Problém se zahlcováním ramky systémem

Ichiro · Příspěvekod **Ichiro** » 11 led 2012 14:33

Dobrý den,
je to asi tři dny zpět, kdy jsem si nainstaloval program TuneUp 2012 abych si trošku zrychlil svůj notebook. Jisté změny k lepšímu nastali ale....
Mám 3GB ram paměťi a většinou jsem měl zaplněnou paměť tak na 1,2Gb ovšem po "úžasném" zásahu TuneUP mám rázem vytíženost ramky překračuje 2GB ze 3GB.System mám originální a antivirová ochrana Norton internet security je taky legální. Program TuneUp 2012 jsem odinstaloval. Mimo to jsem notebook projel malwarem apt, čistil ccleaner nebo advanced system care ale žádný problém nenalezen. Kontroloval jsem programem Process explorer procesy, které by to tak mohli vytěžovat ale v součtu procesů to nedává takový objem, jakým je ramka vytížená. Nevím si s tím rady. Asi program spustil nebo přepsal někde nějaké hodnoty, že systém rázem bere cca o 1GB více ramky než dříve.
Přikládám log a prosím o radu. Předem děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:31:48, on 11.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Ichiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 7675 bytes

Reklama

Hlebka · Příspěvekod **Hlebka** » 11 led 2012 14:37

a zkousel si v programu Advanced System Care v5 nebo 4 Toolbox Smart ram?

//Ltb: HJT sekce má svá pravidla, prosím přenechte řešení našim HJT specialistům. Další OT budou promazány...

Ichiro · Příspěvekod **Ichiro** » 11 led 2012 14:46

Ano zkoušel, zkoušel jsem i jiné programy na optimalizaci paměti ale bohužel stav zůstal stejný. Uvolnili pár MB. Je to moje chyba, že jsem si ten program instaloval. Zapomněl jsem dodat, že procesor jinak není skoro moc vytěžovaný.

Příspěvekod **jaro3** » 11 led 2012 18:23

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O9 - Extra button: (no name) - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - (no file) (HKCU)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

Ichiro · Příspěvekod **Ichiro** » 11 led 2012 19:57

Tak tady výpis z ComboFixu a CrystalDisku. Ramky jsem odtestoval a vše v pořádku.

ComboFix 12-01-10.02 - Ichiro 11.01.2012 19:33:51.2.2 - x86 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3070.2606 [GMT 1:00]
Spuštěný z: c:\users\Ichiro\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\ST6UNST.000
c:\windows\system32\Config.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-11 do 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 18:42 . 2012-01-11 18:42 -------- d-----w- c:\users\Ichiro\AppData\Local\temp
2012-01-11 18:42 . 2012-01-11 18:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-11 12:24 . 2012-01-11 12:24 388096 ----a-r- c:\users\Ichiro\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-11 12:24 . 2012-01-11 12:24 -------- d-----w- c:\program files\Trend Micro
2012-01-11 04:49 . 2012-01-11 11:33 -------- d-----w- c:\users\Ichiro\DoctorWeb
2012-01-11 03:33 . 2012-01-11 03:33 -------- d-----w- c:\programdata\Kaspersky Lab
2012-01-11 03:28 . 2012-01-11 03:29 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-11 03:28 . 2012-01-11 03:28 -------- d-----w- c:\users\Ichiro\AppData\Roaming\Malwarebytes
2012-01-11 03:27 . 2012-01-11 03:27 -------- d-----w- c:\programdata\Malwarebytes
2012-01-11 02:52 . 2012-01-11 02:52 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-11 02:52 . 2012-01-11 02:52 -------- d-----w- c:\program files\Symantec
2012-01-11 02:51 . 2012-01-11 03:06 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-11 02:50 . 2012-01-11 02:51 -------- d-----w- c:\program files\Norton Internet Security
2012-01-11 02:50 . 2012-01-11 02:50 -------- d-----w- c:\program files\NortonInstaller
2012-01-11 02:35 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{970FE0FE-67C3-40F4-ADDB-7B34D1288F05}\mpengine.dll
2012-01-11 02:35 . 2012-01-11 02:35 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 02:34 . 2012-01-11 02:34 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-11 02:34 . 2012-01-11 02:34 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-11 02:34 . 2012-01-11 02:34 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-11 02:34 . 2012-01-11 02:34 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-11 02:34 . 2012-01-11 02:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-11 02:34 . 2012-01-11 02:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 02:34 . 2012-01-11 02:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-11 02:34 . 2012-01-11 02:34 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-11 02:34 . 2012-01-11 02:34 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-11 02:34 . 2012-01-11 02:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-11 02:34 . 2012-01-11 02:34 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 02:34 . 2012-01-11 02:34 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 02:32 . 2012-01-11 02:32 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 01:56 . 2012-01-11 02:50 -------- d-----w- c:\programdata\Norton
2012-01-10 20:59 . 2012-01-10 20:59 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-10 20:59 . 2012-01-10 20:59 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-10 20:59 . 2012-01-10 20:59 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-10 20:59 . 2012-01-10 20:59 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-09 23:45 . 2012-01-09 23:45 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-09 14:17 . 2012-01-09 14:17 -------- d-----w- c:\programdata\Babylon
2012-01-09 13:59 . 2011-12-22 22:09 187016 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-01-09 13:59 . 2011-12-22 22:09 17032 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-01-09 13:59 . 2011-12-22 22:09 50312 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-01-09 13:59 . 2011-12-22 22:09 44680 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-01-09 13:32 . 2012-01-09 13:32 286720 ----a-w- c:\windows\iun507.exe
2012-01-09 13:32 . 2012-01-09 13:32 -------- d-----w- c:\program files\RescuePRO
2012-01-08 02:17 . 2012-01-08 02:17 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-08 01:50 . 2012-01-08 02:11 -------- d-----w- c:\program files\Winnydows
2012-01-06 21:41 . 2012-01-06 21:42 -------- d-----w- c:\program files\Miranda IM
2012-01-06 15:45 . 2012-01-10 19:54 -------- d-----w- c:\users\Ichiro\AppData\Roaming\ICQ
2012-01-06 15:45 . 2012-01-06 15:47 -------- d-----w- c:\program files\ICQ7.7
2012-01-05 12:19 . 2012-01-05 13:00 -------- d-----w- c:\users\Ichiro\.shsh
2012-01-04 12:33 . 2012-01-04 12:34 -------- d-----w- c:\windows\WindowsMobile
2012-01-04 12:01 . 2012-01-04 12:01 -------- d-----w- c:\program files\iPod
2012-01-04 12:01 . 2012-01-05 13:46 -------- d-----w- c:\program files\iTunes
2012-01-04 01:52 . 2012-01-04 02:04 -------- d-----w- c:\programdata\AVerTV 3D
2012-01-04 01:49 . 2011-03-29 17:46 106496 ----a-w- c:\windows\system32\CardID.dll
2012-01-04 01:49 . 2007-02-08 20:09 49152 ----a-w- c:\windows\system32\AVerIO.dll
2012-01-04 01:49 . 2005-04-29 02:08 3456 ----a-w- c:\windows\system32\AVerIO.sys
2012-01-04 01:49 . 2011-06-01 18:55 421888 ----a-w- c:\windows\system32\sptlib02.dll
2012-01-04 01:49 . 2011-05-12 18:52 614400 ----a-w- c:\windows\system32\sptlib21.dll
2012-01-04 01:49 . 2010-06-24 21:10 307200 ----a-w- c:\windows\system32\sptlib03.dll
2012-01-04 01:49 . 2010-06-24 21:10 311296 ----a-w- c:\windows\system32\sptlib01.dll
2012-01-04 01:49 . 2010-05-19 18:39 307200 ----a-w- c:\windows\system32\sptlib22.dll
2012-01-04 01:49 . 2009-09-04 22:47 135168 ----a-w- c:\windows\system32\sptlib12.dll
2012-01-04 01:49 . 2009-07-03 02:38 294912 ----a-w- c:\windows\system32\sptlib11.dll
2012-01-04 01:49 . 2012-01-04 01:49 -------- d-----w- c:\program files\Common Files\AVerMedia
2012-01-03 13:28 . 2012-01-03 14:30 -------- d-----w- c:\programdata\AVerTV
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2012-01-03 01:41 . 2012-01-03 19:32 -------- d-----w- c:\users\Ichiro\AppData\Local\Facebook
2011-12-29 15:21 . 2011-12-29 15:49 -------- d-----w- c:\program files\Microsoft Works
2011-12-29 15:17 . 2011-12-29 15:17 -------- d-----r- C:\MSOCache
2011-12-26 18:01 . 2011-12-26 18:01 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2011-12-24 22:41 . 2011-12-24 22:41 16904 ----a-w- c:\windows\system32\drivers\KLMD.sys
2011-12-24 16:03 . 2010-11-25 11:37 138752 ----a-w- c:\windows\system\glide3x.dll
2011-12-14 11:37 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-12-14 10:16 . 2011-12-14 10:16 -------- d-----w- c:\windows\Corel
2011-12-14 10:13 . 2011-12-14 10:13 -------- d-----w- c:\program files\Corel
2011-12-14 10:13 . 2011-12-14 10:13 -------- d-----w- c:\program files\Common Files\Corel
2011-12-13 22:33 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-13 22:33 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-13 22:33 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-13 22:33 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-13 22:33 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-13 22:33 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 18:26 . 2011-12-13 18:43 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-11 02:34 . 2012-01-11 02:34 224768 ----a-w- c:\windows\system32\schannel.dll
2011-12-22 22:12 . 2011-10-11 01:15 49240 ----a-w- c:\windows\system32\drivers\stdriver32.sys
2011-12-20 16:59 . 2010-10-18 00:49 249856 ------w- c:\windows\Setup1.exe
2011-12-20 16:59 . 2010-10-18 00:49 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-08 12:25 . 2011-12-08 12:25 1390730 ----a-w- c:\windows\system32\AutoPartNt.exe
2011-12-07 16:45 . 2009-11-13 08:06 114048 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-11-28 06:20 . 2011-11-28 06:20 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-27 08:21 . 2011-11-27 08:21 21639680 ----a-w- c:\windows\system32\imageres.dll
2011-11-25 11:48 . 2011-11-25 11:48 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-11-24 12:46 . 2011-04-07 12:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-23 05:31 . 2011-11-23 05:31 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-11-18 09:43 . 2011-05-24 09:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-15 13:29 . 2009-11-05 19:43 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-19 21:15 . 2011-11-26 00:16 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-18 18:53 . 2011-12-09 13:33 3546664 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-10-18 17:10 . 2011-12-09 13:33 83048 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-10-18 14:57 . 2011-12-09 13:33 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
2011-10-18 12:47 . 2011-12-09 13:33 1329768 ----a-w- c:\windows\system32\RtkApoApi.dll
2011-10-18 10:05 . 2011-12-09 13:33 2276968 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-10-18 00:39 . 2011-10-18 00:39 32824 ----a-w- c:\windows\system32\drivers\psadd.sys
2011-10-17 16:30 . 2011-12-09 13:33 4238440 ----a-w- c:\windows\system32\RtkAPO.dll
2011-10-14 12:43 . 2011-12-09 13:33 1873920 ----a-w- c:\windows\system32\RCoRes.dat
2012-01-10 20:59 . 2011-04-05 18:18 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-10-14 14:01 . 2010-01-09 18:04 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-11-12 1647448]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
"DisableStartupSound"= 0 (0x0)
"DisableStatusMessages"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [2011-12-23 820344]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys [2011-08-08 132744]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120110.002\IDSvix86.sys [2012-01-10 368248]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS [2011-07-26 149624]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1302000.00A\SYMNETS.SYS [2011-07-26 314488]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-10 490840]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-28 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe [2011-08-10 138760]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [x]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
R3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2009-12-08 437888]
R3 BTCOM;Bluetooth Serial port driver; [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
R3 btmaux;Intel Bluetooth Auxiliary Service; [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-08-02 45736]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-08-25 525352]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-08-25 76328]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-08-25 33832]
R3 EraserUtilDrvI13;EraserUtilDrvI13;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI13.sys [2012-01-11 106104]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 KLMD;KLMD;c:\windows\system32\Drivers\KLMD.sys [2011-12-24 16904]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-01-11 40776]
R3 netw5v32;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-05-31 6638080]
R3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent; [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic; [x]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [2006-08-29 32377]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-22 15488]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [2011-12-22 49240]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2007-02-15 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-07-02 38336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2008-11-12 12288]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS [2011-07-25 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS [2011-09-27 897656]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-14 218688]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-17 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-09-28 08:50]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310103756-262067671-4048560824-1001Core.job
- c:\users\Ichiro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-06 07:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel
IE: Od&eslat do aplikace OneNote
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Len ... etect2.cab
FF - ProfilePath - c:\users\Ichiro\AppData\Roaming\Mozilla\Firefox\Profiles\cemb2525.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109130&ba ... 6e7e866&q=
FF - prefs.js: network.proxy.ftp - 67.22.224.81
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 67.22.224.81
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 67.22.224.81
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109130
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 40054cd7000000000000001c26e7e866
FF - user.js: extensions.BabylonToolbar_i.hardId - 40054cd7000000000000001c26e7e866
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15348
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:17
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(508)
c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
Celkový čas: 2012-01-11 19:44:31
ComboFix-quarantined-files.txt 2012-01-11 18:44
.
Před spuštěním: Volných bajtů: 22 885 994 496
Po spuštění: Volných bajtů: 22 777 724 928
.
- - End Of File - - 3F06312D71A366C150FB4904697AED86

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 SP1 [6.1 Build 7601] (x86)
Date : 2012/01/11 19:55:55

-- Controller Map ----------------------------------------------------------
- Ricoh Memory Stick Controller [ATA]
+ Intel(R) ICH8M SATA AHCI Controller - 2829 [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVDRAM GMA-4082N ATA Device
- ATA Channel 1 (1)
- ATA Channel 2 (2)
- Ricoh SD/MMC Host Controller [ATA]
+ ATA Channel 0 (0) [ATA]
- FUJITSU MHW2120BH ATA Device
- ATA Channel 1 (1) [ATA]
- Ricoh xD-Picture Card Controller [ATA]
- ATA Channel 2 (2) [ATA]
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) FUJITSU MHW2120BH : 120.0 GB [0-2-0, pd1]

----------------------------------------------------------------------------
(1) FUJITSU MHW2120BH
----------------------------------------------------------------------------
Model : FUJITSU MHW2120BH
Firmware : 00840015
Serial Number : NZ2BT7926U9E
Disk Size : 120.0 GB (8.4/120.0/120.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/150
Power On Hours : 22305 hod.
Power On Count : 2332 krát
Temparature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : FEFEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _46 00000000AC43 Počet chyb čtení
02 100 100 _30 000001EB0000 Průchodnost disku
03 100 100 _25 000000000001 Čas na roztočení ploten
04 _99 _99 __0 000000000A3D Počet spuštění/zastavení
05 100 100 _24 07D000000000 Počet přemapovaných sektorů
07 100 100 _47 0000000009B7 Počet chybných hledání
08 100 100 _19 000000000000 Čas potřebný na vyhledání
09 _56 _56 __0 000000005721 Hodin v činnosti
0A 100 100 _20 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000091C Počet cyklů zapnutí zařízení
C0 100 100 __0 0000000000ED Počet vypnutí disku
C1 _96 _96 __0 000000017D78 Počet cyklů načítání/vymazání
C2 100 100 __0 003500110028 Teplota
C3 100 100 __0 0000000001C6 Počet oprav chybného čtení
C4 100 100 __0 00001B230000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 _60 000000001E7E Počet chyb při zápisu sektorů
CB 100 100 __0 016401EF0023 Počet chyb v kódech na opravu chyb
F0 200 200 __0 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 4E 5A 32 42
020: 54 37 39 32 36 55 39 45 00 03 40 00 00 04 30 30
030: 38 34 30 30 31 35 46 55 4A 49 54 53 55 20 4D 48
040: 57 32 31 32 30 42 48 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 4B B0 0D F9 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 02 00 00 00 4C 00 48
0A0: 01 F8 00 52 34 6B 7F 09 61 63 34 69 BE 09 61 63
0B0: 20 3F 00 3C 00 00 40 80 FF FE 00 00 FE FE 00 00
0C0: 00 00 00 00 00 00 00 00 4B B0 0D F9 00 00 00 00
0D0: 00 00 00 00 40 00 00 00 50 00 00 E0 40 D2 12 21
0E0: 00 00 00 00 00 00 00 00 00 00 01 00 00 00 40 05
0F0: 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 05 BC 00 00 00 00 00 00 40 04 40 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 A5

Příspěvekod **jaro3** » 11 led 2012 23:24

Odinstaluj:
Spyware Terminator
Babylon

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\iun507.exe
c:\windows\system32\drivers\sp_rsdrv2.sys

Folder::
c:\programdata\Kaspersky Lab
c:\programdata\Babylon

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=- 
"EnableUIADesktopToggle"=- 
"EnableLinkedConnections"=- 
"SynchronousMachineGroupPolicy"=-
"SynchronousUserGroupPolicy"=-
"DisableStartupSound"=- 
"DisableStatusMessages"=-

DDS::
uInternet Settings,ProxyOverride = <local>

Firefox::
FF - ProfilePath - c:\users\Ichiro\AppData\Roaming\Mozilla\Firefox\Profiles\cemb2525.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109130&ba ... 6e7e866&q=
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109130
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 40054cd7000000000000001c26e7e866
FF - user.js: extensions.BabylonToolbar_i.hardId - 40054cd7000000000000001c26e7e866
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15348
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:17
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

FF - prefs.js: network.proxy.ftp - 67.22.224.81
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 67.22.224.81
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 67.22.224.81
FF - prefs.js: network.proxy.http_port – 3128
Ty porty sis nastavoval sám??

01 100 100 _46 00000000AC43 Počet chyb čtení
02 100 100 _30 000001EB0000 Průchodnost disku
05 100 100 _24 07D000000000 Počet přemapovaných sektorů
07 100 100 _47 0000000009B7 Počet chybných hledání
C3 100 100 __0 0000000001C6 Počet oprav chybného čtení
C4 100 100 __0 00001B230000 Počet udalostí s číslem realokování sektorů
C8 100 100 _60 000000001E7E Počet chyb při zápisu sektorů
CB 100 100 __0 016401EF0023 Počet chyb v kódech na opravu chyb

Disk mi nepřipadá úplně OK , Sektory jsou v pohodě , ale snímač , či posuv....

Ichiro · Příspěvekod **Ichiro** » 12 led 2012 01:05

Ne, žádné adresy jsem nenastavoval. Jediný co jsem dělal byla v tuneup optimalizace internetu. Sám jsem žádný ruční zásah v nastavení adres a portů v prohlížeči atd nedělal. Přikládám nový výpisy.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:50:42, on 12.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 6425 bytes

ComboFix 12-01-10.02 - Ichiro 12.01.2012 0:06.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3070.1234 [GMT 1:00]
Spuštěný z: c:\users\Ichiro\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ichiro\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\iun507.exe"
"c:\windows\system32\drivers\sp_rsdrv2.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun507.exe
c:\windows\system32\drivers\sp_rsdrv2.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-11 do 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 23:19 . 2012-01-11 23:23 -------- d-----w- c:\users\Ichiro\AppData\Local\temp
2012-01-11 23:19 . 2012-01-11 23:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-11 22:09 . 2012-01-11 22:09 -------- d-----w- c:\users\Ichiro\AppData\Local\Adobe
2012-01-11 22:09 . 2012-01-11 22:09 -------- d-----w- c:\users\Ichiro\AppData\Local\Apps
2012-01-11 22:09 . 2012-01-11 22:09 -------- d-----w- c:\users\Ichiro\AppData\Local\AVerMedia
2012-01-11 21:51 . 2012-01-11 22:19 -------- d-----w- c:\users\Ichiro\AppData\Local\CrashDumps
2012-01-11 21:02 . 2012-01-11 21:02 -------- d-----w- c:\users\Ichiro\AppData\Local\GHISLER
2012-01-11 18:51 . 2012-01-11 18:51 -------- d-----w- c:\program files\CrystalDiskInfo
2012-01-11 12:24 . 2012-01-11 12:24 388096 ----a-r- c:\users\Ichiro\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-11 12:24 . 2012-01-11 12:24 -------- d-----w- c:\program files\Trend Micro
2012-01-11 03:28 . 2012-01-11 03:29 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-11 03:28 . 2012-01-11 03:28 -------- d-----w- c:\users\Ichiro\AppData\Roaming\Malwarebytes
2012-01-11 02:52 . 2012-01-11 02:52 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-11 02:52 . 2012-01-11 02:52 -------- d-----w- c:\program files\Symantec
2012-01-11 02:51 . 2012-01-11 03:06 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-11 02:50 . 2012-01-11 02:51 -------- d-----w- c:\program files\Norton Internet Security
2012-01-11 02:50 . 2012-01-11 02:50 -------- d-----w- c:\program files\NortonInstaller
2012-01-11 02:35 . 2012-01-11 02:35 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 02:34 . 2012-01-11 02:34 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-11 02:34 . 2012-01-11 02:34 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-11 02:34 . 2012-01-11 02:34 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-11 02:34 . 2012-01-11 02:34 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-11 02:34 . 2012-01-11 02:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-11 02:34 . 2012-01-11 02:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 02:34 . 2012-01-11 02:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-11 02:34 . 2012-01-11 02:34 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-11 02:34 . 2012-01-11 02:34 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-11 02:34 . 2012-01-11 02:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-11 02:34 . 2012-01-11 02:34 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 02:34 . 2012-01-11 02:34 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 02:32 . 2012-01-11 02:32 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 01:56 . 2012-01-11 02:50 -------- d-----w- c:\programdata\Norton
2012-01-10 20:59 . 2012-01-10 20:59 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-10 20:59 . 2012-01-10 20:59 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-10 20:59 . 2012-01-10 20:59 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-10 20:59 . 2012-01-10 20:59 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-09 23:45 . 2012-01-09 23:45 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-09 13:59 . 2011-12-22 22:09 187016 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-01-09 13:59 . 2011-12-22 22:09 17032 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-01-09 13:59 . 2011-12-22 22:09 50312 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-01-09 13:59 . 2011-12-22 22:09 44680 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-01-09 13:32 . 2012-01-09 13:32 -------- d-----w- c:\program files\RescuePRO
2012-01-08 02:17 . 2012-01-08 02:17 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-08 01:50 . 2012-01-08 02:11 -------- d-----w- c:\program files\Winnydows
2012-01-06 21:41 . 2012-01-11 21:02 -------- d-----w- c:\program files\Miranda IM
2012-01-06 15:45 . 2012-01-10 19:54 -------- d-----w- c:\users\Ichiro\AppData\Roaming\ICQ
2012-01-06 15:45 . 2012-01-06 15:47 -------- d-----w- c:\program files\ICQ7.7
2012-01-05 12:19 . 2012-01-05 13:00 -------- d-----w- c:\users\Ichiro\.shsh
2012-01-04 12:33 . 2012-01-04 12:34 -------- d-----w- c:\windows\WindowsMobile
2012-01-04 12:01 . 2012-01-04 12:01 -------- d-----w- c:\program files\iPod
2012-01-04 12:01 . 2012-01-05 13:46 -------- d-----w- c:\program files\iTunes
2012-01-04 01:52 . 2012-01-04 02:04 -------- d-----w- c:\programdata\AVerTV 3D
2012-01-04 01:49 . 2011-03-29 17:46 106496 ----a-w- c:\windows\system32\CardID.dll
2012-01-04 01:49 . 2007-02-08 20:09 49152 ----a-w- c:\windows\system32\AVerIO.dll
2012-01-04 01:49 . 2005-04-29 02:08 3456 ----a-w- c:\windows\system32\AVerIO.sys
2012-01-04 01:49 . 2011-06-01 18:55 421888 ----a-w- c:\windows\system32\sptlib02.dll
2012-01-04 01:49 . 2011-05-12 18:52 614400 ----a-w- c:\windows\system32\sptlib21.dll
2012-01-04 01:49 . 2010-06-24 21:10 307200 ----a-w- c:\windows\system32\sptlib03.dll
2012-01-04 01:49 . 2010-06-24 21:10 311296 ----a-w- c:\windows\system32\sptlib01.dll
2012-01-04 01:49 . 2010-05-19 18:39 307200 ----a-w- c:\windows\system32\sptlib22.dll
2012-01-04 01:49 . 2009-09-04 22:47 135168 ----a-w- c:\windows\system32\sptlib12.dll
2012-01-04 01:49 . 2009-07-03 02:38 294912 ----a-w- c:\windows\system32\sptlib11.dll
2012-01-04 01:49 . 2012-01-04 01:49 -------- d-----w- c:\program files\Common Files\AVerMedia
2012-01-03 13:28 . 2012-01-03 14:30 -------- d-----w- c:\programdata\AVerTV
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2012-01-03 01:41 . 2012-01-03 19:32 -------- d-----w- c:\users\Ichiro\AppData\Local\Facebook
2011-12-29 15:21 . 2011-12-29 15:49 -------- d-----w- c:\program files\Microsoft Works
2011-12-29 15:17 . 2011-12-29 15:17 -------- d-----r- C:\MSOCache
2011-12-26 18:01 . 2011-12-26 18:01 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2011-12-24 22:41 . 2011-12-24 22:41 16904 ----a-w- c:\windows\system32\drivers\KLMD.sys
2011-12-24 16:03 . 2010-11-25 11:37 138752 ----a-w- c:\windows\system\glide3x.dll
2011-12-14 10:16 . 2011-12-14 10:16 -------- d-----w- c:\windows\Corel
2011-12-14 10:13 . 2011-12-14 10:13 -------- d-----w- c:\program files\Corel
2011-12-14 10:13 . 2011-12-14 10:13 -------- d-----w- c:\program files\Common Files\Corel
2011-12-13 22:33 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-13 22:33 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-13 22:33 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-13 22:33 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-13 22:33 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-13 22:33 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 18:26 . 2011-12-13 18:43 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-11 02:34 . 2012-01-11 02:34 224768 ----a-w- c:\windows\system32\schannel.dll
2011-12-22 22:12 . 2011-10-11 01:15 49240 ----a-w- c:\windows\system32\drivers\stdriver32.sys
2011-12-20 16:59 . 2010-10-18 00:49 249856 ------w- c:\windows\Setup1.exe
2011-12-20 16:59 . 2010-10-18 00:49 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-08 12:25 . 2011-12-08 12:25 1390730 ----a-w- c:\windows\system32\AutoPartNt.exe
2011-12-07 16:45 . 2009-11-13 08:06 114048 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-11-28 06:20 . 2011-11-28 06:20 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-27 08:21 . 2011-11-27 08:21 21639680 ----a-w- c:\windows\system32\imageres.dll
2011-11-25 11:48 . 2011-11-25 11:48 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-11-24 12:46 . 2011-04-07 12:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-23 05:31 . 2011-11-23 05:31 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-11-21 10:47 . 2012-01-11 02:35 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{970FE0FE-67C3-40F4-ADDB-7B34D1288F05}\mpengine.dll
2011-11-18 09:43 . 2011-05-24 09:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-15 13:29 . 2009-11-05 19:43 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-19 21:15 . 2011-11-26 00:16 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-18 18:53 . 2011-12-09 13:33 3546664 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-10-18 17:10 . 2011-12-09 13:33 83048 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-10-18 14:57 . 2011-12-09 13:33 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
2011-10-18 12:47 . 2011-12-09 13:33 1329768 ----a-w- c:\windows\system32\RtkApoApi.dll
2011-10-18 10:05 . 2011-12-09 13:33 2276968 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-10-18 00:39 . 2011-10-18 00:39 32824 ----a-w- c:\windows\system32\drivers\psadd.sys
2011-10-17 16:30 . 2011-12-09 13:33 4238440 ----a-w- c:\windows\system32\RtkAPO.dll
2011-10-14 12:43 . 2011-12-09 13:33 1873920 ----a-w- c:\windows\system32\RCoRes.dat
2012-01-10 20:59 . 2011-04-05 18:18 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-10-14 14:01 . 2010-01-09 18:04 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-11-12 1647448]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 PfFilter;PfFilter; [x]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2009-12-08 437888]
R3 BTCOM;Bluetooth Serial port driver; [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
R3 btmaux;Intel Bluetooth Auxiliary Service; [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-08-02 45736]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 KLMD;KLMD;c:\windows\system32\Drivers\KLMD.sys [2011-12-24 16904]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-01-11 40776]
R3 netw5v32;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-05-31 6638080]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent; [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic; [x]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [2006-08-29 32377]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-22 15488]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2007-02-15 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2008-11-12 12288]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS [2011-07-25 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS [2011-09-27 897656]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [2011-12-23 820344]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys [2011-08-08 132744]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-14 218688]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120110.002\IDSvix86.sys [2012-01-10 368248]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS [2011-07-26 149624]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1302000.00A\SYMNETS.SYS [2011-07-26 314488]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-10 490840]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-28 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe [2011-08-10 138760]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-08-25 525352]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-08-25 76328]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-08-25 33832]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-01-11 106104]
S3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
S3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [2011-12-22 49240]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-07-02 38336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-17 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-09-28 08:50]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310103756-262067671-4048560824-1001Core.job
- c:\users\Ichiro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-06 07:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel
IE: Od&eslat do aplikace OneNote
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Len ... etect2.cab
FF - ProfilePath - c:\users\Ichiro\AppData\Roaming\Mozilla\Firefox\Profiles\cemb2525.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: network.proxy.ftp - 67.22.224.81
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 67.22.224.81
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 67.22.224.81
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-RescuePRO-3.0 - c:\windows\iun507.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(644)
c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
- - - - - - - > 'Explorer.exe'(3808)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\rundll32.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-12 00:31:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-11 23:31
.
Před spuštěním: Volných bajtů: 23 671 791 616
Po spuštění: Volných bajtů: 23 378 583 552
.
- - End Of File - - 583B28C130C3770CAE2E3CCBB079CA96

Příspěvekod **jaro3** » 12 led 2012 10:14

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Firefox::
FF - ProfilePath - c:\users\Ichiro\AppData\Roaming\Mozilla\Firefox\Profiles\cemb2525.default\
FF - prefs.js: network.proxy.ftp - 67.22.224.81
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - 67.22.224.81
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - 67.22.224.81
FF - prefs.js: network.proxy.http_port - 3128

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR

na svojí plochu.Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu , vlož sem celý obsak toho logu.

Ichiro · Příspěvekod **Ichiro** » 12 led 2012 14:18

Systém začal nabíhat už normálně a plynule ale vytíženost ramky je pořád stejná. Zkusil jsem v Advanced systemcare znovu použít smart ram a dát hloubkové čištění místo normálního a rázem to pustilo asi 500mb z ramky dole. Bohužel po 15 min systému v klidu se vytíženost ramky zase vrátila o těch 500mb cca zpět. Předem děkuji za pomoc. Přikládám logy.

ComboFix 12-01-12.02 - Ichiro 12.01.2012 13:43:27.4.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3070.1199 [GMT 1:00]
Spuštěný z: c:\users\Ichiro\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ichiro\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-12 do 2012-01-12 )))))))))))))))))))))))))))))))
.
.
2012-01-12 12:54 . 2012-01-12 12:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-12 02:15 . 2011-07-27 00:51 35960 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2012-01-12 01:38 . 2012-01-12 01:38 -------- d-----w- c:\users\Ichiro\AppData\Local\BinaryMark
2012-01-12 01:37 . 2012-01-12 01:37 -------- d-----w- c:\program files\BinaryMark
2012-01-11 23:19 . 2012-01-12 12:54 -------- d-----w- c:\users\Ichiro\AppData\Local\temp
2012-01-11 22:09 . 2012-01-11 22:09 -------- d-----w- c:\users\Ichiro\AppData\Local\Adobe
2012-01-11 22:09 . 2012-01-11 22:09 -------- d-----w- c:\users\Ichiro\AppData\Local\Apps
2012-01-11 22:09 . 2012-01-11 22:09 -------- d-----w- c:\users\Ichiro\AppData\Local\AVerMedia
2012-01-11 21:51 . 2012-01-12 01:47 -------- d-----w- c:\users\Ichiro\AppData\Local\CrashDumps
2012-01-11 21:02 . 2012-01-11 21:02 -------- d-----w- c:\users\Ichiro\AppData\Local\GHISLER
2012-01-11 18:51 . 2012-01-11 18:51 -------- d-----w- c:\program files\CrystalDiskInfo
2012-01-11 12:24 . 2012-01-11 12:24 388096 ----a-r- c:\users\Ichiro\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-11 12:24 . 2012-01-11 12:24 -------- d-----w- c:\program files\Trend Micro
2012-01-11 03:28 . 2012-01-11 03:29 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-11 03:28 . 2012-01-11 03:28 -------- d-----w- c:\users\Ichiro\AppData\Roaming\Malwarebytes
2012-01-11 02:52 . 2012-01-11 02:52 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-11 02:52 . 2012-01-11 02:52 -------- d-----w- c:\program files\Symantec
2012-01-11 02:51 . 2012-01-11 03:06 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-11 02:50 . 2012-01-11 02:51 -------- d-----w- c:\program files\Norton Internet Security
2012-01-11 02:50 . 2012-01-12 00:51 -------- d-----w- c:\program files\NortonInstaller
2012-01-11 02:35 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{970FE0FE-67C3-40F4-ADDB-7B34D1288F05}\mpengine.dll
2012-01-11 02:35 . 2012-01-11 02:35 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 02:34 . 2012-01-11 02:34 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-11 02:34 . 2012-01-11 02:34 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-11 02:34 . 2012-01-11 02:34 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-11 02:34 . 2012-01-11 02:34 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-11 02:34 . 2012-01-11 02:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-11 02:34 . 2012-01-11 02:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 02:34 . 2012-01-11 02:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-11 02:34 . 2012-01-11 02:34 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-11 02:34 . 2012-01-11 02:34 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-11 02:34 . 2012-01-11 02:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-11 02:34 . 2012-01-11 02:34 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 02:34 . 2012-01-11 02:34 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 02:32 . 2012-01-11 02:32 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 01:56 . 2012-01-12 01:22 -------- d-----w- c:\programdata\Norton
2012-01-10 20:59 . 2012-01-10 20:59 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-10 20:59 . 2012-01-10 20:59 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-10 20:59 . 2012-01-10 20:59 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-10 20:59 . 2012-01-10 20:59 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-09 23:45 . 2012-01-09 23:45 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-09 13:59 . 2011-12-22 22:09 187016 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-01-09 13:59 . 2011-12-22 22:09 17032 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-01-09 13:59 . 2011-12-22 22:09 50312 ----a-w- c:\windows\system32\drivers\eubakup.sys
2012-01-09 13:59 . 2011-12-22 22:09 44680 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2012-01-09 13:32 . 2012-01-09 13:32 -------- d-----w- c:\program files\RescuePRO
2012-01-08 02:17 . 2012-01-08 02:17 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-08 01:50 . 2012-01-08 02:11 -------- d-----w- c:\program files\Winnydows
2012-01-06 21:41 . 2012-01-11 21:02 -------- d-----w- c:\program files\Miranda IM
2012-01-06 15:45 . 2012-01-10 19:54 -------- d-----w- c:\users\Ichiro\AppData\Roaming\ICQ
2012-01-06 15:45 . 2012-01-06 15:47 -------- d-----w- c:\program files\ICQ7.7
2012-01-05 12:19 . 2012-01-05 13:00 -------- d-----w- c:\users\Ichiro\.shsh
2012-01-04 12:33 . 2012-01-04 12:34 -------- d-----w- c:\windows\WindowsMobile
2012-01-04 12:01 . 2012-01-04 12:01 -------- d-----w- c:\program files\iPod
2012-01-04 12:01 . 2012-01-05 13:46 -------- d-----w- c:\program files\iTunes
2012-01-04 01:52 . 2012-01-04 02:04 -------- d-----w- c:\programdata\AVerTV 3D
2012-01-04 01:49 . 2011-03-29 17:46 106496 ----a-w- c:\windows\system32\CardID.dll
2012-01-04 01:49 . 2007-02-08 20:09 49152 ----a-w- c:\windows\system32\AVerIO.dll
2012-01-04 01:49 . 2005-04-29 02:08 3456 ----a-w- c:\windows\system32\AVerIO.sys
2012-01-04 01:49 . 2011-06-01 18:55 421888 ----a-w- c:\windows\system32\sptlib02.dll
2012-01-04 01:49 . 2011-05-12 18:52 614400 ----a-w- c:\windows\system32\sptlib21.dll
2012-01-04 01:49 . 2010-06-24 21:10 307200 ----a-w- c:\windows\system32\sptlib03.dll
2012-01-04 01:49 . 2010-06-24 21:10 311296 ----a-w- c:\windows\system32\sptlib01.dll
2012-01-04 01:49 . 2010-05-19 18:39 307200 ----a-w- c:\windows\system32\sptlib22.dll
2012-01-04 01:49 . 2009-09-04 22:47 135168 ----a-w- c:\windows\system32\sptlib12.dll
2012-01-04 01:49 . 2009-07-03 02:38 294912 ----a-w- c:\windows\system32\sptlib11.dll
2012-01-04 01:49 . 2012-01-04 01:49 -------- d-----w- c:\program files\Common Files\AVerMedia
2012-01-03 13:28 . 2012-01-03 14:30 -------- d-----w- c:\programdata\AVerTV
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2012-01-03 01:41 . 2012-01-03 19:32 -------- d-----w- c:\users\Ichiro\AppData\Local\Facebook
2011-12-29 15:21 . 2011-12-29 15:49 -------- d-----w- c:\program files\Microsoft Works
2011-12-29 15:17 . 2011-12-29 15:17 -------- d-----r- C:\MSOCache
2011-12-26 18:01 . 2011-12-26 18:01 -------- d-----w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2011-12-24 22:41 . 2011-12-24 22:41 16904 ----a-w- c:\windows\system32\drivers\KLMD.sys
2011-12-24 16:03 . 2010-11-25 11:37 138752 ----a-w- c:\windows\system\glide3x.dll
2011-12-14 10:16 . 2011-12-14 10:16 -------- d-----w- c:\windows\Corel
2011-12-14 10:13 . 2011-12-14 10:13 -------- d-----w- c:\program files\Corel
2011-12-14 10:13 . 2011-12-14 10:13 -------- d-----w- c:\program files\Common Files\Corel
2011-12-13 22:33 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-13 22:33 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-13 22:33 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-13 22:33 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-13 22:33 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-13 22:33 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-13 18:26 . 2011-12-13 18:43 -------- d-----w- c:\programdata\CorelDRAW Graphics Suite X5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-11 02:34 . 2012-01-11 02:34 224768 ----a-w- c:\windows\system32\schannel.dll
2011-12-22 22:12 . 2011-10-11 01:15 49240 ----a-w- c:\windows\system32\drivers\stdriver32.sys
2011-12-20 16:59 . 2010-10-18 00:49 249856 ------w- c:\windows\Setup1.exe
2011-12-20 16:59 . 2010-10-18 00:49 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-08 12:25 . 2011-12-08 12:25 1390730 ----a-w- c:\windows\system32\AutoPartNt.exe
2011-12-07 16:45 . 2009-11-13 08:06 114048 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-11-28 06:20 . 2011-11-28 06:20 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-27 08:21 . 2011-11-27 08:21 21639680 ----a-w- c:\windows\system32\imageres.dll
2011-11-25 11:48 . 2011-11-25 11:48 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-11-24 12:46 . 2011-04-07 12:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-23 05:31 . 2011-11-23 05:31 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-11-18 09:43 . 2011-05-24 09:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-15 13:29 . 2009-11-05 19:43 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-19 21:15 . 2011-11-26 00:16 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-18 18:53 . 2011-12-09 13:33 3546664 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-10-18 17:10 . 2011-12-09 13:33 83048 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-10-18 14:57 . 2011-12-09 13:33 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
2011-10-18 12:47 . 2011-12-09 13:33 1329768 ----a-w- c:\windows\system32\RtkApoApi.dll
2011-10-18 10:05 . 2011-12-09 13:33 2276968 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-10-18 00:39 . 2011-10-18 00:39 32824 ----a-w- c:\windows\system32\drivers\psadd.sys
2011-10-17 16:30 . 2011-12-09 13:33 4238440 ----a-w- c:\windows\system32\RtkAPO.dll
2012-01-10 20:59 . 2011-04-05 18:18 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-10-14 14:01 . 2010-01-09 18:04 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-11-12 1647448]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 PfFilter;PfFilter; [x]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv.sys [2009-12-08 437888]
R3 BTCOM;Bluetooth Serial port driver; [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
R3 btmaux;Intel Bluetooth Auxiliary Service; [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-08-02 45736]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 KLMD;KLMD;c:\windows\system32\Drivers\KLMD.sys [2011-12-24 16904]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-01-11 40776]
R3 netw5v32;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-05-31 6638080]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent; [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic; [x]
R3 PRODIGY;PRODIGY;c:\windows\system32\Drivers\PRODIGY.SYS [2006-08-29 32377]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-22 15488]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2007-02-15 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1343400]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S0 RRamdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\rramdisk.sys [2008-11-12 12288]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\SYMDS.SYS [2011-07-25 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\SYMEFA.SYS [2011-09-27 897656]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [2011-12-23 820344]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccSetx86.sys [2011-08-08 132744]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-14 218688]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120111.003\IDSvix86.sys [2012-01-10 368248]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\Ironx86.SYS [2011-07-26 149624]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1302000.00A\SYMNETS.SYS [2011-07-26 314488]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-10 490840]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-28 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe [2011-08-10 138760]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-08-25 525352]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-08-25 76328]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-08-25 33832]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-01-11 106104]
S3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
S3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [2011-12-22 49240]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-07-02 38336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1310103756-262067671-4048560824-1001Core.job
- c:\users\Ichiro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-06 07:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel
IE: Od&eslat do aplikace OneNote
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Len ... etect2.cab
FF - ProfilePath - c:\users\Ichiro\AppData\Roaming\Mozilla\Firefox\Profiles\cemb2525.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(656)
c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
Celkový čas: 2012-01-12 13:57:27
ComboFix-quarantined-files.txt 2012-01-12 12:57
.
Před spuštěním: Volných bajtů: 23 969 845 248
Po spuštění: Volných bajtů: 23 879 094 272
.
- - End Of File - - 81C80FFA430492D4963478363D7C956F

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-12 14:16:37
-----------------------------
14:16:37.422 OS Version: Windows 6.1.7601 Service Pack 1
14:16:37.422 Number of processors: 2 586 0xF0D
14:16:37.424 ComputerName: ICHIRO UserName: Ichiro
14:17:16.218 Initialize success
14:17:24.055 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
14:17:24.058 Disk 0 Vendor: FUJITSU_MHW2120BH 00840015 Size: 114473MB BusType: 11
14:17:24.061 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000081
14:17:24.064 Disk 1 Vendor: RICOH 01 Size: 243MB BusType: 0
14:17:24.075 Disk 0 MBR read successfully
14:17:24.079 Disk 0 MBR scan
14:17:24.083 Disk 0 Windows 7 default MBR code
14:17:24.097 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:17:24.108 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114369 MB offset 206896
14:17:24.114 Disk 0 scanning sectors +234436545
14:17:24.204 Disk 0 scanning C:\Windows\system32\drivers
14:17:39.155 Service scanning
14:17:41.134 Modules scanning
14:17:58.519 Disk 0 trace - called modules:
14:17:58.925 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
14:17:58.938 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x871d67c8]
14:17:58.950 3 CLASSPNP.SYS[8cf8759e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x86fcc908]
14:17:58.962 Scan finished successfully
14:18:13.558 Disk 0 MBR has been saved successfully to "C:\Users\Ichiro\Desktop\MBR.dat"
14:18:13.566 The log file has been saved successfully to "C:\Users\Ichiro\Desktop\aswMBR.txt"

Příspěvekod **Žbeky** » 12 led 2012 17:42

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Když si procesy seřadíš podle vytížení paměti, co ti zabírá nejvíc?

Ichiro · Příspěvekod **Ichiro** » 12 led 2012 22:47

Odinstalováno a vyčištěno. Zde screen s procesy http://imageshack.us/photo/my-images/696/procesyw.jpg/
Jak už jsem psal, v procesech toho moc vidět není a součet nedává tolik aby to bylo 2GB ramky i se systémem. Nejsem znalec ale napadá mě, že asi ten program někde něco přepsal v nějakým registru nějakou hodnotu, že si sám systém bere tolik. Nechápu to :( I vpravo dole je vidět, že neběží nic kromě antivirového programu,BT a zvuk. Při tutom stavu si vše bralo 1,2Gb ramky a teď je to 2GB což tomu nerozumím. Nejkrajnější možnost bude hold formát a reinstalace. Jinak moc děkuji za veškeré rady a moc.

Příspěvekod **jaro3** » 12 led 2012 22:54

Možná Ti to nepomůže , mám obavu že je to diskem.

Kontaktuj ještě uživatele MiliNess , aby se Ti ještě kouknul na log z Crystaldiskinfo , nějak se mi to nezdá..

Stáhni si MiniToolBox

a spusť ho.
V okně zaškrtni čtverečky:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
Potom klikni na GO , po chvíli skenu se objeví log s názvem „Result“ , zkopíruj sem celý jeho obsah.

Problém se zahlcováním ramky systémem Vyřešeno

Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systétem

Re: Problém se zahlcováním ramky systétem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Re: Problém se zahlcováním ramky systémem

Kdo je online