VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Výrazné zpomalení netbooku

https://forum.viry.cz:443/viewtopic.php?t=119102

Stránka 1 z 1

Výrazné zpomalení netbooku

Napsal: 25 led 2012 21:06
od Stormmaster
Prosim o kontrolu logu. Cca tyden pozoruji vyrazne zpomaleni Asus EEE 1000HA.


Logfile of random's system information tool 1.09 (written by random/random)
Run by 100rm at 2012-01-25 20:57:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 41 GB (50%) free of 82 GB
Total RAM: 1015 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:58:55, on 25.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\oracle\ora81\bin\vppdc.exe
C:\oracle\ora81\Apache\Apache\Apache.exe
C:\WINDOWS\system32\svchost.exe
C:\oracle\ora81\Apache\jdk\bin\java.exe
C:\oracle\ora81\Apache\Apache\Apache.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Documents and Settings\100rm\Plocha\RSIT.exe
C:\Program Files\trend micro\100rm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\100rm\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\100rm\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\100rm\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O15 - Trusted Zone: http://www.wspk.cz
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {43BD5CFC-1382-4282-8239-AEC0E7ECAA48} - http://www.wspk.cz/internetbanking/inte ... roject.cab
O16 - DPF: {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} - http://192.168.1.100/view.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: EPSON ESC/POS Status Service (EPSON ESCPOS Status Service) - SEIKO EPSON Corp. - C:\WINDOWS\SYSTEM32\EpStsSrv.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe
O23 - Service: OracleOraHome81Agent - Oracle Corporation - C:\oracle\ora81\bin\dbsnmp.exe
O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE
O23 - Service: OracleOraHome81DataGatherer - Oracle Corporation - C:\oracle\ora81\bin\vppdc.exe
O23 - Service: OracleOraHome81HTTPServer - Unknown owner - C:\oracle\ora81\Apache\Apache\Apache.exe
O23 - Service: OracleOraHome81PagingServer - Unknown owner - C:\oracle\ora81/bin/pagntsrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9271 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\100rm\Data aplikací\Mozilla\Firefox\Profiles\gulqsxe2.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.9, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.19, check4change-owner@mozdev.org:1.9.3, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, tineye@ideeinc.com:1.1, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7, translator@zoli.bod:2.1.0.1, ietab@ip.cn:1.98.20110322, {D0A81AC1-3B12-4cec-AA8D-40EBDC4241EA}:0.0.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
npfiller.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\100rm\Data aplikací\Mozilla\Firefox\Profiles\gulqsxe2.default\extensions\
check4change-owner@mozdev.org
ietab@ip.cn
tineye@ideeinc.com
translator@zoli.bod
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{D0A81AC1-3B12-4cec-AA8D-40EBDC4241EA}

