Spomalenie počitača

Zpráva

mogon · #1 Příspěvek od **mogon** » 25 dub 2014 17:26

Dobrý deň,

asi pred dvoma dňami sa mi viditeľne spomalil počítač. Hlavne pri štarte. Potreboval by som s tým pomôcť. Vopred ďakujem.

Prikladám log.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mogon at 2014-04-25 18:23:15
Microsoft Windows XP Professional Service Pack 3
System drive I: has 1 GB (1%) free of 80 GB
Total RAM: 3326 MB (77% free)

HijackThis download failed

======Scheduled tasks folder======

I:\WINDOWS\tasks\Adobe Flash Player Updater.job
I:\WINDOWS\tasks\AppleSoftwareUpdate.job
I:\WINDOWS\tasks\BrowserProtect.job
I:\WINDOWS\tasks\Dr.Web Daily scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - I:\Program Files\Java\jre7\bin\ssv.dll [2013-07-23 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - I:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=I:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"JMB36X IDE Setup"=I:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"tsnp325"=I:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=I:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"ISUSPM Startup"=I:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=I:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SpIDerAgent"=I:\Program Files\DrWeb\spideragent.exe [2014-04-25 14080256]
"Firewall"=I:\Program Files\DrWeb\frwl_notify.exe [2014-04-25 1830680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=I:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=I:\Program Files\ICQ7M\ICQ.exe [2013-01-15 127040]
"mjlmoim"=regsvr32.exe I:\Documents and Settings\All Users\Application Data\mjlmoim.dat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
I:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
I:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
I:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
I:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
I:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2010-05-13 110192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
I:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
I:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
I:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateChecker]
I:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
I:\PROGRA~1\GIGABYTE\GAMERH~1\HUD.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
I:\PROGRA~1\SOLIDW~1\SWSCHE~1\SWBOEN~1.EXE [2007-09-09 488728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2008-10-18 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\Skype\Plugin Manager\skypePM.exe"="I:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"I:\DOCUME~1\Mogon\LOCALS~1\Temp\Rar$EXa0.126\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe"="I:\DOCUME~1\Mogon\LOCALS~1\Temp\Rar$EXa0.126\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe:*:Enabled:Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY"
"I:\Documents and Settings\Mogon\Desktop\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe"="I:\Documents and Settings\Mogon\Desktop\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe:*:Enabled:Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY"
"I:\Program Files\uTorrent\uTorrent.exe"="I:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"I:\Program Files\ICQ7M\ICQ.exe"="I:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\ICQ7M\ICQ.exe"="I:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

======File associations======

.scr - open - I:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-04-02 22:12:00 ----D---- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-02 22:01:10 ----D---- I:\Documents and Settings\Mogon\Application Data\SUPERAntiSpyware.com
2014-03-30 03:29:52 ----D---- I:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-04-25 18:23:16 ----D---- I:\Program Files\Trend Micro
2014-04-25 18:23:11 ----D---- I:\Program Files\PeerGuardian2
2014-04-25 18:21:24 ----D---- I:\WINDOWS\Prefetch
2014-04-25 18:16:14 ----D---- I:\WINDOWS
2014-04-25 18:11:47 ----D---- I:\WINDOWS\temp
2014-04-25 18:10:28 ----D---- I:\WINDOWS\system32\CatRoot2
2014-04-25 18:10:16 ----D---- I:\Program Files
2014-04-25 18:10:16 ----D---- I:\Config.Msi
2014-04-25 18:09:22 ----N---- I:\WINDOWS\SchedLgU.Txt
2014-04-25 18:08:55 ----SD---- I:\WINDOWS\Tasks
2014-04-25 18:08:43 ----D---- I:\Program Files\DrWeb
2014-04-25 18:08:41 ----D---- I:\WINDOWS\system32\drivers
2014-04-25 18:08:21 ----D---- I:\Program Files\Common Files\Doctor Web
2014-04-25 18:08:21 ----D---- I:\Documents and Settings\All Users\Application Data\Doctor Web
2014-04-25 17:52:27 ----D---- I:\WINDOWS\Microsoft.NET
2014-04-25 17:31:29 ----SHD---- I:\WINDOWS\Installer
2014-04-25 17:31:28 ----D---- I:\Program Files\GIGABYTE
2014-04-25 17:30:46 ----D---- I:\Program Files\ESET
2014-04-25 17:30:42 ----HD---- I:\WINDOWS\inf
2014-04-25 17:27:29 ----RSD---- I:\WINDOWS\assembly
2014-04-25 17:27:25 ----D---- I:\Program Files\Autodesk
2014-04-25 17:26:38 ----D---- I:\Documents and Settings\All Users\Application Data\Autodesk
2014-04-24 00:01:56 ----A---- I:\WINDOWS\NeroDigital.ini
2014-04-23 22:29:11 ----D---- I:\Documents and Settings\Mogon\Application Data\SolidWorks
2014-04-23 17:31:12 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ
2014-04-17 20:35:35 ----D---- I:\Program Files\Google
2014-04-13 17:17:09 ----D---- I:\WINDOWS\system32
2014-04-02 22:23:20 ----HDC---- I:\WINDOWS\$NtUninstallKB978706$
2014-04-02 22:20:15 ----D---- I:\Program Files\SqueakyChocolate
2014-03-31 18:08:10 ----D---- I:\Program Files\Mozilla Maintenance Service
2014-03-30 09:48:27 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; I:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 DrWebWfp;DrWebWfp; I:\WINDOWS\system32\drivers\dw_wfp.sys [2014-04-25 58528]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; I:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\I:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 Aspi32;Aspi32; I:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 atksgt;atksgt; I:\WINDOWS\system32\DRIVERS\atksgt.sys [2013-09-26 278984]
R2 lirsgt;lirsgt; I:\WINDOWS\system32\DRIVERS\lirsgt.sys [2013-09-26 25416]
R2 Sentinel;Sentinel; I:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 PdiPorts;Portrait Displays low level device driver; I:\WINDOWS\System32\Drivers\PdiPorts.sys [2010-04-16 17136]
R3 pgfilter;pgfilter; \??\I:\Program Files\PeerGuardian2\pgfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; I:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-16 115840]
R3 SNP325;USB PC Camera (SNPSTD325); I:\WINDOWS\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Pivot;Pivot; I:\WINDOWS\System32\drivers\pivot.sys [2010-05-13 17465]
S3 ami47tdw;ami47tdw; I:\WINDOWS\system32\drivers\ami47tdw.sys []
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\I:\WINDOWS\system32\drivers\CDANT.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\I:\WINDOWS\System32\drivers\pivotmou.sys []
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\i:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Sony Ericsson USB Serial Port; I:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; I:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Content Service;Autodesk Content Service; I:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 C-DillaSrv;C-DillaSrv; I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2009-08-18 32256]
R2 DrWebFwSvc;Dr.Web Firewall Service; I:\Program Files\DrWeb\frwl_svc.exe [2014-04-25 1243504]
R2 DTSRVC;Portrait Displays Display Tune Service; I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-05-17 121456]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre7\bin\jqs.exe [2013-07-23 182184]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PdiService;Portrait Displays SDK Service; I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); I:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; I:\TeklaStructures\License\Server\lmgrd.exe [2010-07-12 1377104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-01-13 1044816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 deltafw;SE27mdm; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 epson_pm_rpcv2_02;Agnfilt; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 GEST Service;GEST Service for program management.; I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-12-08 68136]
S2 ghoststartservice;Vetefile; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 iaimfp3;Machnm32; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 nsausvc;Alim1541; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 roxupnprenderer;Tvicport; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 s117unic;SiSRaid2; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 sdhelper;Vmusb; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 snac;Bocdrive; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 symantecantibotdriver;Pgpserv; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 tphkdrv;Nvedavt; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 wpsdrvnt;Eskerlicensecontrol; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-02 77944]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-26 79360]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; I:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 25 dub 2014 17:29

