-05-20 22:12:56 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2011-05-20 22:12:56 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-05-20 22:12:18 ----D---- C:\Documents and Settings\user\Data aplikací\Adobe
2011-05-20 22:08:48 ----D---- C:\Documents and Settings\user\Data aplikací\WinRAR
2011-05-20 22:08:29 ----D---- C:\Program Files\WinRAR
2011-05-20 21:05:54 ----D---- C:\Program Files\Microsoft Games
2011-05-20 19:30:42 ----D---- C:\Program Files\PowerISO
2011-05-20 19:17:36 ----D---- C:\Program Files\uTorrent
2011-05-20 19:16:47 ----D---- C:\Documents and Settings\user\Data aplikací\uTorrent

======List of files/folders modified in the last 1 months======

2011-06-19 06:47:28 ----RD---- C:\Program Files
2011-06-19 06:42:41 ----D---- C:\WINDOWS\Prefetch
2011-06-19 06:42:36 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-19 06:40:00 ----D---- C:\WINDOWS\Temp
2011-06-19 06:39:55 ----D---- C:\WINDOWS\system32
2011-06-19 06:39:09 ----D---- C:\WINDOWS
2011-06-18 22:29:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-06-17 13:28:44 ----SHD---- C:\WINDOWS\Installer
2011-06-17 13:28:42 ----D---- C:\WINDOWS\WinSxS
2011-06-17 13:28:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-17 13:28:33 ----HD---- C:\WINDOWS\inf
2011-06-17 13:28:27 ----D---- C:\WINDOWS\system32\drivers
2011-06-17 13:28:16 ----HD---- C:\WINDOWS\$hf_mig$
2011-06-17 13:27:36 ----A---- C:\WINDOWS\win.ini
2011-06-17 13:23:25 ----D---- C:\Program Files\Internet Explorer
2011-06-17 13:23:14 ----D---- C:\WINDOWS\ie8updates
2011-06-10 14:39:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-10 14:35:37 ----RSD---- C:\WINDOWS\assembly
2011-06-10 13:49:01 ----SD---- C:\Documents and Settings\user\Data aplikací\Microsoft
2011-06-09 15:05:40 ----RSD---- C:\WINDOWS\Fonts
2011-06-08 11:38:00 ----D---- C:\WINDOWS\system32\wbem
2011-06-08 11:38:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-06-08 11:22:58 ----D---- C:\Program Files\Common Files
2011-06-08 11:22:24 ----D---- C:\Program Files\Common Files\System
2011-06-08 11:19:41 ----D---- C:\WINDOWS\system
2011-06-08 10:43:48 ----D---- C:\WINDOWS\system32\config
2011-06-08 10:42:28 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-07 13:28:37 ----D---- C:\Program Files\Common Files\InstallShield
2011-06-07 13:28:22 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-03 19:14:23 ----D---- C:\WINDOWS\system32\DirectX
2011-06-02 20:40:05 ----SHD---- C:\System Volume Information
2011-06-02 20:40:05 ----D---- C:\WINDOWS\system32\Restore
2011-05-31 00:12:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-05-28 14:49:52 ----D---- C:\install
2011-05-28 14:21:38 ----SD---- C:\WINDOWS\Tasks
2011-05-28 14:19:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-05-28 13:59:42 ----SH---- C:\boot.ini
2011-05-28 13:59:42 ----A---- C:\WINDOWS\system.ini
2011-05-28 13:56:05 ----D---- C:\WINDOWS\Help
2011-05-28 13:55:44 ----D---- C:\Documents and Settings
2011-05-28 13:13:40 ----D---- C:\Program Files\ATI Technologies
2011-05-28 08:31:49 ----D---- C:\WINDOWS\Microsoft.NET
2011-05-23 16:12:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-05-22 08:46:11 ----D---- C:\WINDOWS\system32\CatRoot
2011-05-21 15:17:13 ----D---- C:\WINDOWS\Debug
2011-05-21 01:47:53 ----D---- C:\Program Files\Windows Media Player
2011-05-21 01:00:37 ----D---- C:\WINDOWS\system32\spool
2011-05-21 00:56:51 ----D---- C:\WINDOWS\system32\mui
2011-05-20 16:46:40 ----D---- C:\WINDOWS\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17920]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 27216]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-04-19 6394472]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-28 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Zamrzlý PC