C:\Documents and Settings\100rm\Data aplikací\Mozilla\Firefox\Profiles\gulqsxe2.default\searchplugins\
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-12 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\100rm\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-09-06 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-21 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\100rm\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-10-05 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-21 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-21 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NWTRAY"=C:\WINDOWS\system32\NWTRAY.EXE [2002-03-12 28672]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-10-19 258512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusACPIServer]
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-06-03 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusEPCMonitor]
C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusTray]
C:\Program Files\EeePC\ACPI\AsTray.exe [2008-06-03 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-05-17 86960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwv1_0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"CompatibleRUPSecurity"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\CrossLoop\CrossLoopConnect.exe"="C:\Program Files\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\AirLive Print Server Utilities\PSAdmin.exe"="C:\Program Files\AirLive Print Server Utilities\PSAdmin.exe:*:Enabled:PSAdmin"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVerVision3\VisionAP\visionap.exe"="C:\Program Files\AVerVision3\VisionAP\visionap.exe:*:Enabled:AVerVision Application 3"
"C:\Documents and Settings\100rm\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe"="C:\Documents and Settings\100rm\Local Settings\Data aplikací\CrossLoop\CrossLoopConnect.exe:*:Enabled:CrossLoop - Simple Secure Screen Sharing"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe:*:Enabled:Tabman Executable"
"C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe:*:Enabled:System Page"
"C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe:*:Enabled:Testman Executable"
"C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe:*:Enabled:CodeServer Daemon"
"C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe:*:Enabled:XML Registry Daemon"
"C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe:*:Enabled:TDS Network Configuration"
"C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe:*:Enabled:Apply TDS Patch"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe:*:Enabled:Update Database"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe:*:Enabled:StarBurst"
"C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe:*:Enabled:Engineering Feedback"
"C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe:*:Enabled:System Diagnostic Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe:*:Enabled:VMM System Diagnostic Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe:*:Enabled:C402 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe:*:Enabled:C403 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe:*:Enabled:C407 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe:*:Enabled:C412 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe:*:Enabled:C413 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe:*:Enabled:LVP Check Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe:*:Enabled:VCL_PC MFC Application EZTech"
"C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe:*:Enabled:LAN Connectivity Activation"
"C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe:*:Enabled:ProbeTickHandler executable"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe:*:Enabled:Tabman Executable"
"C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe:*:Enabled:System Page"
"C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe:*:Enabled:Testman Executable"
"C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe:*:Enabled:CodeServer Daemon"
"C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe:*:Enabled:XML Registry Daemon"
"C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe:*:Enabled:TDS Network Configuration"
"C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe:*:Enabled:Apply TDS Patch"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe:*:Enabled:Update Database"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe:*:Enabled:StarBurst"
"C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe:*:Enabled:Engineering Feedback"
"C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe:*:Enabled:System Diagnostic Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe:*:Enabled:VMM System Diagnostic Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe:*:Enabled:C402 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe:*:Enabled:C403 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe:*:Enabled:C407 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe:*:Enabled:C412 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe:*:Enabled:C413 Cable Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe:*:Enabled:LVP Check Test Application"
"C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe:*:Enabled:VCL_PC MFC Application EZTech"
"C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe:*:Enabled:LAN Connectivity Activation"
"C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe"="C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe:*:Enabled:ProbeTickHandler executable"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.WJPG"=wb9967.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-01-25 20:58:03 ----D---- C:\Program Files\trend micro
2012-01-25 20:57:59 ----D---- C:\rsit
2012-01-25 20:21:52 ----D---- C:\Program Files\Graphisoft
2012-01-23 20:19:57 ----D---- C:\Documents and Settings\100rm\Data aplikací\Callida
2012-01-23 19:52:00 ----D---- C:\Program Files\Common Files\SafeNet Sentinel
2012-01-23 19:48:05 ----D---- C:\Program Files\Callida
2012-01-19 19:42:55 ----D---- C:\Program Files\Windows Resource Kits
2012-01-13 20:37:02 ----D---- C:\WINDOWS\system32\20-20 Technologies
2012-01-10 19:57:48 ----D---- C:\Program Files\Mozilla Thunderbird
2012-01-02 19:42:19 ----D---- C:\Program Files\The KMPlayer
2012-01-02 19:19:04 ----D---- C:\Program Files\DVR-Studio Light
2011-12-29 23:09:32 ----D---- C:\Program Files\VideoReDoTVSuite4
2011-12-29 22:40:55 ----A---- C:\WINDOWS\system32\unrar.dll
2011-12-29 22:40:49 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-12-29 22:40:49 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-12-29 22:40:48 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2011-12-27 13:19:23 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2011-12-27 13:19:19 ----D---- C:\Program Files\PDFCreator
2011-12-27 13:19:19 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL

======List of files/folders modified in the last 1 month======

2012-01-25 20:58:23 ----D---- C:\temp
2012-01-25 20:58:17 ----D---- C:\WINDOWS\Temp
2012-01-25 20:58:03 ----D---- C:\Program Files
2012-01-25 20:54:51 ----D---- C:\Downloads
2012-01-25 20:49:52 ----D---- C:\WINDOWS
2012-01-25 20:42:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-25 20:41:53 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-25 20:34:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-25 20:33:23 ----D---- C:\WINDOWS\system32\LogFiles
2012-01-25 20:32:31 ----HD---- C:\WINDOWS\inf
2012-01-25 20:31:09 ----D---- C:\WINDOWS\system32\NtmsData
2012-01-25 20:30:51 ----D---- C:\WINDOWS\repair
2012-01-25 20:29:32 ----D---- C:\WINDOWS\Registration
2012-01-23 20:11:50 ----D---- C:\WINDOWS\Prefetch
2012-01-23 19:59:31 ----SHD---- C:\WINDOWS\Installer
2012-01-23 19:52:01 ----D---- C:\WINDOWS\system32\drivers
2012-01-23 19:52:01 ----D---- C:\WINDOWS\system32
2012-01-23 19:52:00 ----D---- C:\Program Files\Common Files
2012-01-23 19:50:54 ----RD---- C:\Dokumenty
2012-01-21 23:29:41 ----A---- C:\WINDOWS\winamp.ini
2012-01-21 10:53:19 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-21 10:53:15 ----RSD---- C:\WINDOWS\assembly
2012-01-20 19:38:00 ----D---- C:\WINDOWS\AppPatch
2012-01-19 22:04:05 ----D---- C:\WINDOWS\ie8updates
2012-01-19 22:03:39 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-19 22:00:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-19 21:58:24 ----D---- C:\WINDOWS\WinSxS
2012-01-19 21:42:00 ----D---- C:\Program Files\Internet Explorer
2012-01-19 21:40:30 ----D---- C:\Program Files\Microsoft Office
2012-01-19 21:25:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-01-19 21:23:27 ----D---- C:\Program Files\Microsoft Works
2012-01-19 21:22:22 ----RHD---- C:\MSOCache
2012-01-19 19:12:23 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-01-16 19:14:32 ----D---- C:\Documents and Settings\100rm\Data aplikací\Thunderbird
2012-01-15 20:43:09 ----SHD---- C:\RECYCLER
2012-01-14 15:39:07 ----D---- C:\WINDOWS\Driver Cache
2012-01-14 15:38:45 ----D---- C:\WINDOWS\Downloaded Installations
2012-01-14 15:37:49 ----D---- C:\TISKY
2012-01-14 15:36:50 ----D---- C:\WINDOWS\pss
2012-01-14 15:23:36 ----D---- C:\Documents and Settings\100rm\Data aplikací\Haenlein-Software
2012-01-14 15:14:10 ----D---- C:\Documents and Settings\100rm\Data aplikací\Template
2012-01-13 21:01:34 ----D---- C:\WINDOWS\Debug
2012-01-11 21:18:40 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-10 20:00:43 ----D---- C:\Program Files\Mozilla Firefox
2012-01-10 19:37:16 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-10 19:36:09 ----RSD---- C:\WINDOWS\Fonts
2012-01-07 23:41:09 ----SD---- C:\WINDOWS\Tasks
2011-12-29 22:41:10 ----D---- C:\Program Files\K-Lite Codec Pack
2011-12-28 20:46:32 ----D---- C:\Documents and Settings\100rm\Data aplikací\Skype
2011-12-28 17:10:06 ----D---- C:\Documents and Settings\100rm\Data aplikací\skypePM
2011-12-27 18:58:28 ----D---- C:\Program Files\Movie Maker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 NICM;Novell InterService Communication Driver; C:\WINDOWS\system32\drivers\nicm.sys [2006-03-03 38416]
R0 NWFILTER;Novell UNC Path Filter; C:\WINDOWS\system32\NetWare\nwfilter.sys [2005-05-26 15891]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2003-10-28 20016]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-12-08 134856]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-10-19 36000]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-22 21035]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-10-19 74640]
R2 NetwareWorkstation;Novell Client for Windows; C:\WINDOWS\system32\NetWare\nwfs.sys [2007-06-21 513664]
R2 RESMGR;Novell NetWare Resource Manager; C:\WINDOWS\system32\NetWare\resmgr.sys [2004-06-01 27249]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2009-09-17 92712]
R2 SRVLOC;Novell Service Location; C:\WINDOWS\system32\NetWare\srvloc.sys [2006-09-25 160209]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2007-07-26 11264]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-06-24 991400]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-07-14 25088]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NWDHCP;Novell DHCP Inform Client; C:\WINDOWS\system32\NetWare\nwdhcp.sys [2005-11-22 18353]
R3 NWDNS;Novell DNS Name Space Service Provider; C:\WINDOWS\system32\NetWare\nwdns.sys [2006-10-27 43568]
R3 NWHOST;Novell Host File Name Space Service Provider; C:\WINDOWS\system32\NetWare\NWHOST.sys [2005-10-12 9297]
R3 NWSLP;Novell SLP Name Space Service Provider; C:\WINDOWS\system32\NetWare\nwslp.sys [2005-01-03 20332]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-09-24 704384]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2003-07-29 40448]
S2 NWSIPX32;Novell NetWare IPX/SPX Transport Interface; C:\WINDOWS\system32\NetWare\nwsipx32.sys [2005-10-27 39731]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-09-20 156392]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-06-11 47272]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 DCamUSBAverMedia2;USB Video Camera for AverVision Digital Presenter 2; C:\WINDOWS\System32\Drivers\AVerCamBulkASIC.sys [2009-02-12 68352]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2010-07-12 60104]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2010-07-12 73032]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2006-12-13 20992]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NWSAP;Novell SAP Name Space Provider; C:\WINDOWS\system32\NetWare\NWSAP.sys [2003-02-26 23232]
S3 NWSNS;Novell Simple Naming Services (NWSNS); C:\WINDOWS\system32\NetWare\NWSNS.sys [2005-10-12 6128]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2010-01-22 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2010-01-22 32800]
S3 RTLWUSB;11g Wireless USB Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys []
S3 RT-USB;Ross-Tech USB driver; C:\WINDOWS\system32\drivers\RT-USB.sys [2007-11-16 54400]
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TMUSB;EPSON USB Device Driver for TM/BA/EU Printers; C:\WINDOWS\System32\DRIVERS\TMUSBXP.SYS [2007-01-19 47616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-07-07 346720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-21 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 OracleOraHome81DataGatherer;OracleOraHome81DataGatherer; C:\oracle\ora81\bin\vppdc.exe [2000-11-11 170724]
R2 OracleOraHome81HTTPServer;OracleOraHome81HTTPServer; C:\oracle\ora81\Apache\Apache\Apache.exe [2000-11-09 3584]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2007-12-12 65536]
S2 OOD2000;O&O Defrag 2000; C:\WINDOWS\system32\OOD2000.exe [2001-04-06 238080]
S2 OracleOraHome81Agent;OracleOraHome81Agent; C:\oracle\ora81\bin\dbsnmp.exe [2000-11-11 246332]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 cusrvc;Client Update Service for Novell; C:\WINDOWS\system32\cusrvc.exe [2006-08-11 28672]
S3 EPSON ESCPOS Status Service;EPSON ESC/POS Status Service; C:\WINDOWS\system32\EpStsSrv.exe [2006-05-17 77824]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2007-12-12 1531989]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 OracleOraHome81ClientCache;OracleOraHome81ClientCache; C:\oracle\ora81\BIN\ONRSD.EXE [2000-10-19 411244]
S3 OracleOraHome81PagingServer;OracleOraHome81PagingServer; C:\oracle\ora81/bin/pagntsrv.exe [2009-03-13 52224]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-10-22 65536]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Výrazné zpomalení netbooku