Zdravím!
Máte velmi málo volného místa na systémovém disku. Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

mogon · #3 Příspěvek od **mogon** » 25 dub 2014 17:46

log:

# AdwCleaner v3.202 - Report created 25/04/2014 at 18:42:07
# Updated 23/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mogon - MOGON-1CA4C1668
# Running from : I:\Documents and Settings\Mogon\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : I:\Documents and Settings\All Users\Application Data\BrowserProtect
Folder Deleted : I:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : I:\Documents and Settings\All Users\Start Menu\Programs\Media Finder
Folder Deleted : I:\Program Files\Mobogenie
Folder Deleted : I:\Program Files\Common Files\Spigot
Folder Deleted : I:\Documents and Settings\Mogon\.android
Folder Deleted : I:\Documents and Settings\Mogon\Local Settings\Application Data\genienext
Folder Deleted : I:\Documents and Settings\Mogon\Local Settings\Application Data\Mail.Ru
Folder Deleted : I:\Documents and Settings\Mogon\Local Settings\Application Data\Mobogenie
Folder Deleted : I:\DOCUME~1\Mogon\LOCALS~1\Temp\FoxTab
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\BabSolution
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Babylon
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Media Finder
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : I:\Documents and Settings\Mogon\My Documents\Mobogenie
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\FoxTab
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\ICQToolbarData
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\Smartbar
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\CT2832595
Folder Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\Extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
[!] Folder Deleted : I:\Documents and Settings\Mogon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
[!] Folder Deleted : I:\Documents and Settings\Mogon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
File Deleted : I:\Documents and Settings\Mogon\daemonprocess.txt
File Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\.autoreg
File Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\bProtector_extensions.rdf
File Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\invalidprefs.js
File Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\searchplugins\BrowserProtect.xml
File Deleted : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\user.js
File Deleted : I:\WINDOWS\Tasks\BrowserProtect.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E49F0B41-3322-11D4-AEFE-00C04F61025C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmileysWeLove
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6DA399FC-350F-41AC-8CA6-B9F8496753BE}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v28.0 (sk)

[ File : I:\Documents and Settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\prefs.js ]

Line Deleted : user_pref("CT2832595.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2832595.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2832595.FF19Solved", "true");
Line Deleted : user_pref("CT2832595.FirstTime", "true");
Line Deleted : user_pref("CT2832595.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2832595.UserID", "UN21288052633018972");
Line Deleted : user_pref("CT2832595.activeToolbar.enc", "d2VzdA==");
Line Deleted : user_pref("CT2832595.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2832595.countryCode", "SK");
Line Deleted : user_pref("CT2832595.defaultSearch", "false");
Line Deleted : user_pref("CT2832595.embeddedsData", "[{\"appId\":\"129333561190981396\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2832595.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT2832595.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT2832595.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2832595.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2832595.fullUserID", "UN21288052633018972.IN.20131018155538");
Line Deleted : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_flags.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPW5vLCBzYXZlcmVzaXplZHNpemU9bm8sIGhzY3JvbGw9bm8sIHZzY3JvbGw9bm8sIHRpdGxlYmFyPW5vLCBjbG9zZWJ1dHRvbj1u[...]
Line Deleted : user_pref("CT2832595.installDate", "18/10/2013 15:55:39");
Line Deleted : user_pref("CT2832595.installSessionId", "8515AE32-4F13-460E-8CDA-AD411F6B7F33");
Line Deleted : user_pref("CT2832595.installSp", "false");
Line Deleted : user_pref("CT2832595.installType", "xpe");
Line Deleted : user_pref("CT2832595.installUsage", "2013-10-18T16:55:47.1906706+03:00");
Line Deleted : user_pref("CT2832595.installUsageEarly", "2013-10-18T16:55:46.4106656+03:00");
Line Deleted : user_pref("CT2832595.installerVersion", "1.8.0.14");
Line Deleted : user_pref("CT2832595.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2832595.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2832595.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2832595.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2832595.keyword", "true");
Line Deleted : user_pref("CT2832595.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2832595&octid=CT2832595&SearchSource=15&CUI=UN21288052633018972&SSPV=&Lay=1&UM=1\"}");
Line Deleted : user_pref("CT2832595.lastVersion", "10.21.1.7");
Line Deleted : user_pref("CT2832595.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2832595.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Ablank\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://InnoGamesInternational.Ou[...]
Line Deleted : user_pref("CT2832595.openThankYouPage", "false");
Line Deleted : user_pref("CT2832595.openUninstallPage", "true");
Line Deleted : user_pref("CT2832595.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT2832595.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT2832595.search.searchAppId", "129333561190981396");
Line Deleted : user_pref("CT2832595.search.searchCount", "0");
Line Deleted : user_pref("CT2832595.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT2832595.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2832595.searchRevert", "false");
Line Deleted : user_pref("CT2832595.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2832595.searchUserMode", "1");
Line Deleted : user_pref("CT2832595.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2832595\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://InnoGamesInternational.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"InnoGames International \"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2832595.serviceLayer_services_Configuration_lastUpdate", "1382104544390");
Line Deleted : user_pref("CT2832595.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1382104545521");
Line Deleted : user_pref("CT2832595.serviceLayer_services_appsMetadata_lastUpdate", "1382104801609");
Line Deleted : user_pref("CT2832595.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1382104545292");
Line Deleted : user_pref("CT2832595.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1382104544569");
Line Deleted : user_pref("CT2832595.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1382104545376");
Line Deleted : user_pref("CT2832595.serviceLayer_services_login_10.21.1.7_lastUpdate", "1382104554537");
Line Deleted : user_pref("CT2832595.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1382104545325");
Line Deleted : user_pref("CT2832595.serviceLayer_services_searchAPI_lastUpdate", "1382104544408");
Line Deleted : user_pref("CT2832595.serviceLayer_services_serviceMap_lastUpdate", "1382104544013");
Line Deleted : user_pref("CT2832595.serviceLayer_services_toolbarContextMenu_lastUpdate", "1382104545266");
Line Deleted : user_pref("CT2832595.serviceLayer_services_toolbarSettings_lastUpdate", "1382104801564");
Line Deleted : user_pref("CT2832595.serviceLayer_services_translation_lastUpdate", "1382104545364");
Line Deleted : user_pref("CT2832595.settingsINI", true);
Line Deleted : user_pref("CT2832595.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT2832595.showToolbarPermission", "false");
Line Deleted : user_pref("CT2832595.smartbar.CTID", "CT2832595");
Line Deleted : user_pref("CT2832595.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2832595.smartbar.toolbarName", "InnoGames International ");
Line Deleted : user_pref("CT2832595.startPage", "false");
Line Deleted : user_pref("CT2832595.toolbarBornServerTime", "18-10-2013");
Line Deleted : user_pref("CT2832595.toolbarCurrentServerTime", "18-10-2013");
Line Deleted : user_pref("CT2832595.toolbarDisabled", "true");
Line Deleted : user_pref("CT2832595.toolbarInstallDate", "18-10-2013 15:55:39");
Line Deleted : user_pref("CT2832595.toolbarLoginClientTime", "Fri Oct 18 2013 15:55:54 GMT+0200");
Line Deleted : user_pref("CT2832595.toolbarUrl.enc", "aHR0cDovL3Rvb2xiYXIuaW5ub2dhbWVzLmRlL3Rvb2xiYXJzL3dlc3QvdG9vbGJhci5waHA=");
Line Deleted : user_pref("CT2832595.toolbar_market.enc", "c2tfU0s=");
Line Deleted : user_pref("CT2832595.versionFromInstaller", "10.21.1.7");
Line Deleted : user_pref("CT2832595.xpeMode", "0");
Line Deleted : user_pref("CT2832595_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382104542770,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultenginename", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Line Deleted : user_pref("extensions.515fea5a950bf.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...]
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.id", "00000000000000000000001fd0dbb717");
Line Deleted : user_pref("extensions.delta.instlDay", "15801");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.10.0");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.10.012:15:54");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.10.0");