Napsal: 19 čer 2011 09:57
od Rudy
Toto je OK. Ještě poprosím o log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Zamrzlý PC

Napsal: 19 čer 2011 10:40
od brankar
Zdravím Rudy nechce mě to pustit přes AVG prý ho musí nejdříve odinstalovat je to nutny vše je v něm vypnuto

Re: Zamrzlý PC

Napsal: 19 čer 2011 10:47
od Márty84
Dobry den, omlouvam se Rudy za vstup :oops:

ComboFix a AVG se nesnaseji. Pokud chcete udelat sken ComboFixem, AVG je opravdu ve vetsine pripadu nutno docasne odinstalovat. A pokud neni placene, radeji uz ho ani nevracet :D Ale to uz vam povi Rudy :)

Re: Zamrzlý PC

Napsal: 19 čer 2011 10:54
od Rudy
Ano, je to tak. Pro práci s CF je nutné AVG dočasně odinstalovat.

Re: Zamrzlý PC

Napsal: 19 čer 2011 11:19
od brankar
Tak jsem AVG smázl


ComboFix 11-06-17.04 - user 19.06.2011 12:08:42.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.552 [GMT 2:00]
Spuštěný z: c:\documents and settings\user\Plocha\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\user\Data aplikací\PriceGong
c:\documents and settings\user\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\user\Data aplikací\PriceGong\Data\z.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-19 do 2011-06-19 )))))))))))))))))))))))))))))))
.
.
2011-06-19 09:44 . 2011-06-19 09:44 -------- d-----w- c:\documents and settings\Administrator
2011-06-19 04:47 . 2011-06-19 04:47 -------- d-----w- c:\program files\trend micro
2011-06-19 04:47 . 2011-06-19 04:47 -------- d-----w- C:\rsit
2011-06-17 11:22 . 2011-06-17 12:21 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-11 07:24 . 2011-06-11 07:24 -------- d-----w- C:\My Shared Folder
2011-06-08 09:25 . 2007-04-09 11:23 28552 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2011-06-08 09:25 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2011-06-08 09:23 . 2011-06-08 09:23 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-06-08 09:22 . 2011-06-08 09:23 -------- d-----w- c:\windows\SHELLNEW
2011-06-08 09:22 . 2011-06-08 09:22 -------- d-----w- c:\program files\Microsoft.NET
2011-06-08 09:19 . 2011-06-08 09:19 -------- d-----r- C:\MSOCache
2011-06-08 08:41 . 2011-06-08 08:41 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Microsoft Help
2011-06-08 08:40 . 2011-06-08 09:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2011-06-06 15:31 . 2011-06-07 11:26 -------- d-----w- c:\documents and settings\user\Data aplikací\FlightSimTools.com
2011-06-06 15:27 . 2011-06-06 15:27 -------- d-----w- c:\documents and settings\user\Data aplikací\Flight1
2011-06-04 05:09 . 2011-06-16 08:11 -------- d-----w- c:\program files\Opera
2011-06-03 11:31 . 2011-06-03 11:31 -------- d-----w- c:\program files\MSXML 4.0
2011-06-03 08:56 . 2011-06-03 08:56 -------- d-----w- c:\program files\CCleaner
2011-06-03 06:40 . 2011-06-03 06:40 -------- d-----w- C:\Games (x86)
2011-06-02 20:14 . 2011-06-02 20:20 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\MediaGet2
2011-06-02 19:03 . 2011-06-02 19:03 -------- d-----w- c:\program files\Codemasters
2011-06-02 18:08 . 2011-06-02 18:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TEMP
2011-06-02 18:04 . 2011-06-02 18:04 -------- d-----w- c:\program files\TML-Studios
2011-06-02 11:49 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-02 11:49 . 2011-06-02 11:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-02 11:49 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-31 07:34 . 2011-05-31 07:34 -------- d-----w- c:\program files\SysShield Tools
2011-05-31 06:59 . 2011-06-15 07:31 -------- d-----w- c:\documents and settings\user\Data aplikací\vlc
2011-05-31 06:59 . 2011-05-31 06:59 -------- d-----w- c:\program files\VideoLAN
2011-05-28 20:23 . 2011-05-28 20:23 -------- d--h--r- c:\documents and settings\user\Data aplikací\SecuROM
2011-05-28 13:46 . 2011-05-28 13:46 -------- d-----w- C:\$AVG
2011-05-28 13:42 . 2011-05-28 13:42 -------- d-----w- c:\documents and settings\user\Data aplikací\AVG10
2011-05-28 13:41 . 2011-05-28 13:41 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2011-05-28 13:40 . 2011-06-19 10:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG10
2011-05-28 13:40 . 2011-05-28 13:40 -------- d-----w- c:\program files\AVG
2011-05-28 13:36 . 2011-06-19 10:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2011-05-28 12:50 . 2011-06-13 16:58 -------- d-----w- c:\documents and settings\user\Data aplikací\OpenArena