Napsal: 25 led 2012 21:23
od Rudy
Poprosím o log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Výrazné zpomalení netbooku

Napsal: 26 led 2012 08:02
od Stormmaster
ComboFix 12-01-23.02 - 100rm 25.01.2012 21:32:31.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.500 [GMT 1:00]
Spuštěný z: c:\documents and settings\100rm\Plocha\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_glaide32
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-25 do 2012-01-25 )))))))))))))))))))))))))))))))
.
.
2012-01-25 19:58 . 2012-01-25 19:58 -------- d-----w- c:\program files\trend micro
2012-01-25 19:57 . 2012-01-25 19:59 -------- d-----w- C:\rsit
2012-01-25 19:21 . 2012-01-25 19:21 -------- d-----w- c:\program files\Graphisoft
2012-01-23 19:19 . 2012-01-23 19:56 -------- d-----w- c:\documents and settings\100rm\Data aplikací\Callida
2012-01-23 18:52 . 2012-01-23 18:52 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2012-01-23 18:48 . 2012-01-23 18:48 -------- d-----w- c:\program files\Callida
2012-01-19 18:42 . 2012-01-19 18:42 -------- d-----w- c:\program files\Windows Resource Kits
2012-01-13 19:37 . 2012-01-13 19:37 -------- d-----w- c:\windows\system32\20-20 Technologies
2012-01-10 19:00 . 2012-01-10 19:00 19416 ----a-w- c:\program files\Mozilla Firefox\AccessibleMarshal.dll
2012-01-10 19:00 . 2012-01-10 19:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2012-01-10 19:00 . 2012-01-10 19:00 121816 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-01-10 19:00 . 2012-01-10 19:00 125912 ----a-w- c:\program files\Mozilla Firefox\crashreporter.exe
2012-01-10 19:00 . 2012-01-10 19:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2012-01-10 19:00 . 2012-01-10 19:00 924632 ----a-w- c:\program files\Mozilla Firefox\firefox.exe
2012-01-10 19:00 . 2012-01-10 19:00 269272 ----a-w- c:\program files\Mozilla Firefox\freebl3.dll
2012-01-10 19:00 . 2012-01-10 19:00 97240 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2012-01-10 18:57 . 2012-01-10 18:58 -------- d-----w- c:\program files\Mozilla Thunderbird
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2012-01-02 18:42 . 2012-01-15 09:17 -------- d-----w- c:\program files\The KMPlayer
2012-01-02 18:19 . 2012-01-02 18:19 -------- d-----w- c:\program files\DVR-Studio Light
2011-12-29 22:09 . 2012-01-10 18:32 -------- d-----w- c:\program files\VideoReDoTVSuite4
2011-12-29 21:40 . 2011-03-02 11:43 175616 ----a-w- c:\windows\system32\unrar.dll
2011-12-29 21:40 . 2011-07-16 15:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-12-29 21:40 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-12-29 21:40 . 2011-06-24 15:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2011-12-29 21:40 . 2011-06-24 15:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-12-29 21:40 . 2011-11-23 18:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-12-27 12:19 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-12-27 12:19 . 2011-12-27 12:19 -------- d-----w- c:\program files\PDFCreator
2011-12-27 12:19 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 19:39 . 2011-10-29 20:06 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-25 21:57 . 2008-07-07 17:20 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2008-07-07 17:20 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-07-07 17:20 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2008-07-07 17:20 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2008-07-07 17:20 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-14 17:57 . 2011-05-15 16:44 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:13 . 2008-07-07 17:20 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-07-07 17:20 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2008-07-07 17:20 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2008-07-07 17:20 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2008-07-07 17:20 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2008-07-07 17:20 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2008-07-07 17:20 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-07-07 17:20 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-05-07 14:34 . 2010-07-09 12:21 15523560 -c--a-w- c:\program files\U1 Setup.exe
2004-06-15 13:29 . 2004-06-15 13:29 274432 ----a-w- c:\program files\vncviewer.exe
1999-12-31 21:00 . 2003-08-18 04:11 64512 -c--a-w- c:\program files\DOSPrint.exe
1999-12-31 21:00 . 2003-08-18 04:11 48128 -c--a-w- c:\program files\DOSPrintUI.exe
2012-01-10 19:00 . 2012-01-10 19:00 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-16 16806400]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 28672]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-7 600680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusACPIServer]
2008-06-03 10:34 479232 -c--a-w- c:\program files\EeePC\ACPI\AsAcpiSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusEPCMonitor]
2008-05-20 23:56 94208 -c--a-w- c:\program files\EeePC\ACPI\AsEPCMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusTray]
2008-06-03 11:43 98304 -c--a-w- c:\program files\EeePC\ACPI\AsTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-05-16 23:58 86960 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 14:18 413696 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVerVision3\\VisionAP\\visionap.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [29.10.2011 21:06 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [29.10.2011 21:07 86224]
R2 OracleOraHome81Agent;OracleOraHome81Agent;c:\oracle\ora81\bin\dbsnmp.exe [11.11.2000 23:48 246332]
R2 OracleOraHome81DataGatherer;OracleOraHome81DataGatherer;c:\oracle\ora81\bin\vppdc.exe [11.11.2000 23:48 170724]
R2 OracleOraHome81HTTPServer;OracleOraHome81HTTPServer;c:\oracle\ora81\Apache\Apache\Apache.exe [9.11.2000 9:12 3584]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [18.6.2009 19:59 704384]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
S3 DCamUSBAverMedia2;USB Video Camera for AverVision Digital Presenter 2;c:\windows\system32\drivers\AVerCamBulkASIC.sys [12.2.2009 10:01 68352]
S3 EPSON ESCPOS Status Service;EPSON ESC/POS Status Service;EpStsSrv.exe --> EpStsSrv.exe [?]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S3 OracleOraHome81ClientCache;OracleOraHome81ClientCache;c:\oracle\ora81\bin\ONRSD.EXE [19.10.2000 11:55 411244]
S3 OracleOraHome81PagingServer;OracleOraHome81PagingServer;c:\oracle\ora81\bin\pagntsrv.exe [13.3.2009 15:15 52224]
S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [28.12.2009 12:46 54400]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [29.12.2010 17:32 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [29.12.2010 17:32 32800]
S3 RTLWUSB;11g Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?]
S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]
S3 TMUSB;EPSON USB Device Driver for TM/BA/EU Printers;c:\windows\system32\drivers\TMUSBXP.SYS [8.5.2009 16:11 47616]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: wspk.cz\www
TCP: DhcpNameServer = 192.168.2.1
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {43BD5CFC-1382-4282-8239-AEC0E7ECAA48} - hxxp://www.wspk.cz/internetbanking/internetban ... roject.cab
DPF: {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} - hxxp://192.168.1.100/view.cab
FF - ProfilePath - c:\documents and settings\100rm\Data aplikací\Mozilla\Firefox\Profiles\gulqsxe2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-25 22:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\TEMP\00000400-BFF593AC.av$ 1251328 bytes
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome81PagingServer]
"ImagePath"="c:\oracle\ora81/bin/pagntsrv.exe"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2506399938-102375352-3323101851-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{20F327AE-0F5C-D40A-55E5-57F414F63A21}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"padaligallchodajfnhabiakmpocfeab"=hex:61,62,6f,66,62,6f,6a,67,69,61,68,62,6f,
67,65,64,6f,66,61,6b,6a,6a,6e,62,6c,62,6d,63,6d,69,61,63,6e,67,00,00
.
[HKEY_USERS\S-1-5-21-2506399938-102375352-3323101851-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9416584-EEE6-9F58-0075-9B51E2BF8117}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paacnkoplbgomibpkknnanpebpifdmdm"=hex:61,62,66,6c,6e,6d,65,64,67,6a,67,66,64,
70,67,69,62,66,63,6e,68,6f,66,6e,62,69,6b,6c,6a,6c,68,68,65,66,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\NETWIN32.DLL
.
- - - - - - - > 'Explorer.exe'(4028)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETWIN32.DLL
c:\windows\system32\NLS\ENGLISH\NWSHLXNR.DLL
c:\windows\system32\NLS\ENGLISH\NOVNPNTR.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\oracle\ora81\Apache\jdk\bin\java.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\NWTRAY.EXE
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-25 22:44:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-25 21:44
.
Před spuštěním: Volných bajtů: 43 275 259 904
Po spuštění: Volných bajtů: 44 488 695 808
.
- - End Of File - - 8285A737A3276552A3114D75F550B82C