-\\ Google Chrome v34.0.1847.116

[ File : I:\Documents and Settings\Mogon\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [17548 octets] - [25/04/2014 18:39:56]
AdwCleaner[S0].txt - [17828 octets] - [25/04/2014 18:42:07]

########## EOF - I:\AdwCleaner\AdwCleaner[S0].txt - [17889 octets] ##########

#4 Příspěvek od **Rudy** » 25 dub 2014 18:51

Dejte nový log RSIT.

mogon · #5 Příspěvek od **mogon** » 25 dub 2014 19:19

Prikladám log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mogon at 2014-04-25 20:18:25
Microsoft Windows XP Professional Service Pack 3
System drive I: has 7 GB (9%) free of 80 GB
Total RAM: 3326 MB (76% free)

HijackThis download failed

======Scheduled tasks folder======

I:\WINDOWS\tasks\Adobe Flash Player Updater.job
I:\WINDOWS\tasks\AppleSoftwareUpdate.job
I:\WINDOWS\tasks\Dr.Web Daily scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - I:\Program Files\Java\jre7\bin\ssv.dll [2013-07-23 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-23 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=I:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"JMB36X IDE Setup"=I:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"tsnp325"=I:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=I:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"ISUSPM Startup"=I:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=I:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SpIDerAgent"=I:\Program Files\DrWeb\spideragent.exe [2014-04-25 14080256]
"Firewall"=I:\Program Files\DrWeb\frwl_notify.exe [2014-04-25 1830680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=I:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=I:\Program Files\ICQ7M\ICQ.exe [2013-01-15 127040]
"mjlmoim"=regsvr32.exe I:\Documents and Settings\All Users\Application Data\mjlmoim.dat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
I:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
I:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
I:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
I:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
I:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2010-05-13 110192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
I:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
I:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
I:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateChecker]
I:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
I:\PROGRA~1\GIGABYTE\GAMERH~1\HUD.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
I:\PROGRA~1\SOLIDW~1\SWSCHE~1\SWBOEN~1.EXE [2007-09-09 488728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2008-10-18 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\Skype\Plugin Manager\skypePM.exe"="I:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"I:\DOCUME~1\Mogon\LOCALS~1\Temp\Rar$EXa0.126\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe"="I:\DOCUME~1\Mogon\LOCALS~1\Temp\Rar$EXa0.126\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe:*:Enabled:Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY"
"I:\Documents and Settings\Mogon\Desktop\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe"="I:\Documents and Settings\Mogon\Desktop\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe:*:Enabled:Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY"
"I:\Program Files\uTorrent\uTorrent.exe"="I:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"I:\Program Files\ICQ7M\ICQ.exe"="I:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\ICQ7M\ICQ.exe"="I:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