2011-05-28 12:26 . 2011-05-28 12:26 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-05-28 12:21 . 2011-05-28 12:21 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-05-28 12:21 . 2011-06-04 11:34 -------- d-----w- c:\program files\Google
2011-05-28 12:21 . 2011-06-04 03:27 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Google
2011-05-28 12:21 . 2011-05-28 12:21 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Deployment
2011-05-28 11:56 . 2011-05-28 11:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2011-05-28 11:55 . 2011-05-28 11:55 -------- d-----w- c:\documents and settings\UpdatusUser
2011-05-28 11:55 . 2011-05-28 11:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2011-05-28 11:43 . 2011-05-28 12:02 -------- d-----w- c:\program files\SpeedFan
2011-05-28 11:40 . 2011-05-28 11:56 -------- d-----w- c:\program files\NVIDIA Corporation
2011-05-28 11:40 . 2011-05-28 11:40 -------- d-----w- c:\program files\NVIDIA
2011-05-27 19:40 . 2001-11-19 17:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2011-05-27 19:40 . 2011-05-27 19:40 -------- d-----w- c:\windows\system32\Futuremark
2011-05-27 19:40 . 2004-10-25 18:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2011-05-27 19:40 . 2004-06-22 13:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2011-05-27 18:13 . 2011-05-27 18:13 -------- d-----w- c:\program files\Lavalys
2011-05-26 11:30 . 2011-06-08 12:25 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Opera
2011-05-24 13:04 . 2011-05-24 13:04 -------- d-----w- c:\windows\system32\NtmsData
2011-05-24 08:00 . 2011-05-24 08:00 -------- d-----w- c:\documents and settings\user\Data aplikací\Malwarebytes
2011-05-24 07:59 . 2011-05-24 07:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-05-23 14:12 . 2011-05-23 14:12 -------- d-----w- c:\program files\Common Files\Adobe
2011-05-22 08:18 . 2011-05-22 08:18 -------- d-----w- c:\program files\Creative
2011-05-22 08:18 . 2002-06-06 12:38 139264 ----a-w- c:\windows\system32\eax.dll
2011-05-22 08:14 . 2011-05-22 08:23 -------- d-----w- c:\program files\Mafia
2011-05-22 08:14 . 2002-08-29 15:33 319488 ----a-r- c:\windows\system32\MafiaSetup.exe
2011-05-21 20:25 . 2011-05-21 20:25 -------- d-----w- C:\4693b3f192cfa20e26fcc6a9038c66
2011-05-21 19:43 . 2011-05-21 19:43 -------- d-----w- c:\program files\Activision
2011-05-21 10:55 . 2011-05-21 10:55 -------- d-sh--w- c:\windows\ftpcache
2011-05-21 00:38 . 2011-06-10 12:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-21 00:09 . 2011-05-21 13:17 -------- d-----w- c:\documents and settings\user\Data aplikací\Media Player Classic
2011-05-20 23:16 . 2011-05-20 23:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Codemasters
2011-05-20 23:06 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-05-20 23:06 . 2010-07-28 17:10 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-05-20 23:06 . 2011-05-20 23:06 -------- d-----w- c:\program files\BRS
2011-05-20 23:06 . 2011-05-27 19:41 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-20 23:06 . 2011-05-20 23:06 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-20 23:06 . 2011-05-20 23:06 -------- d-----w- c:\program files\OpenAL
2011-05-20 23:06 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmp368.tmp
2011-05-20 23:06 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmp367.tmp
2011-05-20 23:06 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-05-20 23:06 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-05-20 23:01 . 2011-05-20 23:01 -------- d-----w- c:\windows\system32\XPSViewer
2011-05-20 23:01 . 2011-05-20 23:01 -------- d-----w- c:\program files\MSBuild
2011-05-20 23:01 . 2011-05-20 23:01 -------- d-----w- c:\program files\Reference Assemblies
2011-05-20 23:00 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-05-20 22:59 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-05-20 22:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-05-20 22:59 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-05-20 22:59 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-05-20 22:59 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-05-20 22:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-05-20 22:59 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-05-20 22:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-05-20 22:59 . 2011-05-20 23:00 -------- d-----w- C:\901609c118ef001733