Re: Výrazné zpomalení netbooku

Napsal: 26 led 2012 17:53
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Collect:
c:\windows\System32\Drivers\SjyPkt.sys
c:\windows\TEMP\00000400-BFF593AC.av$

Driver::
SjyPkt

Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]

Regnull::
[HKEY_USERS\S-1-5-21-2506399938-102375352-3323101851-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{20F327AE-0F5C-D40A-55E5-57F414F63A21}*]
[HKEY_USERS\S-1-5-21-2506399938-102375352-3323101851-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A9416584-EEE6-9F58-0075-9B51E2BF8117}*]

Firefox::
FF - ProfilePath - c:\documents and settings\100rm\Data aplikací\Mozilla\Firefox\Profiles\gulqsxe2.default\
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Výrazné zpomalení netbooku

Napsal: 26 led 2012 20:08
od Stormmaster
ComboFix 12-01-26.01 - 100rm 26.01.2012 18:25:00.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.514 [GMT 1:00]
Spuštěný z: c:\documents and settings\100rm\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\100rm\Plocha\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SjyPkt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-26 do 2012-01-26 )))))))))))))))))))))))))))))))
.
.
2012-01-25 19:58 . 2012-01-25 19:58 -------- d-----w- c:\program files\trend micro
2012-01-25 19:57 . 2012-01-25 19:59 -------- d-----w- C:\rsit
2012-01-25 19:21 . 2012-01-25 19:21 -------- d-----w- c:\program files\Graphisoft
2012-01-23 19:19 . 2012-01-23 19:56 -------- d-----w- c:\documents and settings\100rm\Data aplikací\Callida
2012-01-23 18:52 . 2012-01-23 18:52 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2012-01-23 18:48 . 2012-01-23 18:48 -------- d-----w- c:\program files\Callida
2012-01-19 18:42 . 2012-01-19 18:42 -------- d-----w- c:\program files\Windows Resource Kits
2012-01-13 19:37 . 2012-01-13 19:37 -------- d-----w- c:\windows\system32\20-20 Technologies
2012-01-10 19:00 . 2012-01-10 19:00 19416 ----a-w- c:\program files\Mozilla Firefox\AccessibleMarshal.dll
2012-01-10 19:00 . 2012-01-10 19:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2012-01-10 19:00 . 2012-01-10 19:00 121816 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-01-10 19:00 . 2012-01-10 19:00 125912 ----a-w- c:\program files\Mozilla Firefox\crashreporter.exe
2012-01-10 19:00 . 2012-01-10 19:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2012-01-10 19:00 . 2012-01-10 19:00 924632 ----a-w- c:\program files\Mozilla Firefox\firefox.exe
2012-01-10 19:00 . 2012-01-10 19:00 269272 ----a-w- c:\program files\Mozilla Firefox\freebl3.dll
2012-01-10 19:00 . 2012-01-10 19:00 97240 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2012-01-10 18:57 . 2012-01-10 18:58 -------- d-----w- c:\program files\Mozilla Thunderbird
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2012-01-02 18:42 . 2012-01-15 09:17 -------- d-----w- c:\program files\The KMPlayer
2012-01-02 18:19 . 2012-01-02 18:19 -------- d-----w- c:\program files\DVR-Studio Light
2011-12-29 22:09 . 2012-01-10 18:32 -------- d-----w- c:\program files\VideoReDoTVSuite4
2011-12-29 21:40 . 2011-07-16 15:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-12-29 21:40 . 2011-11-23 18:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 19:39 . 2011-10-29 20:06 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-25 21:57 . 2008-07-07 17:20 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2008-07-07 17:20 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-07-07 17:20 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2008-07-07 17:20 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2008-07-07 17:20 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-14 17:57 . 2011-05-15 16:44 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:13 . 2008-07-07 17:20 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-07-07 17:20 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2008-07-07 17:20 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2008-07-07 17:20 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2008-07-07 17:20 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2008-07-07 17:20 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2008-07-07 17:20 1288192 ----a-w- c:\windows\system32\ole32.dll
2008-05-07 14:34 . 2010-07-09 12:21 15523560 -c--a-w- c:\program files\U1 Setup.exe
2004-06-15 13:29 . 2004-06-15 13:29 274432 ----a-w- c:\program files\vncviewer.exe
1999-12-31 21:00 . 2003-08-18 04:11 64512 -c--a-w- c:\program files\DOSPrint.exe
1999-12-31 21:00 . 2003-08-18 04:11 48128 -c--a-w- c:\program files\DOSPrintUI.exe
2012-01-10 19:00 . 2012-01-10 19:00 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-25_21.35.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-26 17:46 . 2012-01-26 17:46 16384 c:\windows\Temp\Perflib_Perfdata_728.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-16 16806400]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 28672]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-7 600680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusACPIServer]
2008-06-03 10:34 479232 -c--a-w- c:\program files\EeePC\ACPI\AsAcpiSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusEPCMonitor]
2008-05-20 23:56 94208 -c--a-w- c:\program files\EeePC\ACPI\AsEPCMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusTray]
2008-06-03 11:43 98304 -c--a-w- c:\program files\EeePC\ACPI\AsTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-05-16 23:58 86960 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 14:18 413696 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVerVision3\\VisionAP\\visionap.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [29.10.2011 21:06 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [29.10.2011 21:07 86224]
R2 OracleOraHome81Agent;OracleOraHome81Agent;c:\oracle\ora81\bin\dbsnmp.exe [11.11.2000 23:48 246332]
R2 OracleOraHome81DataGatherer;OracleOraHome81DataGatherer;c:\oracle\ora81\bin\vppdc.exe [11.11.2000 23:48 170724]
R2 OracleOraHome81HTTPServer;OracleOraHome81HTTPServer;c:\oracle\ora81\Apache\Apache\Apache.exe [9.11.2000 9:12 3584]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [18.6.2009 19:59 704384]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
S3 DCamUSBAverMedia2;USB Video Camera for AverVision Digital Presenter 2;c:\windows\system32\drivers\AVerCamBulkASIC.sys [12.2.2009 10:01 68352]
S3 EPSON ESCPOS Status Service;EPSON ESC/POS Status Service;EpStsSrv.exe --> EpStsSrv.exe [?]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S3 OracleOraHome81ClientCache;OracleOraHome81ClientCache;c:\oracle\ora81\bin\ONRSD.EXE [19.10.2000 11:55 411244]
S3 OracleOraHome81PagingServer;OracleOraHome81PagingServer;c:\oracle\ora81\bin\pagntsrv.exe [13.3.2009 15:15 52224]
S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [28.12.2009 12:46 54400]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [29.12.2010 17:32 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [29.12.2010 17:32 32800]
S3 RTLWUSB;11g Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?]
S3 TMUSB;EPSON USB Device Driver for TM/BA/EU Printers;c:\windows\system32\drivers\TMUSBXP.SYS [8.5.2009 16:11 47616]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: wspk.cz\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {43BD5CFC-1382-4282-8239-AEC0E7ECAA48} - hxxp://www.wspk.cz/internetbanking/internetban ... roject.cab
DPF: {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} - hxxp://192.168.1.100/view.cab
FF - ProfilePath - c:\documents and settings\100rm\Data aplikací\Mozilla\Firefox\Profiles\gulqsxe2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-26 18:51
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome81PagingServer]
"ImagePath"="c:\oracle\ora81/bin/pagntsrv.exe"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\NETWIN32.DLL
c:\windows\system32\NLS\ENGLISH\MAPBASER.DLL
c:\windows\system32\NLS\ENGLISH\NWSHLXNR.DLL
c:\windows\system32\NLS\ENGLISH\NOVNPNTR.DLL
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'Explorer.exe'(2700)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETWIN32.DLL
c:\windows\system32\NLS\ENGLISH\NWSHLXNR.DLL
c:\windows\system32\NLS\ENGLISH\NOVNPNTR.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\oracle\ora81\Apache\jdk\bin\java.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\NWTRAY.EXE
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-26 19:01:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-26 18:01
ComboFix2.txt 2012-01-25 21:44
.
Před spuštěním: Volných bajtů: 44 494 585 856
Po spuštění: Volných bajtů: 44 474 605 568
.
- - End Of File - - C7742D2CBCC074706E849CF8306C79BA