======File associations======

.scr - open - I:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-04-25 18:39:52 ----D---- I:\AdwCleaner
2014-04-02 22:12:00 ----D---- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-02 22:01:10 ----D---- I:\Documents and Settings\Mogon\Application Data\SUPERAntiSpyware.com
2014-03-30 03:29:52 ----D---- I:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-04-25 20:18:27 ----D---- I:\Program Files\Trend Micro
2014-04-25 20:18:02 ----D---- I:\Program Files\PeerGuardian2
2014-04-25 20:17:27 ----D---- I:\WINDOWS
2014-04-25 19:43:50 ----A---- I:\WINDOWS\NeroDigital.ini
2014-04-25 19:39:00 ----D---- I:\WINDOWS\temp
2014-04-25 19:35:06 ----D---- I:\WINDOWS\Prefetch
2014-04-25 18:43:45 ----D---- I:\WINDOWS\system32\CatRoot2
2014-04-25 18:42:33 ----N---- I:\WINDOWS\SchedLgU.Txt
2014-04-25 18:42:14 ----SD---- I:\WINDOWS\Tasks
2014-04-25 18:42:09 ----D---- I:\Program Files
2014-04-25 18:39:37 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ
2014-04-25 18:10:16 ----D---- I:\Config.Msi
2014-04-25 18:08:43 ----D---- I:\Program Files\DrWeb
2014-04-25 18:08:41 ----D---- I:\WINDOWS\system32\drivers
2014-04-25 18:08:21 ----D---- I:\Program Files\Common Files\Doctor Web
2014-04-25 18:08:21 ----D---- I:\Documents and Settings\All Users\Application Data\Doctor Web
2014-04-25 17:52:27 ----D---- I:\WINDOWS\Microsoft.NET
2014-04-25 17:31:29 ----SHD---- I:\WINDOWS\Installer
2014-04-25 17:31:28 ----D---- I:\Program Files\GIGABYTE
2014-04-25 17:30:46 ----D---- I:\Program Files\ESET
2014-04-25 17:30:42 ----HD---- I:\WINDOWS\inf
2014-04-25 17:27:29 ----RSD---- I:\WINDOWS\assembly
2014-04-25 17:27:25 ----D---- I:\Program Files\Autodesk
2014-04-25 17:26:38 ----D---- I:\Documents and Settings\All Users\Application Data\Autodesk
2014-04-23 22:29:11 ----D---- I:\Documents and Settings\Mogon\Application Data\SolidWorks
2014-04-17 20:35:35 ----D---- I:\Program Files\Google
2014-04-13 17:17:09 ----D---- I:\WINDOWS\system32
2014-04-02 22:23:20 ----HDC---- I:\WINDOWS\$NtUninstallKB978706$
2014-04-02 22:20:15 ----D---- I:\Program Files\SqueakyChocolate
2014-03-31 18:08:10 ----D---- I:\Program Files\Mozilla Maintenance Service
2014-03-30 09:48:27 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; I:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 DrWebWfp;DrWebWfp; I:\WINDOWS\system32\drivers\dw_wfp.sys [2014-04-25 58528]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; I:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\I:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 Aspi32;Aspi32; I:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 atksgt;atksgt; I:\WINDOWS\system32\DRIVERS\atksgt.sys [2013-09-26 278984]
R2 lirsgt;lirsgt; I:\WINDOWS\system32\DRIVERS\lirsgt.sys [2013-09-26 25416]
R2 Sentinel;Sentinel; I:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 PdiPorts;Portrait Displays low level device driver; I:\WINDOWS\System32\Drivers\PdiPorts.sys [2010-04-16 17136]
R3 pgfilter;pgfilter; \??\I:\Program Files\PeerGuardian2\pgfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; I:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-16 115840]
R3 SNP325;USB PC Camera (SNPSTD325); I:\WINDOWS\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Pivot;Pivot; I:\WINDOWS\System32\drivers\pivot.sys [2010-05-13 17465]
S3 al1bfnvo;al1bfnvo; I:\WINDOWS\system32\drivers\al1bfnvo.sys []
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\I:\WINDOWS\system32\drivers\CDANT.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\I:\WINDOWS\System32\drivers\pivotmou.sys []
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\i:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Sony Ericsson USB Serial Port; I:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; I:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Content Service;Autodesk Content Service; I:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 C-DillaSrv;C-DillaSrv; I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2009-08-18 32256]
R2 DrWebFwSvc;Dr.Web Firewall Service; I:\Program Files\DrWeb\frwl_svc.exe [2014-04-25 1243504]
R2 DTSRVC;Portrait Displays Display Tune Service; I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-05-17 121456]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre7\bin\jqs.exe [2013-07-23 182184]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PdiService;Portrait Displays SDK Service; I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); I:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; I:\TeklaStructures\License\Server\lmgrd.exe [2010-07-12 1377104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-01-13 1044816]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 deltafw;SE27mdm; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 epson_pm_rpcv2_02;Agnfilt; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 GEST Service;GEST Service for program management.; I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-12-08 68136]
S2 ghoststartservice;Vetefile; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 iaimfp3;Machnm32; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 nsausvc;Alim1541; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 roxupnprenderer;Tvicport; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 s117unic;SiSRaid2; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 sdhelper;Vmusb; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 snac;Bocdrive; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 symantecantibotdriver;Pgpserv; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 tphkdrv;Nvedavt; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 wpsdrvnt;Eskerlicensecontrol; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-02 77944]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-26 79360]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; I:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 25 dub 2014 20:13

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
I:\Documents and Settings\All Users\Application Data\mjlmoim.dat

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"mjlmoim"=-

:commands
[Purity]
[Emtytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

mogon · #7 Příspěvek od **mogon** » 25 dub 2014 21:04

vykonane...posielam log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mogon at 2014-04-25 22:02:35
Microsoft Windows XP Professional Service Pack 3
System drive I: has 11 GB (14%) free of 80 GB
Total RAM: 3326 MB (84% free)

HijackThis download failed

======Scheduled tasks folder======

I:\WINDOWS\tasks\Adobe Flash Player Updater.job
I:\WINDOWS\tasks\AppleSoftwareUpdate.job
I:\WINDOWS\tasks\Dr.Web Daily scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - I:\Program Files\Java\jre7\bin\ssv.dll [2013-07-23 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-23 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=I:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=I:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"JMB36X IDE Setup"=I:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"tsnp325"=I:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=I:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"ISUSPM Startup"=I:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=I:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SpIDerAgent"=I:\Program Files\DrWeb\spideragent.exe [2014-04-25 14080256]
"Firewall"=I:\Program Files\DrWeb\frwl_notify.exe [2014-04-25 1830680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=I:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=I:\Program Files\ICQ7M\ICQ.exe [2013-01-15 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
I:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
I:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 383424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
I:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
I:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
I:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2010-05-13 110192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
I:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
I:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
I:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateChecker]
I:\Program Files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
I:\PROGRA~1\GIGABYTE\GAMERH~1\HUD.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
I:\PROGRA~1\SOLIDW~1\SWSCHE~1\SWBOEN~1.EXE [2007-09-09 488728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2008-10-18 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\Skype\Plugin Manager\skypePM.exe"="I:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"I:\DOCUME~1\Mogon\LOCALS~1\Temp\Rar$EXa0.126\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe"="I:\DOCUME~1\Mogon\LOCALS~1\Temp\Rar$EXa0.126\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe:*:Enabled:Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY"
"I:\Documents and Settings\Mogon\Desktop\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe"="I:\Documents and Settings\Mogon\Desktop\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY\Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY.exe:*:Enabled:Cyberlink.PowerDVD.Ultra.Delux.keygen.by.ViRiLiTY"
"I:\Program Files\uTorrent\uTorrent.exe"="I:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="I:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"I:\Program Files\ICQ7M\ICQ.exe"="I:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\ICQ7M\ICQ.exe"="I:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

======File associations======

.scr - open - I:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-04-25 21:52:57 ----D---- I:\_OTM
2014-04-25 18:39:52 ----D---- I:\AdwCleaner
2014-04-02 22:12:00 ----D---- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-02 22:01:10 ----D---- I:\Documents and Settings\Mogon\Application Data\SUPERAntiSpyware.com
2014-03-30 03:29:52 ----D---- I:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-04-25 22:02:36 ----D---- I:\WINDOWS\system32\CatRoot2
2014-04-25 22:02:36 ----D---- I:\Program Files\Trend Micro
2014-04-25 22:02:24 ----D---- I:\Program Files\PeerGuardian2
2014-04-25 22:00:04 ----D---- I:\WINDOWS\temp
2014-04-25 22:00:03 ----D---- I:\WINDOWS
2014-04-25 21:56:25 ----A---- I:\WINDOWS\SchedLgU.Txt
2014-04-25 21:53:10 ----D---- I:\WINDOWS\Prefetch
2014-04-25 19:43:50 ----A---- I:\WINDOWS\NeroDigital.ini
2014-04-25 18:42:14 ----SD---- I:\WINDOWS\Tasks
2014-04-25 18:42:09 ----D---- I:\Program Files
2014-04-25 18:39:37 ----D---- I:\Documents and Settings\Mogon\Application Data\ICQ
2014-04-25 18:10:16 ----D---- I:\Config.Msi
2014-04-25 18:08:43 ----D---- I:\Program Files\DrWeb
2014-04-25 18:08:41 ----D---- I:\WINDOWS\system32\drivers
2014-04-25 18:08:21 ----D---- I:\Program Files\Common Files\Doctor Web
2014-04-25 18:08:21 ----D---- I:\Documents and Settings\All Users\Application Data\Doctor Web
2014-04-25 17:52:27 ----D---- I:\WINDOWS\Microsoft.NET
2014-04-25 17:31:29 ----SHD---- I:\WINDOWS\Installer
2014-04-25 17:31:28 ----D---- I:\Program Files\GIGABYTE
2014-04-25 17:30:46 ----D---- I:\Program Files\ESET
2014-04-25 17:30:42 ----HD---- I:\WINDOWS\inf
2014-04-25 17:27:29 ----RSD---- I:\WINDOWS\assembly
2014-04-25 17:27:25 ----D---- I:\Program Files\Autodesk
2014-04-25 17:26:38 ----D---- I:\Documents and Settings\All Users\Application Data\Autodesk
2014-04-23 22:29:11 ----D---- I:\Documents and Settings\Mogon\Application Data\SolidWorks
2014-04-17 20:35:35 ----D---- I:\Program Files\Google
2014-04-13 17:17:09 ----D---- I:\WINDOWS\system32
2014-04-02 22:23:20 ----HDC---- I:\WINDOWS\$NtUninstallKB978706$
2014-04-02 22:20:15 ----D---- I:\Program Files\SqueakyChocolate
2014-03-31 18:08:10 ----D---- I:\Program Files\Mozilla Maintenance Service
2014-03-30 09:48:27 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; I:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 DrWebWfp;DrWebWfp; I:\WINDOWS\system32\drivers\dw_wfp.sys [2014-04-25 58528]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; I:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\I:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 Aspi32;Aspi32; I:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 atksgt;atksgt; I:\WINDOWS\system32\DRIVERS\atksgt.sys [2013-09-26 278984]
R2 lirsgt;lirsgt; I:\WINDOWS\system32\DRIVERS\lirsgt.sys [2013-09-26 25416]
R2 Sentinel;Sentinel; I:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 gdrv;gdrv; \??\I:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 PdiPorts;Portrait Displays low level device driver; I:\WINDOWS\System32\Drivers\PdiPorts.sys [2010-04-16 17136]
R3 pgfilter;pgfilter; \??\I:\Program Files\PeerGuardian2\pgfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; I:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-16 115840]
R3 SNP325;USB PC Camera (SNPSTD325); I:\WINDOWS\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Pivot;Pivot; I:\WINDOWS\System32\drivers\pivot.sys [2010-05-13 17465]
S3 a9iq7cvs;a9iq7cvs; I:\WINDOWS\system32\drivers\a9iq7cvs.sys []
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\I:\WINDOWS\system32\drivers\CDANT.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\I:\WINDOWS\System32\drivers\pivotmou.sys []
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; I:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\i:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Sony Ericsson USB Serial Port; I:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; I:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; I:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Content Service;Autodesk Content Service; I:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 C-DillaSrv;C-DillaSrv; I:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2009-08-18 32256]
R2 DrWebFwSvc;Dr.Web Firewall Service; I:\Program Files\DrWeb\frwl_svc.exe [2014-04-25 1243504]
R2 DTSRVC;Portrait Displays Display Tune Service; I:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-05-17 121456]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre7\bin\jqs.exe [2013-07-23 182184]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PdiService;Portrait Displays SDK Service; I:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); I:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service; I:\TeklaStructures\License\Server\lmgrd.exe [2010-07-12 1377104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-01-13 1044816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 deltafw;SE27mdm; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 epson_pm_rpcv2_02;Agnfilt; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 GEST Service;GEST Service for program management.; I:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-12-08 68136]
S2 ghoststartservice;Vetefile; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 iaimfp3;Machnm32; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 nsausvc;Alim1541; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-14 14336]
S2 roxupnprenderer;Tvicport; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 s117unic;SiSRaid2; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 sdhelper;Vmusb; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 snac;Bocdrive; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 symantecantibotdriver;Pgpserv; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 tphkdrv;Nvedavt; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 wpsdrvnt;Eskerlicensecontrol; I:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; I:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; I:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-02 77944]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; I:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; I:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; I:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; I:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-26 79360]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; I:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; I:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; I:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 25 dub 2014 21:46

Log je již OK.Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

mogon · #9 Příspěvek od **mogon** » 25 dub 2014 22:22

Žiadne zlepšenie som nepobadal. Vyzera to stále rovnako pomalé.
Keď si hned po štarte pozriem bežiace procesy, tak je medzi nimi proces, ktorý som si nikdy predtým nevšimol: Connect.Service.ContentService.exe Možno som ho len prehliadol, niesom taky odborník aby som dokázal povedať či je to v poriadku alebo nie.

A ešte jedna vec. Keď sa mi to pred pár dňami spomalilo, myslel som že mam nejaký vírus, tak som si nainštaloval 30 dňovú verziu ESET smart security a ked som si ho chcel spustiť zobrazila sa hlaška: Windows cannot open this program because it has been prevented by a software restriction policy.for more information, open Event Viewer or contact your system administrator. Rovnaká hláška sa zobrazila aj pri pokuse spustiť antivir Dr.WEB (poradil mi ten program kolega)

Tak neviem...

#10 Příspěvek od **Rudy** » 26 dub 2014 10:21

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Connect.Service je utilita od Autodesk. To jste si musel nainstalovat.

mogon · #11 Příspěvek od **mogon** » 26 dub 2014 17:21

Spustil som, počas skenovania mi našlo aj nejaky roolkit a počitač sa 2x reštartol. Prikladám log:

ComboFix 14-04-26.01 - Mogon 26.04.2014 18:01:15.5.8 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.3326.2915 [GMT 2:00]
Running from: i:\documents and settings\Mogon\Desktop\ComboFix.exe
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
i:\documents and settings\All Users\Application Data\TEMP
i:\program files\ESET\MiNODLogin
i:\program files\ESET\MiNODLogin\core.jar
i:\program files\ESET\MiNODLogin\native-lib.dll
i:\program files\ESET\MiNODLogin\uninst.exe
i:\windows\$NtUninstallKB41124$
i:\windows\$NtUninstallKB41124$\1205135216\@
i:\windows\$NtUninstallKB41124$\1205135216\cfg.ini
i:\windows\$NtUninstallKB41124$\1205135216\Desktop.ini
i:\windows\$NtUninstallKB41124$\1205135216\L\00000004.@
i:\windows\$NtUninstallKB41124$\1205135216\L\201d3dde
i:\windows\$NtUninstallKB41124$\1205135216\L\umixxwkm
i:\windows\$NtUninstallKB41124$\1205135216\U\00000001.@
i:\windows\$NtUninstallKB41124$\1205135216\U\00000002.@
i:\windows\$NtUninstallKB41124$\1205135216\U\00000004.@
i:\windows\$NtUninstallKB41124$\1205135216\U\80000000.@
i:\windows\$NtUninstallKB41124$\1205135216\U\80000004.@
i:\windows\$NtUninstallKB41124$\1205135216\U\80000032.@
i:\windows\$NtUninstallKB41124$\3552816573
i:\windows\system32\dds_trash_log.cmd
.
.
((((((((((((((((((((((((( Files Created from 2014-03-26 to 2014-04-26 )))))))))))))))))))))))))))))))
.
.
2014-04-26 07:11 . 2014-04-26 07:11 -------- d-----w- i:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2014-04-26 07:11 . 2014-04-26 07:18 -------- d-----w- i:\program files\SUPERAntiSpyware
2014-04-25 16:39 . 2014-04-25 16:42 -------- d-----w- I:\AdwCleaner
2014-04-25 16:08 . 2014-04-25 16:08 295224 ----a-w- i:\windows\system32\drivers\dwprot.sys
2014-04-25 16:08 . 2014-04-25 16:08 58528 ----a-w- i:\windows\system32\drivers\dw_wfp.sys
2014-04-25 16:08 . 2014-04-25 16:08 187040 ----a-w- i:\windows\system32\drivers\DrWebLwf.sys
2014-04-25 16:08 . 2014-04-25 16:08 180408 ----a-w- i:\windows\system32\drivers\spiderg3.sys
2014-04-02 20:12 . 2014-04-16 16:29 107736 ----a-w- i:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-02 20:12 . 2014-04-02 20:12 -------- d-----w- i:\documents and settings\All Users\Application Data\Malwarebytes
2014-04-02 20:01 . 2014-04-26 07:18 -------- d-----w- i:\documents and settings\Mogon\Application Data\SUPERAntiSpyware.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-26 16:10 . 2009-05-29 19:30 16608 ----a-w- i:\windows\gdrv.sys
2014-03-11 21:25 . 2012-04-03 15:12 692616 ----a-w- i:\windows\system32\FlashPlayerApp.exe
2014-03-11 21:25 . 2011-09-13 14:34 71048 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 21:25 . 2014-03-11 21:25 5777288 ----a-w- i:\windows\system32\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="i:\program files\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
"ICQ"="i:\program files\ICQ7M\ICQ.exe" [2013-01-15 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 77824]
"AlcWzrd"="ALCWZRD.EXE" [2008-06-19 2808832]
"JMB36X IDE Setup"="i:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"tsnp325"="i:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="i:\windows\vsnp325.exe" [2007-05-10 835584]
"NvMediaCenter"="i:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="i:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"ISUSPM Startup"="i:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="i:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SpIDerAgent"="i:\program files\DrWeb\spideragent.exe" [2014-04-25 14080256]
"Firewall"="i:\program files\DrWeb\frwl_notify.exe" [2014-04-25 1830680]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
path=i:\documents and settings\Mogon\Start Menu\Programs\Startup\GIGABYTE Gamer HUD.lnk
backup=i:\windows\pss\GIGABYTE Gamer HUD.lnkStartup
.
[HKLM\~\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
path=i:\documents and settings\Mogon\Start Menu\Programs\Startup\SolidWorks Task Scheduler Engine.lnk
backup=i:\windows\pss\SolidWorks Task Scheduler Engine.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- i:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
2012-02-05 22:01 383424 ----a-w- i:\program files\Autodesk\Autodesk Sync\AdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-02-07 14:21 54832 ----a-w- i:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- i:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
2010-05-13 15:34 110192 ----a-w- i:\program files\Portrait Displays\Pivot Pro Plugin\pivot_Startup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- i:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-02-07 14:24 71216 ------w- i:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"i:\\Program Files\\uTorrent\\uTorrent.exe"=
"i:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"i:\\Program Files\\ICQ7M\\ICQ.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 DrWebLwf;Dr.Web Firewall Kernel-Mode Driver;i:\windows\system32\drivers\DrWebLwf.sys [25.4.2014 18:08 187040]
R0 DwProt;DrWeb Protection;i:\windows\system32\drivers\dwprot.sys [25.4.2014 18:08 295224]
R0 SpiderG3;DrWeb file system scanner;i:\windows\system32\drivers\spiderg3.sys [25.4.2014 18:08 180408]
R0 sptd;sptd;i:\windows\system32\drivers\sptd.sys [24.12.2010 14:20 685816]
R1 DrWebWfp;DrWebWfp;i:\windows\system32\drivers\dw_wfp.sys [25.4.2014 18:08 58528]
R2 DrWebFwSvc;Dr.Web Firewall Service;i:\program files\DrWeb\frwl_svc.exe [25.4.2014 18:08 1243504]
R2 PdiService;Portrait Displays SDK Service;i:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [24.1.2012 18:35 109168]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service;i:\teklastructures\License\Server\lmgrd.exe [12.7.2010 10:11 1377104]
R3 SNP325;USB PC Camera (SNPSTD325);i:\windows\system32\drivers\snp325.sys [3.8.2009 10:16 10394624]
S0 FC41C36965C;FC41C36965C;i:\windows\system32\drivers\FC41C36965C.sys --> i:\windows\system32\drivers\FC41C36965C.sys [?]
S2 GEST Service;GEST Service for program management.;i:\program files\GIGABYTE\EnergySaver\GSvr.exe [29.5.2009 21:31 68136]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;i:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [15.10.2009 7:51 87336]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;i:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2.9.2011 9:51 155344]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;i:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 8:01 2799808]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - PGFILTER
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
pgpsdkservice
nsausvc
iaimfp3
roxupnprenderer
sdhelper
snac
wpsdrvnt
tvicport
s117unic
symantecantibotdriver
tphkdrv
epson_pm_rpcv2_02
ghoststartservice
deltafw
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-17 18:35 1077576 ----a-w- i:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-26 i:\windows\Tasks\Adobe Flash Player Updater.job
- i:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:25]
.
2014-01-02 i:\windows\Tasks\AppleSoftwareUpdate.job
- i:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2014-04-25 i:\windows\Tasks\Dr.Web Daily scan.job
- i:\program files\DrWeb\dwscanner.exe [2014-04-25 16:08]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - i:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - i:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - file:///C:/_Schodiská,%20Balkóny,%20Zábradlia/Zábr.%20točeného%20bet.%20schodiska/PublicWeb/dll/zkitlib.dll
DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
FF - ProfilePath - i:\documents and settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - ExtSQL: 2049-12-31 14:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; i:\documents and settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF - ExtSQL: !HIDDEN! 2009-10-02 17:56; {20a82645-c095-46ed-80e3-08825760534b}; i:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-DrWebEngine
MSConfigStartUp-SUPERAntiSpyware - i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSConfigStartUp-UpdateChecker - i:\program files\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-26 18:10
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\i:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3808)
i:\windows\system32\WININET.dll
i:\windows\system32\AcSignIcon.dll
i:\windows\system32\msi.dll
i:\windows\system32\ieframe.dll
i:\windows\system32\webcheck.dll
i:\windows\system32\WPDShServiceObj.dll
i:\windows\system32\PortableDeviceTypes.dll
i:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
i:\windows\system32\nvsvc32.exe
i:\windows\system32\DRIVERS\CDANTSRV.EXE
i:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe
i:\program files\Java\jre7\bin\jqs.exe
i:\program files\CyberLink\Shared files\RichVideo.exe
i:\teklastructures\License\Server\tekla.exe
i:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
i:\windows\system32\wscntfy.exe
i:\windows\RTHDCPL.EXE
i:\windows\SOUNDMAN.EXE
i:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Completion time: 2014-04-26 18:14:23 - machine was rebooted
ComboFix-quarantined-files.txt 2014-04-26 16:14
.
Pre-Run: 11 554 414 592 bytes free
Post-Run: 11 557 396 480 bytes free
.
- - End Of File - - B65FBA10551B9CEDFDB8C01E5D452BB3
8F558EB6672622401DA993E1E865C861

#12 Příspěvek od **Rudy** » 26 dub 2014 18:26

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
i:\windows\system32\drivers\FC41C36965C.sys

Driver::
FC41C36965C

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

mogon · #13 Příspěvek od **mogon** » 26 dub 2014 19:06

prikladam log: ComboFix 14-04-26.01 - Mogon 26.04.2014 19:52:36.6.8 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3326.2781 [GMT 2:00]
Running from: i:\documents and settings\Mogon\Desktop\ComboFix.exe
Command switches used :: i:\documents and settings\Mogon\Desktop\CFScript.txt
FW: Dr.Web Firewall *Enabled* {3454C8F1-ECBC-4181-A7F4-04632FBA762B}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_FC41C36965C
.
.
((((((((((((((((((((((((( Files Created from 2014-03-26 to 2014-04-26 )))))))))))))))))))))))))))))))
.
.
2014-04-26 17:28 . 2014-04-26 17:28 -------- d-----r- i:\program files\Skype
2014-04-26 17:28 . 2014-04-26 17:28 -------- d-----w- i:\program files\Common Files\Skype
2014-04-26 17:04 . 2014-04-26 17:07 -------- d-----w- i:\windows\system32\MRT
2014-04-26 16:44 . 2014-02-26 01:59 13312 -c----w- i:\windows\system32\dllcache\xp_eos.exe
2014-04-26 16:44 . 2014-02-26 01:59 13312 ------w- i:\windows\system32\xp_eos.exe
2014-04-26 16:43 . 2013-07-03 02:12 25088 -c----w- i:\windows\system32\dllcache\hidparse.sys
2014-04-26 16:41 . 2013-02-12 00:32 12928 -c----w- i:\windows\system32\dllcache\usb8023x.sys
2014-04-26 16:41 . 2013-02-12 00:32 12928 -c----w- i:\windows\system32\dllcache\usb8023.sys
2014-04-26 16:41 . 2013-07-17 00:58 123008 -c----w- i:\windows\system32\dllcache\usbvideo.sys
2014-04-26 16:41 . 2013-07-17 00:58 46848 -c----w- i:\windows\system32\dllcache\irbus.sys
2014-04-26 16:41 . 2013-07-17 00:58 60160 -c----w- i:\windows\system32\dllcache\usbaudio.sys
2014-04-26 16:40 . 2013-08-09 00:55 144128 -c----w- i:\windows\system32\dllcache\usbport.sys
2014-04-26 16:40 . 2013-08-09 00:55 5376 -c----w- i:\windows\system32\dllcache\usbd.sys
2014-04-26 16:40 . 2009-03-18 11:02 30336 -c----w- i:\windows\system32\dllcache\usbehci.sys
2014-04-26 07:11 . 2014-04-26 07:11 -------- d-----w- i:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2014-04-26 07:11 . 2014-04-26 07:18 -------- d-----w- i:\program files\SUPERAntiSpyware
2014-04-25 16:39 . 2014-04-25 16:42 -------- d-----w- I:\AdwCleaner
2014-04-25 16:08 . 2014-04-25 16:08 295224 ----a-w- i:\windows\system32\drivers\dwprot.sys
2014-04-25 16:08 . 2014-04-25 16:08 58528 ----a-w- i:\windows\system32\drivers\dw_wfp.sys
2014-04-25 16:08 . 2014-04-25 16:08 187040 ----a-w- i:\windows\system32\drivers\DrWebLwf.sys
2014-04-25 16:08 . 2014-04-25 16:08 180408 ----a-w- i:\windows\system32\drivers\spiderg3.sys
2014-04-02 20:12 . 2014-04-16 16:29 107736 ----a-w- i:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-02 20:12 . 2014-04-02 20:12 -------- d-----w- i:\documents and settings\All Users\Application Data\Malwarebytes
2014-04-02 20:01 . 2014-04-26 07:18 -------- d-----w- i:\documents and settings\Mogon\Application Data\SUPERAntiSpyware.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-26 18:00 . 2009-05-29 19:30 16608 ----a-w- i:\windows\gdrv.sys
2014-03-11 21:25 . 2012-04-03 15:12 692616 ----a-w- i:\windows\system32\FlashPlayerApp.exe
2014-03-11 21:25 . 2011-09-13 14:34 71048 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 21:25 . 2014-03-11 21:25 5777288 ----a-w- i:\windows\system32\FlashPlayerInstaller.exe
2014-03-06 17:59 . 2004-08-03 22:56 920064 ----a-w- i:\windows\system32\wininet.dll
2014-03-06 17:59 . 2004-08-03 22:56 1469440 ------w- i:\windows\system32\inetcpl.cpl
2014-03-06 17:59 . 2004-08-03 22:56 43520 ----a-w- i:\windows\system32\licmgr10.dll
2014-03-06 17:59 . 2004-08-03 22:56 18944 ----a-w- i:\windows\system32\corpol.dll
2014-03-06 00:46 . 2004-08-03 20:59 385024 ----a-w- i:\windows\system32\html.iec
2014-02-07 02:01 . 2004-08-03 21:17 1879040 ----a-w- i:\windows\system32\win32k.sys
2014-02-05 08:55 . 2004-08-03 22:56 562688 ----a-w- i:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="i:\program files\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 77824]
"AlcWzrd"="ALCWZRD.EXE" [2008-06-19 2808832]
"JMB36X IDE Setup"="i:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"tsnp325"="i:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="i:\windows\vsnp325.exe" [2007-05-10 835584]
"NvMediaCenter"="i:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="i:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"ISUSPM Startup"="i:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="i:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SpIDerAgent"="i:\program files\DrWeb\spideragent.exe" [2014-04-25 14080256]
"Firewall"="i:\program files\DrWeb\frwl_notify.exe" [2014-04-25 1830680]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^GIGABYTE Gamer HUD.lnk]
path=i:\documents and settings\Mogon\Start Menu\Programs\Startup\GIGABYTE Gamer HUD.lnk
backup=i:\windows\pss\GIGABYTE Gamer HUD.lnkStartup
.
[HKLM\~\startupfolder\I:^Documents and Settings^Mogon^Start Menu^Programs^Startup^SolidWorks Task Scheduler Engine.lnk]
path=i:\documents and settings\Mogon\Start Menu\Programs\Startup\SolidWorks Task Scheduler Engine.lnk
backup=i:\windows\pss\SolidWorks Task Scheduler Engine.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- i:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- i:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
2012-02-05 22:01 383424 ----a-w- i:\program files\Autodesk\Autodesk Sync\AdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2013-01-15 17:12 127040 ----a-w- i:\program files\ICQ7M\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-02-07 14:21 54832 ----a-w- i:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- i:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
2010-05-13 15:34 110192 ----a-w- i:\program files\Portrait Displays\Pivot Pro Plugin\pivot_Startup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- i:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-02-07 14:24 71216 ------w- i:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\Program Files\\uTorrent\\uTorrent.exe"=
"i:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"i:\\Program Files\\ICQ7M\\ICQ.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 DrWebLwf;Dr.Web Firewall Kernel-Mode Driver;i:\windows\system32\drivers\DrWebLwf.sys [25.4.2014 18:08 187040]
R0 DwProt;DrWeb Protection;i:\windows\system32\drivers\dwprot.sys [25.4.2014 18:08 295224]
R0 SpiderG3;DrWeb file system scanner;i:\windows\system32\drivers\spiderg3.sys [25.4.2014 18:08 180408]
R0 sptd;sptd;i:\windows\system32\drivers\sptd.sys [24.12.2010 14:20 685816]
R1 DrWebWfp;DrWebWfp;i:\windows\system32\drivers\dw_wfp.sys [25.4.2014 18:08 58528]
R2 DrWebFwSvc;Dr.Web Firewall Service;i:\program files\DrWeb\frwl_svc.exe [25.4.2014 18:08 1243504]
R2 PdiService;Portrait Displays SDK Service;i:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [24.1.2012 18:35 109168]
R2 Tekla Structures Licensing Service;Tekla Structures Licensing Service;i:\teklastructures\License\Server\lmgrd.exe [12.7.2010 10:11 1377104]
R3 SNP325;USB PC Camera (SNPSTD325);i:\windows\system32\drivers\snp325.sys [3.8.2009 10:16 10394624]
S2 GEST Service;GEST Service for program management.;i:\program files\GIGABYTE\EnergySaver\GSvr.exe [29.5.2009 21:31 68136]
S2 SkypeUpdate;Skype Updater;i:\program files\Skype\Updater\Updater.exe [23.10.2013 8:15 172192]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;i:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [15.10.2009 7:51 87336]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;i:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2.9.2011 9:51 155344]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;i:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 8:01 2799808]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - PGFILTER
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
pgpsdkservice
nsausvc
iaimfp3
roxupnprenderer
sdhelper
snac
wpsdrvnt
tvicport
s117unic
symantecantibotdriver
tphkdrv
epson_pm_rpcv2_02
ghoststartservice
deltafw
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-17 18:35 1077576 ----a-w- i:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-26 i:\windows\Tasks\Adobe Flash Player Updater.job
- i:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:25]
.
2014-01-02 i:\windows\Tasks\AppleSoftwareUpdate.job
- i:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2014-04-25 i:\windows\Tasks\Dr.Web Daily scan.job
- i:\program files\DrWeb\dwscanner.exe [2014-04-25 16:08]
.
2014-04-26 i:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- i:\windows\system32\xp_eos.exe [2014-04-26 01:59]
.
2014-04-26 i:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- i:\windows\system32\xp_eos.exe [2014-04-26 01:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - i:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - i:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - i:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} - file:///C:/_Schodiská,%20Balkóny,%20Zábradlia/Zábr.%20točeného%20bet.%20schodiska/PublicWeb/dll/zkitlib.dll
DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - file:///I:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
FF - ProfilePath - i:\documents and settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - ExtSQL: 2049-12-31 14:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; i:\documents and settings\Mogon\Application Data\Mozilla\Firefox\Profiles\d2uacjvf.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
FF - ExtSQL: !HIDDEN! 2009-10-02 17:56; {20a82645-c095-46ed-80e3-08825760534b}; i:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-26 20:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\i:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3024)
i:\windows\system32\WININET.dll
i:\windows\system32\AcSignIcon.dll
i:\windows\system32\msi.dll
i:\windows\system32\ieframe.dll
i:\windows\system32\webcheck.dll
i:\windows\system32\WPDShServiceObj.dll
i:\windows\system32\PortableDeviceTypes.dll
i:\windows\system32\PortableDeviceApi.dll
i:\program files\Microsoft Office\OFFICE11\msohev.dll
i:\program files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
i:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
i:\windows\system32\nvsvc32.exe
i:\windows\system32\DRIVERS\CDANTSRV.EXE
i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
i:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe
i:\program files\Java\jre7\bin\jqs.exe
i:\program files\CyberLink\Shared files\RichVideo.exe
i:\teklastructures\License\Server\tekla.exe
i:\windows\RTHDCPL.EXE
i:\windows\SOUNDMAN.EXE
i:\windows\system32\RUNDLL32.EXE
i:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
i:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2014-04-26 20:02:57 - machine was rebooted
ComboFix-quarantined-files.txt 2014-04-26 18:02
ComboFix2.txt 2014-04-26 16:14
.
Pre-Run: 6 475 427 840 bytes free
Post-Run: 6 651 535 360 bytes free
.
- - End Of File - - 02750DDBA2EADC885D30CA11FD6E37FD
8F558EB6672622401DA993E1E865C861

#14 Příspěvek od **Rudy** » 26 dub 2014 19:55

Log je již OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala teď nějaká změna?

mogon · #15 Příspěvek od **mogon** » 26 dub 2014 20:51

Poskúšal som nejaké programy a podobne. Počítač ide celkovo rýchlejšie. Štart počítača sa trocha zrýchlil,ale stále to nieje ono. Navyše mi prestal fungovať prehliadač mozilla. Nedokáže načítať stránky, pričom v iných prehliadačoch som problém nezistil.

Hláška, ktorú som Vám už spomínal predtým (Windows cannot open this program because it has been prevented by a software restriction policy.for more information, open Event Viewer or contact your system administrator) sa zobrazuje stále pri snahe spustit nejaký antivirový program.

VIRY.CZ

Spomalenie počitača

Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača

Re: Spomalenie počitača