2011-05-20 22:53 . 2011-06-18 15:34 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Ares
2011-05-20 22:53 . 2011-06-11 07:31 -------- d-----w- c:\program files\Ares
2011-05-20 22:50 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-05-20 22:50 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-05-20 22:50 . 2011-05-20 22:50 -------- d-----w- c:\windows\system32\xlive
2011-05-20 22:27 . 2011-05-20 22:27 -------- d-----w- c:\documents and settings\user\Data aplikací\Leadertech
2011-05-20 22:19 . 2011-05-21 11:10 -------- d-----w- c:\windows\Logs
2011-05-20 22:19 . 2011-06-03 08:15 -------- d-----w- c:\program files\EA Sports
2011-05-20 20:12 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-05-20 20:12 . 2011-05-23 14:11 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Adobe
2011-05-20 19:05 . 2011-06-06 11:00 -------- d-----w- c:\program files\Microsoft Games
2011-05-20 17:30 . 2011-05-20 17:32 -------- d-----w- c:\program files\PowerISO
2011-05-20 17:18 . 2011-05-27 16:53 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Conduit
2011-05-20 17:17 . 2011-05-28 12:21 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Temp
2011-05-20 17:17 . 2011-05-20 17:17 -------- d-----w- c:\program files\uTorrent
2011-05-20 17:16 . 2011-06-18 17:33 -------- d-----w- c:\documents and settings\user\Data aplikací\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-02 15:32 . 2011-05-19 19:29 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2008-04-14 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-19 16:19 . 2011-05-19 20:21 6394472 ----a-r- c:\windows\system32\drivers\RtkHDAud.sys
2011-04-15 13:48 . 2011-05-19 20:21 56936 ----a-r- c:\windows\system32\RtkCoInstXP.dll
2011-04-14 11:36 . 2011-05-19 20:21 20053608 ----a-r- c:\windows\RTHDCPL.EXE
2011-04-07 20:16 . 2011-04-07 20:16 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-04-07 20:16 . 2011-04-07 20:16 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-04-07 20:16 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-04-07 20:16 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-04-07 20:16 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-04-07 20:16 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-04-07 20:16 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-04-07 20:16 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-04-07 20:16 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-04-07 20:16 . 2011-04-07 20:16 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-04-07 20:16 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-04-07 20:16 . 2011-04-07 20:16 13891176 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:16 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:16 . 2011-04-07 20:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2011-04-07 20:16 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-04-14 20053608]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"NvMediaCenter"="NvMCTray.dll" [2011-04-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\user\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-02-24 00:57 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\install\\openarena-0.8.1\\openarena.exe"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [28.5.2011 13:55 2218600]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [28.5.2011 14:21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19.5.2011 22:21 1691480]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2.6.2011 13:49 38224]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\MSI\Live Update 5\msibios32_100507.sys --> c:\program files\MSI\Live Update 5\msibios32_100507.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\MSI\Live Update 5\NTIOLib.sys --> c:\program files\MSI\Live Update 5\NTIOLib.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 12:21]
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 12:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: microsoft.com\www.update
TCP: Interfaces\{03E0E805-2D9E-4C5B-A476-D4BCCF85E0C7}: NameServer = 10.1.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-AtiExtEvent - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-19 12:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-06-19 12:16:48
ComboFix-quarantined-files.txt 2011-06-19 10:16
.
Před spuštěním: Volných bajtů: 78 821 457 920
Po spuštění: Volných bajtů: 78 874 210 304
.
- - End Of File - - 526762402662DCCA84C2B370D092E8BD