Re: Výrazné zpomalení netbooku

Napsal: 26 led 2012 20:56
od Rudy
Smazáno, log již vypadá OK. Nastala nějaká změna?

Re: Výrazné zpomalení netbooku

Napsal: 26 led 2012 21:15
od Stormmaster
Start o trochu rychlejsi (misto 5 minut jen 4)... Start aplikaci furt stejny... Prehravani videi z youtube taky furt sekane...

Re: Výrazné zpomalení netbooku

Napsal: 26 led 2012 22:22
od Rudy
Vyčistěte CCleanerem od balastu: http://forum.viry.cz/viewtopic.php?f=46&t=7478 , příp. defragmentujte disk.

Re: Výrazné zpomalení netbooku

Napsal: 27 led 2012 07:07
od Stormmaster
CCcleaner, defragmentace, reindexace - nic nepomohlo....
Rekl bych, ze problem se objevil po instalaci poslednich aktualizaci od Microsoftu...

Re: Výrazné zpomalení netbooku

Napsal: 27 led 2012 19:05
od Rudy
Na zkoušku je odinstalujte.

Re: Výrazné zpomalení netbooku

Napsal: 30 led 2012 08:13
od Stormmaster
Vzhledem k cïstce CCcleanerem se nenabizi k odinstalovani vsechny aktualizace. Co melo letosni datum jsem odinstaloval (vesmes zaplaty na Office), nicmene vysledek stale stejny...

Re: Výrazné zpomalení netbooku

Napsal: 30 led 2012 18:05
od Rudy
Zkuste obnovu systému k datu, kdy koreketně fungoval.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz