VIRY.CZ

Dobrý den, mám problém, PC mi čas od času zamrzne. Někdy po 5 minutách, někdy celý den nezamrzne. Prosím o rady kde by mohl být problém. Děkuji moc

Logfile of random's system information tool 1.09 (written by random/random)
Run by acter at 2011-07-12 20:43:44
Microsoft Windows 7 Professional
System drive C: has 53 GB (83%) free of 64 GB
Total RAM: 2046 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:53, on 12.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Users\acter\Downloads\RSIT.exe
C:\Program Files\trend micro\acter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

--
End of file - 2901 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\acter\AppData\Roaming\Mozilla\Firefox\Profiles\7yl0b7ha.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\acter\AppData\Roaming\Mozilla\Firefox\Profiles\7yl0b7ha.default\extensions\
toolbar@ask.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Foxit PDF Creator Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-12 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Foxit PDF Creator Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

C:\Users\acter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-12 20:43:44 ----D---- C:\rsit
2011-07-12 20:43:44 ----D---- C:\Program Files\trend micro
2011-07-12 17:36:27 ----D---- C:\ProgramData\Sun
2011-07-12 17:36:27 ----D---- C:\Program Files\Common Files\Java
2011-07-12 17:36:19 ----A---- C:\Windows\system32\javaws.exe
2011-07-12 17:36:19 ----A---- C:\Windows\system32\javaw.exe
2011-07-12 17:36:19 ----A---- C:\Windows\system32\java.exe
2011-07-12 17:36:19 ----A---- C:\Windows\system32\deployJava1.dll
2011-07-12 17:36:13 ----D---- C:\Program Files\Java
2011-07-12 17:30:38 ----D---- C:\eclipse
2011-07-12 17:30:32 ----D---- C:\Users\acter\AppData\Roaming\WinRAR
2011-07-12 11:55:15 ----D---- C:\Program Files\WinRAR
2011-07-11 19:53:38 ----D---- C:\Users\acter\AppData\Roaming\OpenOffice.org
2011-07-11 19:52:32 ----D---- C:\Program Files\OpenOffice.org 3
2011-07-11 17:54:41 ----D---- C:\Users\acter\AppData\Roaming\FileZilla
2011-07-11 17:54:37 ----D---- C:\Program Files\FileZilla FTP Client
2011-07-11 14:34:20 ----D---- C:\Windows\Panther
2011-07-11 14:12:23 ----N---- C:\Windows\system32\MpSigStub.exe
2011-07-11 14:09:07 ----D---- C:\Program Files\Ask.com
2011-07-11 14:09:02 ----SHD---- C:\Windows\Installer
2011-07-11 14:08:42 ----D---- C:\Program Files\Foxit Software
2011-07-11 14:06:24 ----D---- C:\Users\acter\AppData\Roaming\Macromedia
2011-07-11 14:06:24 ----D---- C:\Users\acter\AppData\Roaming\Adobe
2011-07-11 14:06:16 ----D---- C:\Windows\system32\Macromed
2011-07-11 14:00:11 ----D---- C:\Users\acter\AppData\Roaming\Mozilla
2011-07-11 14:00:07 ----D---- C:\Program Files\Mozilla Firefox
2011-07-11 13:49:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-11 13:43:37 ----D---- C:\Users\acter\AppData\Roaming\Identities
2011-07-11 13:43:26 ----SD---- C:\Users\acter\AppData\Roaming\Microsoft
2011-07-11 13:43:26 ----D---- C:\Users\acter\AppData\Roaming\Media Center Programs
2011-07-11 13:43:07 ----SHD---- C:\Recovery
2011-07-11 13:43:06 ----SHD---- C:\ProgramData\Šablony
2011-07-11 13:43:06 ----SHD---- C:\ProgramData\Plocha
2011-07-11 13:43:06 ----SHD---- C:\ProgramData\Oblíbené položky
2011-07-11 13:43:06 ----SHD---- C:\ProgramData\Nabídka Start
2011-07-11 13:43:06 ----SHD---- C:\ProgramData\Dokumenty
2011-07-11 13:43:06 ----SHD---- C:\ProgramData\Data aplikací
2011-07-11 13:37:50 ----D---- C:\Windows\SoftwareDistribution
2011-07-11 13:37:44 ----A---- C:\Windows\system32\atiicdxx.dat
2011-07-11 13:35:15 ----D---- C:\Windows\Prefetch
2011-07-11 13:35:08 ----ASH---- C:\pagefile.sys
2011-07-11 13:35:07 ----SHD---- C:\System Volume Information
2011-07-11 13:35:07 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2011-07-12 20:43:44 ----RD---- C:\Program Files
2011-07-12 20:42:28 ----D---- C:\Windows\system32\catroot2
2011-07-12 20:37:23 ----D---- C:\Windows\System32
2011-07-12 20:37:23 ----D---- C:\Windows\inf
2011-07-12 20:35:17 ----D---- C:\Windows\Temp
2011-07-12 18:09:47 ----D---- C:\Windows\system32\wdi
2011-07-12 17:36:27 ----HD---- C:\ProgramData
2011-07-12 17:36:27 ----D---- C:\Program Files\Common Files
2011-07-11 19:52:59 ----RSD---- C:\Windows\assembly
2011-07-11 19:52:41 ----RSD---- C:\Windows\Fonts
2011-07-11 19:47:53 ----D---- C:\Windows\winsxs
2011-07-11 19:47:40 ----D---- C:\Windows\system32\config
2011-07-11 19:47:35 ----D---- C:\Program Files\Common Files\microsoft shared
2011-07-11 15:20:37 ----D---- C:\Windows\system32\catroot
2011-07-11 15:09:41 ----D---- C:\Windows\Logs
2011-07-11 14:17:58 ----D---- C:\Windows\Microsoft.NET
2011-07-11 14:12:06 ----D---- C:\Windows\system32\restore
2011-07-11 14:09:12 ----D---- C:\Windows\system32\Tasks
2011-07-11 14:09:02 ----D---- C:\Windows
2011-07-11 14:03:20 ----D---- C:\Windows\system32\CodeIntegrity
2011-07-11 13:48:52 ----D---- C:\Windows\system32\wbem
2011-07-11 13:45:19 ----D---- C:\Windows\system32\LogFiles
2011-07-11 13:43:35 ----SHD---- C:\$Recycle.Bin
2011-07-11 13:43:24 ----RD---- C:\Users
2011-07-11 13:43:08 ----SD---- C:\ProgramData\Microsoft
2011-07-11 13:43:06 ----D---- C:\Program Files\Windows NT
2011-07-11 13:41:22 ----D---- C:\Windows\rescache
2011-07-11 13:41:03 ----D---- C:\Windows\debug
2011-07-11 13:40:19 ----D---- C:\Windows\system32\drivers
2011-07-11 13:38:10 ----D---- C:\Windows\system32\sysprep
2011-07-11 13:36:50 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-11 13:35:43 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Zdarvím!
Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-07-12.07 - acter 12.07.2011 20:57:49.1.1 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2046.1558 [GMT 2:00]
Spuštěný z: c:\users\acter\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-12 do 2011-07-12 )))))))))))))))))))))))))))))))
.
.
2011-07-12 19:01 . 2011-07-12 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-12 18:43 . 2011-07-12 18:43 -------- d-----w- C:\rsit
2011-07-12 18:43 . 2011-07-12 18:43 -------- d-----w- c:\program files\trend micro
2011-07-12 15:36 . 2011-07-12 15:36 -------- d-----w- c:\program files\Common Files\Java
2011-07-12 15:36 . 2011-07-12 15:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-11 12:08 . 2011-07-11 12:08 -------- d-----w- c:\program files\Foxit Software
2011-07-11 12:06 . 2011-07-11 12:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-11 12:06 . 2011-07-11 12:06 -------- d-----w- c:\windows\system32\Macromed
2011-07-11 11:48 . 2011-07-12 18:46 -------- d-----w- c:\windows\system32\wbem\Performance
2011-07-11 11:37 . 2011-07-11 11:37 0 ----a-w- c:\windows\ativpsrm.bin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-16 04:30 . 2011-07-11 12:00 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\users\acter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 217.196.209.2 81.91.85.109
FF - ProfilePath - c:\users\acter\AppData\Roaming\Mozilla\Firefox\Profiles\7yl0b7ha.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-12 21:04:19
ComboFix-quarantined-files.txt 2011-07-12 19:04
.
Před spuštěním: Volných bajtů: 55 350 161 408
Po spuštění: Volných bajtů: 55 218 212 864
.
- - End Of File - - 304250B538666183E0633E14564F858A

Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

nový log:

ComboFix 11-07-12.07 - acter 12.07.2011 21:52:59.2.1 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2046.1477 [GMT 2:00]
Spuštěný z: c:\users\acter\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\acter\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cb_9ad9.ico
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_9674.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-12 do 2011-07-12 )))))))))))))))))))))))))))))))
.
.
2011-07-12 19:58 . 2011-07-12 19:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-12 18:43 . 2011-07-12 18:43 -------- d-----w- C:\rsit
2011-07-12 18:43 . 2011-07-12 18:43 -------- d-----w- c:\program files\trend micro
2011-07-12 15:36 . 2011-07-12 15:36 -------- d-----w- c:\program files\Common Files\Java
2011-07-11 12:08 . 2011-07-11 12:08 -------- d-----w- c:\program files\Foxit Software
2011-07-11 12:06 . 2011-07-11 12:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-11 12:06 . 2011-07-11 12:06 -------- d-----w- c:\windows\system32\Macromed
2011-07-11 11:48 . 2011-07-12 18:46 -------- d-----w- c:\windows\system32\wbem\Performance
2011-07-11 11:37 . 2011-07-11 11:37 0 ----a-w- c:\windows\ativpsrm.bin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-16 04:30 . 2011-07-11 12:00 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\users\acter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 217.196.209.2 81.91.85.109
FF - ProfilePath - c:\users\acter\AppData\Roaming\Mozilla\Firefox\Profiles\7yl0b7ha.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-12 22:00:43
ComboFix-quarantined-files.txt 2011-07-12 20:00
ComboFix2.txt 2011-07-12 19:04
.
Před spuštěním: Volných bajtů: 55 260 397 568
Po spuštění: Volných bajtů: 55 216 930 816
.
- - End Of File - - CE1A68F9A159D6FEE59A1AB9B8CE4AFB

Smazáno, log již vypadá čistý. Nastala nějaká změna?

Nepomohlo to, stále zamrzává. Dneska dokonce nějak hodně často.

Vyčistěte ještě PC CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 od balastu, příp. proveďte defragmentaci disku.