Re: Zamrzlý PC

Napsal: 19 čer 2011 11:34
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Collect::
c:\windows\system32\tmp368.tmp
c:\windows\system32\tmp367.tmp
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Zamrzlý PC

Napsal: 19 čer 2011 11:56
od brankar
Tak ještě po dočištení .
Rudy je možné že combo fix vyhodil hlášku nahrávám vzorky malware k analíze


ComboFix 11-06-17.04 - user 19.06.2011 12:39:32.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.502 [GMT 2:00]
Spuštěný z: c:\documents and settings\user\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\user\Plocha\CFScript.txt..txt
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
file zipped: c:\windows\system32\tmp367.tmp
file zipped: c:\windows\system32\tmp368.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-19 do 2011-06-19 )))))))))))))))))))))))))))))))
.
.
2011-06-19 09:44 . 2011-06-19 09:44 -------- d-----w- c:\documents and settings\Administrator
2011-06-19 04:47 . 2011-06-19 04:47 -------- d-----w- c:\program files\trend micro
2011-06-19 04:47 . 2011-06-19 04:47 -------- d-----w- C:\rsit
2011-06-17 11:22 . 2011-06-17 12:21 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-11 07:24 . 2011-06-11 07:24 -------- d-----w- C:\My Shared Folder
2011-06-08 09:25 . 2007-04-09 11:23 28552 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2011-06-08 09:25 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2011-06-08 09:23 . 2011-06-08 09:23 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-06-08 09:22 . 2011-06-08 09:23 -------- d-----w- c:\windows\SHELLNEW
2011-06-08 09:22 . 2011-06-08 09:22 -------- d-----w- c:\program files\Microsoft.NET
2011-06-08 09:19 . 2011-06-08 09:19 -------- d-----r- C:\MSOCache
2011-06-08 08:41 . 2011-06-08 08:41 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Microsoft Help
2011-06-08 08:40 . 2011-06-08 09:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2011-06-06 15:31 . 2011-06-07 11:26 -------- d-----w- c:\documents and settings\user\Data aplikací\FlightSimTools.com
2011-06-06 15:27 . 2011-06-06 15:27 -------- d-----w- c:\documents and settings\user\Data aplikací\Flight1
2011-06-04 05:09 . 2011-06-16 08:11 -------- d-----w- c:\program files\Opera
2011-06-03 11:31 . 2011-06-03 11:31 -------- d-----w- c:\program files\MSXML 4.0
2011-06-03 08:56 . 2011-06-03 08:56 -------- d-----w- c:\program files\CCleaner
2011-06-03 06:40 . 2011-06-03 06:40 -------- d-----w- C:\Games (x86)
2011-06-02 20:14 . 2011-06-02 20:20 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\MediaGet2
2011-06-02 19:03 . 2011-06-02 19:03 -------- d-----w- c:\program files\Codemasters
2011-06-02 18:08 . 2011-06-02 18:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TEMP
2011-06-02 18:04 . 2011-06-02 18:04 -------- d-----w- c:\program files\TML-Studios
2011-06-02 11:49 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-02 11:49 . 2011-06-02 11:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-02 11:49 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-31 07:34 . 2011-05-31 07:34 -------- d-----w- c:\program files\SysShield Tools
2011-05-31 06:59 . 2011-06-15 07:31 -------- d-----w- c:\documents and settings\user\Data aplikací\vlc
2011-05-31 06:59 . 2011-05-31 06:59 -------- d-----w- c:\program files\VideoLAN
2011-05-28 20:23 . 2011-05-28 20:23 -------- d--h--r- c:\documents and settings\user\Data aplikací\SecuROM
2011-05-28 13:46 . 2011-05-28 13:46 -------- d-----w- C:\$AVG
2011-05-28 13:42 . 2011-05-28 13:42 -------- d-----w- c:\documents and settings\user\Data aplikací\AVG10
2011-05-28 13:41 . 2011-05-28 13:41 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2011-05-28 13:40 . 2011-06-19 10:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG10
2011-05-28 13:40 . 2011-05-28 13:40 -------- d-----w- c:\program files\AVG
2011-05-28 13:36 . 2011-06-19 10:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2011-05-28 12:50 . 2011-06-13 16:58 -------- d-----w- c:\documents and settings\user\Data aplikací\OpenArena
2011-05-28 12:26 . 2011-05-28 12:26 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-05-28 12:21 . 2011-05-28 12:21 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-05-28 12:21 . 2011-06-04 11:34 -------- d-----w- c:\program files\Google
2011-05-28 12:21 . 2011-06-04 03:27 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Google
2011-05-28 12:21 . 2011-05-28 12:21 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Deployment
2011-05-28 11:56 . 2011-05-28 11:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2011-05-28 11:55 . 2011-05-28 11:55 -------- d-----w- c:\documents and settings\UpdatusUser
