Prosím o kontrolu logu - pomalé PC

kultatulion · Příspěvekod **kultatulion** » 03 bře 2012 21:19

Tam toho opravdu víc není, chtěl jsem sem dát soubor, ale nechce mi to vzít příponu txt.

Reklama

Příspěvekod **Žbeky** » 03 bře 2012 21:33

Tak spusť ještě jednou CF bez toho skriptu, jako jsi ho spouštěl poprvé a pak sem dej nový log

kultatulion · Příspěvekod **kultatulion** » 03 bře 2012 21:56

ComboFix 12-03-02.01 - Honza 03.03.2012 21:37:32.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1165 [GMT 1:00]
Spuštěný z: c:\documents and settings\Honza\Plocha\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\wth.dll.old.rar
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\SET20D.tmp
c:\windows\Tasks\AdobeAAMUpdater-1.0-ARGO-Honza.job
c:\windows\Tasks\ASC4_PerformanceMonitor.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\SmartDefrag_Startup.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-03 do 2012-03-03 )))))))))))))))))))))))))))))))
.
.
2012-03-03 19:16 . 2012-03-03 19:16 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2012-03-03 14:51 . 2012-03-03 14:51 -------- d-----w- c:\program files\HD Tune
2012-03-03 10:22 . 2012-03-03 10:22 -------- d-----w- c:\documents and settings\Honza\Data aplikací\Malwarebytes
2012-03-03 10:21 . 2012-03-03 10:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-03-03 10:21 . 2012-03-03 10:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-03 10:21 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-02 23:06 . 2012-03-02 23:06 -------- d-----w- c:\program files\CPUID
2012-03-02 23:06 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2012-03-02 21:46 . 2012-03-03 17:28 -------- d-----w- c:\documents and settings\UpdatusUser.ARGO
2012-03-02 21:36 . 2012-03-02 21:36 -------- d-----w- c:\program files\SystemRequirementsLab
2012-02-29 14:56 . 2012-02-29 14:56 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-02-24 21:41 . 2012-02-24 21:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FLEXnet
2012-02-24 20:46 . 2012-02-24 20:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-02-24 20:33 . 2012-02-24 20:34 -------- d-----w- c:\program files\DWG TrueView 2010
2012-02-21 15:45 . 2012-02-21 15:45 -------- d-----w- c:\documents and settings\Honza\Data aplikací\Ansys
2012-02-19 11:19 . 2012-02-19 11:19 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\Adobe Mini Bridge CS5
2012-02-19 11:19 . 2012-02-19 11:19 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-02-19 10:24 . 2012-02-19 10:24 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\Corel
2012-02-18 17:17 . 2012-02-18 17:17 -------- d-----w- C:\C_DILLA
2012-02-18 16:44 . 2012-02-18 16:44 -------- d-----w- c:\documents and settings\Honza\Data aplikací\Corel
2012-02-18 16:42 . 2012-02-18 16:42 -------- d-----w- c:\program files\Common Files\Corel
2012-02-16 20:01 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 20:01 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-14 21:48 . 2012-02-14 21:48 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\Search Settings
2012-02-13 18:05 . 2012-02-13 18:05 -------- d-----w- c:\documents and settings\Honza\Data aplikací\All Free 3GP Video Converter
2012-02-13 18:05 . 2005-05-18 10:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2012-02-13 18:05 . 2005-05-17 11:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2012-02-13 18:05 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2012-02-13 18:05 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2012-02-13 18:05 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2012-02-13 18:05 . 2002-01-05 15:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2012-02-13 18:05 . 2012-02-13 18:05 -------- d-----w- c:\program files\All Free 3GP Video Converter
2012-02-03 15:57 . 2012-02-15 14:06 -------- d-----w- c:\documents and settings\Honza\Data aplikací\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-03 09:50 . 2011-10-19 16:32 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS
2012-02-10 15:39 . 2011-06-20 15:20 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-10 04:10 . 2011-08-28 16:10 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-10 04:10 . 2011-08-28 16:10 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-10 04:10 . 2011-06-18 12:16 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-10 04:10 . 2011-06-18 12:16 5918720 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-10 04:10 . 2011-06-18 12:16 2522944 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-10 04:10 . 2011-06-18 12:16 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-10 04:10 . 2011-06-18 12:16 17534976 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-10 04:10 . 2006-08-11 13:43 2292224 ----a-w- c:\windows\system32\nvapi.dll
2012-02-10 04:10 . 2006-08-11 13:42 18620416 ----a-w- c:\windows\system32\nvoglnt.dll
2012-02-10 04:10 . 2006-08-11 13:42 4309760 ----a-w- c:\windows\system32\nv4_disp.dll
2012-02-10 04:10 . 2006-08-11 13:42 13415040 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-01-12 17:20 . 2008-04-14 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:42 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\C_DILLA ----
.
2000-05-11 19:38 . 2000-05-11 19:38 129536 ----a-w- c:\c_dilla\setup\cdains32.dll
2000-03-10 01:51 . 2000-03-10 01:51 79200 ----a-w- c:\c_dilla\setup\cdunin16.exe
2000-03-10 01:51 . 2000-03-10 01:51 53248 ----a-w- c:\c_dilla\setup\cdremove.exe
2000-03-10 01:51 . 2000-03-10 01:51 84736 ----a-w- c:\c_dilla\setup\cdains16.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-03_13.40.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-03 19:44 . 2012-03-03 19:44 16384 c:\windows\Temp\Perflib_Perfdata_a38.dat
+ 2012-03-03 19:42 . 2012-03-03 19:42 16384 c:\windows\Temp\Perflib_Perfdata_28c.dat
+ 2009-11-04 20:23 . 2010-07-05 13:13 18296 c:\windows\system32\spmsg.dll
- 2009-11-04 20:23 . 2007-11-30 04:39 18296 c:\windows\system32\spmsg.dll
+ 2009-10-07 19:29 . 2011-08-16 10:45 6144 c:\windows\system32\dllcache\iecompat.dll
+ 2012-03-03 17:15 . 2010-10-18 11:10 7680 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll
- 2008-04-14 12:00 . 2011-03-04 06:36 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-04-14 12:00 . 2011-10-28 16:07 726528 c:\windows\system32\dllcache\jscript.dll
+ 2012-03-03 17:16 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2632503-IE8\spuninst\updspapi.dll
+ 2012-03-03 17:16 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2632503-IE8\spuninst\spuninst.exe
+ 2012-03-03 17:16 . 2011-03-04 06:36 726528 c:\windows\ie8updates\KB2632503-IE8\jscript.dll
+ 2012-03-03 17:15 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll
+ 2012-03-03 17:15 . 2010-02-22 14:20 233848 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-23 2615624]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-23 906648]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-23 140568]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-09-18 880640]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-11-09 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616]
"CorelDRAW Graphics Suite 11b"="d:\corel\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]
"NvMediaCenter"="NvMCTray.dll" [2012-02-10 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Verča a Dušan\Nabídka Start\Programy\Po spuštění\
CompControl 2.01.lnk - c:\program files\CompControl 2.01\control.exe [2003-10-4 36864]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
path=c:\documents and settings\Honza\Nabídka Start\Programy\Po spuštění\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^Zástupce - CompControl.lnk]
path=c:\documents and settings\Honza\Nabídka Start\Programy\Po spuštění\Zástupce - CompControl.lnk
backup=c:\windows\pss\Zástupce - CompControl.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\hry\\IL2\\il2fb.exe"=
"c:\\xampp\\apache\\bin\\httpd.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2.6.2011 7:38 13496]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.10.2009 16:57 721904]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1109000.00C\symds.sys [12.10.2011 14:40 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1109000.00C\symefa.sys [12.10.2011 14:40 173176]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [12.1.2012 15:07 19496]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120215.001\BHDrvx86.sys [16.2.2012 19:32 820344]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1109000.00C\cchpx86.sys [12.10.2011 14:40 485512]
R1 SafDskNT;SafeHouse;c:\windows\system32\drivers\SafDskNT.sys [4.3.2009 23:03 77824]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1109000.00C\ironx86.sys [12.10.2011 14:40 116784]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [25.1.2010 18:42 123280]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [25.1.2010 18:42 41616]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [18.6.2011 7:43 353168]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [21.2.2010 20:08 29416]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [15.10.2009 14:06 223464]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [3.3.2012 0:06 21992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.2.2012 17:38 1373576]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe [12.10.2011 14:40 126400]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2.3.2012 22:46 2348352]
R2 RHDISK;RHDISK;c:\program files\Rohos\rhdisk.sys [4.5.2011 15:19 33280]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120301.002\IDSXpx86.sys [2.3.2012 21:47 356280]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [17.12.2009 15:02 99152]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [17.12.2009 14:02 110096]
S2 gupdate1ca5f1d9d2bc664;Služba Google Update (gupdate1ca5f1d9d2bc664);c:\program files\Google\Update\GoogleUpdate.exe [6.11.2009 21:13 133104]
S2 Rohos Disk;Rohos Disk service;c:\program files\Rohos\agent.exe [4.5.2011 15:19 801080]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12.1.2012 14:34 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 EraserUtilDrvI10;EraserUtilDrvI10;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI10.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI10.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6.11.2009 21:13 133104]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\gf1ljr6u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\documents and settings\Honza\Local Settings\Data aplikací\Akamai\netsession_win.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-03 21:45
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-299502267-1770027372-1417001333-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:55,74,b7,71,da,3e,c2,59,64,f8,30,f2,fb,bb,b8,12,b7,b3,12,2a,b7,67,7c,
e9,4e,13,64,66,8b,b1,15,56,e5,2e,68,3e,39,83,21,e0,9c,75,42,69,45,0c,a0,e0,\
"??"=hex:f4,51,d9,5a,bf,43,4c,64,b1,78,cc,cb,0b,ff,b9,b9
.
[HKEY_USERS\S-1-5-21-299502267-1770027372-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:f5,39,2f,7a,95,7e,c4,26,62,dd,a9,54,e4,55,19,18,1c,72,76,6a,f1,
de,15,d1,ab,b1,97,42,d1,73,45,c7,72,cc,8b,03,0b,4a,05,b1,ba,d2,26,b0,03,a0,\
"rkeysecu"=hex:83,a0,de,d5,89,91,3e,59,58,59,87,d8,07,01,ae,47
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(740)
c:\windows\system32\nvappfilter.dll
.
- - - - - - - > 'explorer.exe'(5020)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-03-03 21:47:27
ComboFix-quarantined-files.txt 2012-03-03 20:47
ComboFix2.txt 2012-03-03 13:49
.
Před spuštěním: 6 693 167 104
Po spuštění: 6 672 416 768
.
- - End Of File - - D1A2EC9F6F9FB7E36EEBAE6B8B73955E

Příspěvekod **Žbeky** » 04 bře 2012 09:01

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Driver::
AppleChargerSrv
EraserUtilDrvI10

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

kultatulion · Příspěvekod **kultatulion** » 04 bře 2012 11:46

Dobrý den, posílám další Log:

ComboFix 12-03-02.01 - Honza 04.03.2012 11:28:25.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1084 [GMT 1:00]
Spuštěný z: c:\documents and settings\Honza\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honza\Plocha\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ERASERUTILDRVI10
-------\Service_AppleChargerSrv
-------\Service_EraserUtilDrvI10
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-04 do 2012-03-04 )))))))))))))))))))))))))))))))
.
.
2012-03-03 19:16 . 2012-03-03 19:16 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2012-03-03 14:51 . 2012-03-03 14:51 -------- d-----w- c:\program files\HD Tune
2012-03-03 10:22 . 2012-03-03 10:22 -------- d-----w- c:\documents and settings\Honza\Data aplikací\Malwarebytes
2012-03-03 10:21 . 2012-03-03 10:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-03-03 10:21 . 2012-03-03 10:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-03 10:21 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-02 23:06 . 2012-03-02 23:06 -------- d-----w- c:\program files\CPUID
2012-03-02 23:06 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2012-03-02 21:46 . 2012-03-03 17:28 -------- d-----w- c:\documents and settings\UpdatusUser.ARGO
2012-03-02 21:36 . 2012-03-02 21:36 -------- d-----w- c:\program files\SystemRequirementsLab
2012-02-29 14:56 . 2012-02-29 14:56 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-02-24 21:41 . 2012-02-24 21:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FLEXnet
2012-02-24 20:46 . 2012-02-24 20:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-02-24 20:33 . 2012-02-24 20:34 -------- d-----w- c:\program files\DWG TrueView 2010
2012-02-21 15:45 . 2012-02-21 15:45 -------- d-----w- c:\documents and settings\Honza\Data aplikací\Ansys
2012-02-19 11:19 . 2012-02-19 11:19 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\Adobe Mini Bridge CS5
2012-02-19 11:19 . 2012-02-19 11:19 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-02-19 10:24 . 2012-02-19 10:24 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\Corel
2012-02-18 17:17 . 2012-02-18 17:17 -------- d-----w- C:\C_DILLA
2012-02-18 16:44 . 2012-02-18 16:44 -------- d-----w- c:\documents and settings\Honza\Data aplikací\Corel
2012-02-18 16:42 . 2012-02-18 16:42 -------- d-----w- c:\program files\Common Files\Corel
2012-02-16 20:01 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 20:01 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-14 21:48 . 2012-02-14 21:48 -------- d-----w- c:\documents and settings\Verča a Dušan\Data aplikací\Search Settings
2012-02-13 18:05 . 2012-02-13 18:05 -------- d-----w- c:\documents and settings\Honza\Data aplikací\All Free 3GP Video Converter
2012-02-13 18:05 . 2005-05-18 10:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2012-02-13 18:05 . 2005-05-17 11:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2012-02-13 18:05 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2012-02-13 18:05 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2012-02-13 18:05 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2012-02-13 18:05 . 2002-01-05 15:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2012-02-13 18:05 . 2012-02-13 18:05 -------- d-----w- c:\program files\All Free 3GP Video Converter
2012-02-03 15:57 . 2012-02-15 14:06 -------- d-----w- c:\documents and settings\Honza\Data aplikací\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-03 09:50 . 2011-10-19 16:32 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS
2012-02-10 15:39 . 2011-06-20 15:20 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-10 04:10 . 2011-08-28 16:10 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-10 04:10 . 2011-08-28 16:10 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-10 04:10 . 2011-06-18 12:16 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-10 04:10 . 2011-06-18 12:16 5918720 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-10 04:10 . 2011-06-18 12:16 2522944 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-10 04:10 . 2011-06-18 12:16 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-10 04:10 . 2011-06-18 12:16 17534976 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-10 04:10 . 2006-08-11 13:43 2292224 ----a-w- c:\windows\system32\nvapi.dll
2012-02-10 04:10 . 2006-08-11 13:42 18620416 ----a-w- c:\windows\system32\nvoglnt.dll
2012-02-10 04:10 . 2006-08-11 13:42 4309760 ----a-w- c:\windows\system32\nv4_disp.dll
2012-02-10 04:10 . 2006-08-11 13:42 13415040 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-01-12 17:20 . 2008-04-14 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:42 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-03_13.40.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-04 10:40 . 2012-03-04 10:40 16384 c:\windows\Temp\Perflib_Perfdata_bfc.dat
+ 2012-03-04 10:38 . 2012-03-04 10:38 16384 c:\windows\Temp\Perflib_Perfdata_480.dat
+ 2009-11-04 20:23 . 2010-07-05 13:13 18296 c:\windows\system32\spmsg.dll
- 2009-11-04 20:23 . 2007-11-30 04:39 18296 c:\windows\system32\spmsg.dll
+ 2009-10-07 19:29 . 2011-08-16 10:45 6144 c:\windows\system32\dllcache\iecompat.dll
+ 2012-03-03 17:15 . 2010-10-18 11:10 7680 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll
- 2008-04-14 12:00 . 2011-03-04 06:36 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-04-14 12:00 . 2011-10-28 16:07 726528 c:\windows\system32\dllcache\jscript.dll
+ 2012-03-03 17:16 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2632503-IE8\spuninst\updspapi.dll
+ 2012-03-03 17:16 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2632503-IE8\spuninst\spuninst.exe
+ 2012-03-03 17:16 . 2011-03-04 06:36 726528 c:\windows\ie8updates\KB2632503-IE8\jscript.dll
+ 2012-03-03 17:15 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll
+ 2012-03-03 17:15 . 2010-02-22 14:20 233848 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-23 2615624]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-23 906648]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-23 140568]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-09-18 880640]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-11-09 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616]
"CorelDRAW Graphics Suite 11b"="d:\corel\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]
"NvMediaCenter"="NvMCTray.dll" [2012-02-10 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Verča a Dušan\Nabídka Start\Programy\Po spuštění\
CompControl 2.01.lnk - c:\program files\CompControl 2.01\control.exe [2003-10-4 36864]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
path=c:\documents and settings\Honza\Nabídka Start\Programy\Po spuštění\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^Zástupce - CompControl.lnk]
path=c:\documents and settings\Honza\Nabídka Start\Programy\Po spuštění\Zástupce - CompControl.lnk
backup=c:\windows\pss\Zástupce - CompControl.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\hry\\IL2\\il2fb.exe"=
"c:\\xampp\\apache\\bin\\httpd.exe"=
"c:\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2.6.2011 7:38 13496]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.10.2009 16:57 721904]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1109000.00C\symds.sys [12.10.2011 14:40 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1109000.00C\symefa.sys [12.10.2011 14:40 173176]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [12.1.2012 15:07 19496]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120215.001\BHDrvx86.sys [16.2.2012 19:32 820344]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1109000.00C\cchpx86.sys [12.10.2011 14:40 485512]
R1 SafDskNT;SafeHouse;c:\windows\system32\drivers\SafDskNT.sys [4.3.2009 23:03 77824]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1109000.00C\ironx86.sys [12.10.2011 14:40 116784]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [25.1.2010 18:42 123280]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [25.1.2010 18:42 41616]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [18.6.2011 7:43 353168]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [21.2.2010 20:08 29416]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [15.10.2009 14:06 223464]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [3.3.2012 0:06 21992]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.2.2012 17:38 1373576]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe [12.10.2011 14:40 126400]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2.3.2012 22:46 2348352]
R2 RHDISK;RHDISK;c:\program files\Rohos\rhdisk.sys [4.5.2011 15:19 33280]
R2 Rohos Disk;Rohos Disk service;c:\program files\Rohos\agent.exe [4.5.2011 15:19 801080]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [3.3.2012 21:51 106104]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120303.003\IDSXpx86.sys [3.3.2012 21:51 356280]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [17.12.2009 15:02 99152]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [17.12.2009 14:02 110096]
S2 gupdate1ca5f1d9d2bc664;Služba Google Update (gupdate1ca5f1d9d2bc664);c:\program files\Google\Update\GoogleUpdate.exe [6.11.2009 21:13 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12.1.2012 14:34 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6.11.2009 21:13 133104]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\gf1ljr6u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: GamePlayLabs Plugin: plugin2@gameplaylabs.com - %profile%\extensions\plugin2@gameplaylabs.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-04 11:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-299502267-1770027372-1417001333-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:55,74,b7,71,da,3e,c2,59,64,f8,30,f2,fb,bb,b8,12,b7,b3,12,2a,b7,67,7c,
e9,4e,13,64,66,8b,b1,15,56,e5,2e,68,3e,39,83,21,e0,9c,75,42,69,45,0c,a0,e0,\
"??"=hex:f4,51,d9,5a,bf,43,4c,64,b1,78,cc,cb,0b,ff,b9,b9
.
[HKEY_USERS\S-1-5-21-299502267-1770027372-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:f5,39,2f,7a,95,7e,c4,26,62,dd,a9,54,e4,55,19,18,1c,72,76,6a,f1,
de,15,d1,ab,b1,97,42,d1,73,45,c7,72,cc,8b,03,0b,4a,05,b1,ba,d2,26,b0,03,a0,\
"rkeysecu"=hex:83,a0,de,d5,89,91,3e,59,58,59,87,d8,07,01,ae,47
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(748)
c:\windows\system32\nvappfilter.dll
.
- - - - - - - > 'explorer.exe'(4408)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
d:\honzík\Instant server\mt2\ha_VirtualPC2007SP1_setup\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\DRIVERS\CDANTSRV.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
.
**************************************************************************
.
Celkový čas: 2012-03-04 11:44:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-04 10:44
ComboFix2.txt 2012-03-03 20:47
ComboFix3.txt 2012-03-03 13:49
.
Před spuštěním: 6 672 150 528
Po spuštění: 6 649 950 208
.
- - End Of File - - 468F2A50DC9DAD9E7C89C4B6816FCE80

Příspěvekod **memphisto** » 04 bře 2012 17:38

Máš málo místa na systémovém disku. To může způsobovat zpomalení.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+HJT

Jak se chová PC?

kultatulion · Příspěvekod **kultatulion** » 04 bře 2012 21:49

Zdá se, že to je rychlejší, ještě Log z HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:48, on 4.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\xampp\mysql\bin\mysqld.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
D:\Honzík\Stahování\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ::1 localhost
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] D:\corel\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=031912 serial=DR12CNC-8322248-NFT lang=CZ
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-299502267-1770027372-1417001333-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Služba Google Update (gupdate1ca5f1d9d2bc664) (gupdate1ca5f1d9d2bc664) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Rohos Disk service (Rohos Disk) - Tesline-Service SRL - C:\Program Files\Rohos\agent.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 10650 bytes

Příspěvekod **jaro3** » 04 bře 2012 22:18

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (file missing)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

kultatulion · Příspěvekod **kultatulion** » 05 bře 2012 18:32

Počítač už zase chodí celkem slušně, akorát se mi po čistce některé stránky nezobrazují jak mají (např. Facebook mám veškerý text namačkaný vlevo a jinak je celá stránka bílá). Bude to pravděpodobně chyba v javaskriptech, ale javu jsem si podle instrukcí nainstaloval... :dontgetit:

Příspěvekod **jaro3** » 05 bře 2012 19:40

Odinstaloval si všechny ostatní verze?

kultatulion · Příspěvekod **kultatulion** » 05 bře 2012 20:45

Pokud jsem dobře koukal, tak jo.

Příspěvekod **jaro3** » 05 bře 2012 22:42

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Re: Prosím o kontrolu logu - pomalé PC

Kdo je online