2011-05-28 11:55 . 2011-05-28 11:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2011-05-28 11:43 . 2011-05-28 12:02 -------- d-----w- c:\program files\SpeedFan
2011-05-28 11:40 . 2011-05-28 11:56 -------- d-----w- c:\program files\NVIDIA Corporation
2011-05-28 11:40 . 2011-05-28 11:40 -------- d-----w- c:\program files\NVIDIA
2011-05-27 19:40 . 2001-11-19 17:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2011-05-27 19:40 . 2011-05-27 19:40 -------- d-----w- c:\windows\system32\Futuremark
2011-05-27 19:40 . 2004-10-25 18:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2011-05-27 19:40 . 2004-06-22 13:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2011-05-27 18:13 . 2011-05-27 18:13 -------- d-----w- c:\program files\Lavalys
2011-05-26 11:30 . 2011-06-08 12:25 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Opera
2011-05-24 13:04 . 2011-05-24 13:04 -------- d-----w- c:\windows\system32\NtmsData
2011-05-24 08:00 . 2011-05-24 08:00 -------- d-----w- c:\documents and settings\user\Data aplikací\Malwarebytes
2011-05-24 07:59 . 2011-05-24 07:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-05-23 14:12 . 2011-05-23 14:12 -------- d-----w- c:\program files\Common Files\Adobe
2011-05-22 08:18 . 2011-05-22 08:18 -------- d-----w- c:\program files\Creative
2011-05-22 08:18 . 2002-06-06 12:38 139264 ----a-w- c:\windows\system32\eax.dll
2011-05-22 08:14 . 2011-05-22 08:23 -------- d-----w- c:\program files\Mafia
2011-05-22 08:14 . 2002-08-29 15:33 319488 ----a-r- c:\windows\system32\MafiaSetup.exe
2011-05-21 20:25 . 2011-05-21 20:25 -------- d-----w- C:\4693b3f192cfa20e26fcc6a9038c66
2011-05-21 19:43 . 2011-05-21 19:43 -------- d-----w- c:\program files\Activision
2011-05-21 10:55 . 2011-05-21 10:55 -------- d-sh--w- c:\windows\ftpcache
2011-05-21 00:38 . 2011-06-10 12:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-21 00:09 . 2011-05-21 13:17 -------- d-----w- c:\documents and settings\user\Data aplikací\Media Player Classic
2011-05-20 23:16 . 2011-05-20 23:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Codemasters
2011-05-20 23:06 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-05-20 23:06 . 2010-07-28 17:10 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-05-20 23:06 . 2011-05-20 23:06 -------- d-----w- c:\program files\BRS
2011-05-20 23:06 . 2011-05-27 19:41 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-20 23:06 . 2011-05-20 23:06 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-20 23:06 . 2011-05-20 23:06 -------- d-----w- c:\program files\OpenAL
2011-05-20 23:06 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmp368.tmp
2011-05-20 23:06 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmp367.tmp
2011-05-20 23:06 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-05-20 23:06 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-05-20 23:01 . 2011-05-20 23:01 -------- d-----w- c:\windows\system32\XPSViewer
2011-05-20 23:01 . 2011-05-20 23:01 -------- d-----w- c:\program files\MSBuild
2011-05-20 23:01 . 2011-05-20 23:01 -------- d-----w- c:\program files\Reference Assemblies
2011-05-20 23:00 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-05-20 22:59 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-05-20 22:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-05-20 22:59 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-05-20 22:59 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-05-20 22:59 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-05-20 22:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-05-20 22:59 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-05-20 22:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-05-20 22:59 . 2011-05-20 23:00 -------- d-----w- C:\901609c118ef001733
2011-05-20 22:53 . 2011-06-18 15:34 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Ares
2011-05-20 22:53 . 2011-06-11 07:31 -------- d-----w- c:\program files\Ares
2011-05-20 22:50 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-05-20 22:50 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-05-20 22:50 . 2011-05-20 22:50 -------- d-----w- c:\windows\system32\xlive
2011-05-20 22:27 . 2011-05-20 22:27 -------- d-----w- c:\documents and settings\user\Data aplikací\Leadertech
2011-05-20 22:19 . 2011-05-21 11:10 -------- d-----w- c:\windows\Logs
2011-05-20 22:19 . 2011-06-03 08:15 -------- d-----w- c:\program files\EA Sports
2011-05-20 20:12 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-05-20 20:12 . 2011-05-23 14:11 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Adobe
2011-05-20 19:05 . 2011-06-06 11:00 -------- d-----w- c:\program files\Microsoft Games
2011-05-20 17:30 . 2011-05-20 17:32 -------- d-----w- c:\program files\PowerISO
2011-05-20 17:18 . 2011-05-27 16:53 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Conduit
2011-05-20 17:17 . 2011-05-28 12:21 -------- d-----w- c:\documents and settings\user\Local Settings\Data aplikací\Temp
2011-05-20 17:17 . 2011-05-20 17:17 -------- d-----w- c:\program files\uTorrent
2011-05-20 17:16 . 2011-06-18 17:33 -------- d-----w- c:\documents and settings\user\Data aplikací\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-02 15:32 . 2011-05-19 19:29 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2008-04-14 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-19 16:19 . 2011-05-19 20:21 6394472 ----a-r- c:\windows\system32\drivers\RtkHDAud.sys
2011-04-15 13:48 . 2011-05-19 20:21 56936 ----a-r- c:\windows\system32\RtkCoInstXP.dll
2011-04-14 11:36 . 2011-05-19 20:21 20053608 ----a-r- c:\windows\RTHDCPL.EXE
2011-04-07 20:16 . 2011-04-07 20:16 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-04-07 20:16 . 2011-04-07 20:16 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-04-07 20:16 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-04-07 20:16 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-04-07 20:16 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-04-07 20:16 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-04-07 20:16 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-04-07 20:16 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-04-07 20:16 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-04-07 20:16 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-04-07 20:16 . 2011-04-07 20:16 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-04-07 20:16 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-04-07 20:16 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-04-07 20:16 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-04-07 20:16 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-04-07 20:16 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-04-07 20:16 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-04-07 20:16 . 2011-04-07 20:16 13891176 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 20:16 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 20:16 . 2011-04-07 20:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2011-04-07 20:16 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-04-14 20053608]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"NvMediaCenter"="NvMCTray.dll" [2011-04-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\user\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-02-24 00:57 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\install\\openarena-0.8.1\\openarena.exe"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [28.5.2011 13:55 2218600]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [28.5.2011 14:21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19.5.2011 22:21 1691480]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2.6.2011 13:49 38224]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\MSI\Live Update 5\msibios32_100507.sys --> c:\program files\MSI\Live Update 5\msibios32_100507.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\MSI\Live Update 5\NTIOLib.sys --> c:\program files\MSI\Live Update 5\NTIOLib.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 12:21]
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 12:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: microsoft.com\www.update
TCP: Interfaces\{03E0E805-2D9E-4C5B-A476-D4BCCF85E0C7}: NameServer = 10.1.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-19 12:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(824)
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'explorer.exe'(2140)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2011-06-19 12:51:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-19 10:51
ComboFix2.txt 2011-06-19 10:16
.
Před spuštěním: Volných bajtů: 78 687 289 344
Po spuštění: Volných bajtů: 78 766 493 696
.
- - End Of File - - 641F37CCB9B5B101D717857B268266EE
Nahr nˇ probŘhlo ŁspŘçnŘ

Re: Zamrzlý PC

Napsal: 19 čer 2011 15:56
od Rudy
Log již vypadá OK. Nastala nějaká změna?
Rudy je možné že combo fix vyhodil hlášku nahrávám vzorky malware k analíze
Ano. CF posílá, je-li mu to přikázáno, vzorky k analýze autorovi. Nic nebezpečného.

Re: Zamrzlý PC

Napsal: 19 čer 2011 18:56
od brankar
Rudy díky moc, :) vypadá to dobrý :wink:

Re: Zamrzlý PC

Napsal: 19 čer 2011 19:05
od Rudy
Není zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz