Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100%)

gazebo · Příspěvekod **gazebo** » 10 říj 2010 23:35

El Diablo píše:Zkontroluj PIO/DMA mode viz podpis.

Zkontrolovano, i jsem radice odinstaloval a po restartu si pc natahl novy ovladace...bez efektu.
Ale diky.

Reklama

gazebo · Příspěvekod **gazebo** » 10 říj 2010 23:40

Odinstaloval jsem Pandu...asi s ni neco nebylo v poradku protoze se mi po dvokliku v tray nechtela otevrit, nebylo mozno provest scan.
Nainstaloval jsem Aviru. Uvidime jestli se to nejak projevi...na soudy je myslim jeste brzy.

Příspěvekod **memphisto** » 11 říj 2010 10:39

Vypni rezidentní ochrany a udělej aktuální Combofix.

gazebo · Příspěvekod **gazebo** » 16 říj 2010 14:05

Sorrky za mensi pauzicku...mel jsem neco na praci.

Tady je log.

((((((((((((((((((((((((( Soubory vytvořené od 2010-09-16 do 2010-10-16 )))))))))))))))))))))))))))))))
.

2010-10-15 11:39 . 2010-10-15 11:39 -------- d-----w- C:\ATI
2010-10-15 05:40 . 2010-10-15 05:40 -------- d-----w- c:\program files\Common Files\Skype
2010-10-15 04:59 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-10-14 08:09 . 2010-10-14 08:09 1409 ----a-w- c:\windows\QTFont.for
2010-10-12 19:45 . 2010-10-12 19:45 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\AOL
2010-10-12 19:45 . 2010-10-12 19:47 -------- d-----w- c:\program files\ICQ7.2
2010-10-12 17:43 . 2010-10-12 17:43 -------- d-----w- c:\program files\Microsoft Silverlight
2010-10-11 21:25 . 2010-10-11 21:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InstallShield
2010-10-10 21:36 . 2010-10-10 21:36 -------- d-----w- c:\documents and settings\Petr\Data aplikací\Avira
2010-10-10 21:29 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-10-10 21:29 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-10-10 21:29 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-10-10 21:29 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-10-10 21:29 . 2010-10-10 21:29 -------- d-----w- c:\program files\Avira
2010-10-10 21:29 . 2010-10-10 21:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2010-10-10 19:59 . 2010-08-27 13:02 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-10-10 19:59 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-10-10 19:58 . 2010-10-10 19:59 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-10-09 22:59 . 2010-10-09 22:59 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-09 22:56 . 2010-10-09 22:56 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-10-09 22:56 . 2010-10-09 22:56 -------- d-----w- c:\windows\system32\languages
2010-10-09 22:46 . 2010-10-09 22:46 -------- d-----w- c:\program files\Kodek CZ
2010-10-09 08:38 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-09 08:38 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-09 08:38 . 2010-10-09 08:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-09 08:11 . 2010-10-09 22:54 737280 ----a-w- c:\windows\iun6002.exe
2010-10-09 07:47 . 2010-10-09 07:47 -------- d---a-w- c:\windows\rundll16.exe
2010-10-09 07:47 . 2010-10-09 07:47 -------- d---a-w- c:\windows\logo1_.exe
2010-10-09 07:17 . 2010-10-09 07:17 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-10-09 07:17 . 2010-10-09 07:17 -------- d---a-w- c:\windows\logo_1.exe
2010-10-09 07:11 . 2010-10-09 07:11 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-10-09 07:11 . 2010-10-09 07:11 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-10-09 07:10 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2010-10-09 07:10 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2010-10-09 07:10 . 2010-10-09 07:10 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-10-09 07:10 . 2010-10-09 07:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2010-10-08 14:05 . 2010-10-08 14:09 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Adobe
2010-10-08 14:04 . 2010-10-08 14:04 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-10-08 14:01 . 2010-10-08 14:01 -------- d-----w- c:\program files\ESET
2010-10-08 11:07 . 2010-10-08 11:07 -------- d-----w- c:\program files\Free Desktop Clock
2010-10-08 11:04 . 2010-10-08 11:21 -------- d-----w- c:\documents and settings\Petr\Data aplikací\YouTube HD Transfer
2010-10-08 11:01 . 2004-03-08 22:00 212240 ----a-w- c:\windows\system32\richtx32.ocx
2010-10-08 11:01 . 2004-03-08 22:00 124688 ----a-w- c:\windows\system32\MSWINSCK.OCX
2010-10-08 11:00 . 2004-03-08 22:00 609824 ----a-w- c:\windows\system32\COMCTL32.OCX
2010-10-08 11:00 . 2008-05-14 00:28 89360 ----a-w- c:\windows\system32\vb5db.dll
2010-10-08 10:59 . 2010-10-08 11:04 -------- d-----w- c:\program files\YouTube HD Transfer
2010-10-07 09:56 . 2010-10-09 23:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-06 14:38 . 2010-10-06 14:39 -------- d-----w- c:\program files\Common Files\PCTV Systems
2010-10-06 14:38 . 2010-10-06 14:38 -------- d-----w- c:\program files\PCTV Systems
2010-10-06 13:02 . 2010-10-06 15:17 -------- d-----w- c:\program files\Microsoft Works
2010-10-06 12:57 . 2010-10-06 12:58 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-10-06 12:56 . 2010-10-06 13:01 -------- d-----w- c:\windows\SHELLNEW
2010-10-06 12:56 . 2010-10-06 12:56 -------- d-----r- C:\MSOCache
2010-10-06 10:50 . 2010-10-06 10:50 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\TvDigital
2010-10-06 10:17 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-10-06 10:17 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-10-06 10:16 . 2010-10-06 10:16 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\PCTV Systems
2010-10-06 10:14 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-10-06 10:14 . 2008-04-13 22:16 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
2010-10-06 10:12 . 2007-10-19 12:22 13824 ----a-w- c:\windows\system32\drivers\modrc.sys
2010-10-06 10:12 . 2006-09-08 13:52 53248 ----a-w- c:\windows\system32\ModrcCoInstall.dll
2010-10-06 10:09 . 2010-10-06 14:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PCTV Systems
2010-10-06 10:07 . 2010-04-23 11:23 859648 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-10-06 10:07 . 2008-04-14 06:52 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2010-10-06 10:07 . 2008-04-14 06:52 61952 ----a-w- c:\windows\system32\kstvtune.ax
2010-10-06 10:07 . 2008-04-14 06:52 28672 ----a-w- c:\windows\system32\vidcap.ax
2010-10-06 10:07 . 2008-04-14 06:52 43008 ----a-w- c:\windows\system32\ksxbar.ax
2010-10-06 10:07 . 2008-04-14 06:52 18432 ----a-w- c:\windows\system32\BdaPlgIn.ax
2010-10-06 10:07 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-10-06 10:07 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-10-06 10:07 . 2008-04-13 22:16 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-10-06 10:07 . 2008-04-13 22:16 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys
2010-10-02 20:51 . 2010-10-02 20:51 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\Cyberlink
2010-10-02 20:51 . 2010-10-02 20:55 -------- d-----w- c:\documents and settings\Petr\Data aplikací\CyberLink
2010-10-02 20:44 . 2010-10-09 07:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CyberLink
2010-10-02 20:43 . 2010-10-02 20:43 -------- d-----w- c:\program files\Common Files\CyberLink
2010-10-02 20:40 . 2010-10-02 20:44 -------- d-----w- c:\program files\CyberLink
2010-10-01 13:57 . 2010-10-01 13:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVS4YOU
2010-10-01 13:53 . 2010-10-01 14:05 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-10-01 13:52 . 2008-11-24 10:00 82944 ----a-w- c:\windows\system32\vct3216.acm
2010-10-01 13:52 . 2008-11-24 10:00 38912 ----a-w- c:\windows\system32\alf2cd.acm
2010-10-01 13:52 . 2008-11-24 10:00 13239 ----a-w- c:\windows\system32\Scg726.acm
2010-10-01 13:52 . 2008-11-24 10:00 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2010-10-01 13:52 . 2008-11-24 10:00 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-10-01 13:52 . 2008-11-24 10:00 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-10-01 13:52 . 2008-11-24 10:00 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-10-01 13:52 . 2008-11-24 10:00 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-10-01 13:52 . 2010-10-01 14:05 -------- d-----w- c:\program files\AVS4YOU
2010-10-01 13:47 . 2010-10-01 13:47 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\Speedchecker
2010-10-01 09:17 . 2010-10-01 09:17 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\2K Games
2010-10-01 09:15 . 2010-10-01 09:15 -------- d-----w- c:\program files\NVIDIA Corporation
2010-10-01 09:15 . 2010-10-06 13:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-01 09:13 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-10-01 09:01 . 2010-10-01 09:01 -------- d-----w- c:\program files\2K Games
2010-10-01 07:11 . 2010-10-01 07:11 -------- d-----w- c:\program files\xrecode II
2010-09-26 08:11 . 2010-09-26 08:11 -------- d-----w- c:\program files\DjVuZone
2010-09-25 23:02 . 2010-09-25 23:02 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2010-09-25 21:09 . 2010-09-25 21:09 -------- d-----w- c:\windows\system32\GroupPolicy
2010-09-24 07:50 . 2010-09-24 07:50 -------- d-----w- c:\documents and settings\Petr\Data aplikací\SurfSecret Privacy Suite
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2010-09-18 19:29 . 2010-09-18 19:29 -------- d-----w- c:\program files\Medieval Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2010-07-24 2645528]
"Kalendar"="c:\program files\Kalendar\kalendar.exe" [2005-11-09 580608]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"CTSysVol"="c:\program files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MediaKey"="c:\progra~1\MediaKey\MMKeybd.EXE" [2003-01-17 172032]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-29 2500552]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2010-06-28 75048]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
EasySetPackage.lnk - c:\program files\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2010-10-11 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^PHOTOfunSTUDIO 5.0.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\PHOTOfunSTUDIO 5.0.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 5.0.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-28 16:09 136176 ----atw- c:\documents and settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-01-31 21:13 385024 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"UpdReg"=c:\windows\UpdReg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [4.6.2010 11:55 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [1.6.2010 19:00 25240]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/02 22:44];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [28.6.2010 22:50 87536]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10.10.2010 23:29 135336]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [24.7.2010 2:51 1386008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [27.8.2010 14:59 1051968]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10.5.2010 11:33 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10.5.2010 11:32 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10.5.2010 11:32 482304]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [9.8.2010 21:13 27632]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [24.2.2010 14:41 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [9.8.2010 20:49 90112]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [9.8.2010 21:13 13224]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [10.3.2010 8:18 24216]
S3 LGDDCDevice;LGDDCDevice;c:\windows\system32\LGI2CDriver.sys [11.10.2010 23:24 16384]
S3 LGII2CDevice;LGII2CDevice;c:\windows\system32\LGPII2CDriver.sys [11.10.2010 23:24 19456]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;"c:\program files\Microsoft Office\Office14\GROOVE.EXE" /auditservice --> c:\program files\Microsoft Office\Office14\GROOVE.EXE [?]
S3 osppsvc;Office Software Protection Platform;"c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" --> c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [9.8.2010 20:51 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [9.8.2010 20:51 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [9.8.2010 20:51 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [9.8.2010 20:51 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [9.8.2010 20:51 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [9.8.2010 20:51 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [9.8.2010 20:51 115752]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [25.7.2010 0:04 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-10-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\4vubzabv.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda ... 1_0yatb&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-connections-per-server - 8
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(824)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(288)
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Celkový čas: 2010-10-16 14:01:18
ComboFix-quarantined-files.txt 2010-10-16 12:01
ComboFix2.txt 2010-10-10 20:48

Před spuštěním: Volných bajtů: 52 289 511 424
Po spuštění: Volných bajtů: 52 404 170 752

- - End Of File - - 88BC424CCBCC6F2497ADEF79D70E76C0

Příspěvekod **jaro3** » 16 říj 2010 14:58

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\program files\ESET

Driver::
Microsoft SharePoint Workspace Audit Service
osppsvc

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\sfcfiles.dll
c:\windows\system32\LGI2CDriver.sys
c:\windows\system32\LGPII2CDriver.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

gazebo · Příspěvekod **gazebo** » 19 říj 2010 10:33

Soubory uvedene jsem na virustotal nechal skenovat a vsechny jsou ciste...proto sem nedam ani odkaz na vysledek, je to zbytecne.
PC se zda byt uz celkem v poradku. Jen jeste mne trapi jedna vec. Po zapnuti a nabehnuti systemu je obraz roztreseny a nekdy i blika. Prave jsem instaloval nejnovejsi ovladace pro GK a dela to stale. Vetsinou pomuze bud zmenit nastaveni kvality barev na 16 bitu a zpet nebo restart.
Logy z HJT a Combofix jsou zde :

ComboFix 10-10-17.04 - Petr 19.10.2010 0:46.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1341 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petr\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ESET

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_OSPPSVC
-------\Service_Microsoft SharePoint Workspace Audit Service
-------\Service_osppsvc

((((((((((((((((((((((((( Soubory vytvořené od 2010-09-18 do 2010-10-18 )))))))))))))))))))))))))))))))
.

2010-10-15 11:39 . 2010-10-15 11:39 -------- d-----w- C:\ATI
2010-10-15 05:40 . 2010-10-15 05:40 -------- d-----w- c:\program files\Common Files\Skype
2010-10-15 04:59 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-10-14 08:09 . 2010-10-14 08:09 1409 ----a-w- c:\windows\QTFont.for
2010-10-12 19:45 . 2010-10-12 19:45 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\AOL
2010-10-12 19:45 . 2010-10-12 19:47 -------- d-----w- c:\program files\ICQ7.2
2010-10-12 17:43 . 2010-10-12 17:43 -------- d-----w- c:\program files\Microsoft Silverlight
2010-10-11 21:25 . 2010-10-11 21:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InstallShield
2010-10-10 21:36 . 2010-10-10 21:36 -------- d-----w- c:\documents and settings\Petr\Data aplikací\Avira
2010-10-10 21:29 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-10-10 21:29 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-10-10 21:29 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-10-10 21:29 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-10-10 21:29 . 2010-10-10 21:29 -------- d-----w- c:\program files\Avira
2010-10-10 21:29 . 2010-10-10 21:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2010-10-10 19:59 . 2010-08-27 13:02 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-10-10 19:59 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-10-10 19:58 . 2010-10-10 19:59 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-10-09 22:59 . 2010-10-09 22:59 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-09 22:56 . 2010-10-09 22:56 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-10-09 22:56 . 2010-10-09 22:56 -------- d-----w- c:\windows\system32\languages
2010-10-09 22:46 . 2010-10-09 22:46 -------- d-----w- c:\program files\Kodek CZ
2010-10-09 08:38 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-09 08:38 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-09 08:38 . 2010-10-09 08:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-09 08:11 . 2010-10-09 22:54 737280 ----a-w- c:\windows\iun6002.exe
2010-10-09 07:47 . 2010-10-09 07:47 -------- d---a-w- c:\windows\rundll16.exe
2010-10-09 07:47 . 2010-10-09 07:47 -------- d---a-w- c:\windows\logo1_.exe
2010-10-09 07:17 . 2010-10-09 07:17 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-10-09 07:17 . 2010-10-09 07:17 -------- d---a-w- c:\windows\logo_1.exe
2010-10-09 07:11 . 2010-10-09 07:11 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-10-09 07:11 . 2010-10-09 07:11 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-10-09 07:10 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2010-10-09 07:10 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2010-10-09 07:10 . 2010-10-09 07:10 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-10-09 07:10 . 2010-10-09 07:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2010-10-08 14:05 . 2010-10-08 14:09 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Adobe
2010-10-08 14:04 . 2010-10-08 14:04 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-10-08 11:07 . 2010-10-08 11:07 -------- d-----w- c:\program files\Free Desktop Clock
2010-10-08 11:04 . 2010-10-08 11:21 -------- d-----w- c:\documents and settings\Petr\Data aplikací\YouTube HD Transfer
2010-10-08 11:01 . 2004-03-08 22:00 212240 ----a-w- c:\windows\system32\richtx32.ocx
2010-10-08 11:01 . 2004-03-08 22:00 124688 ----a-w- c:\windows\system32\MSWINSCK.OCX
2010-10-08 11:00 . 2004-03-08 22:00 609824 ----a-w- c:\windows\system32\COMCTL32.OCX
2010-10-08 11:00 . 2008-05-14 00:28 89360 ----a-w- c:\windows\system32\vb5db.dll
2010-10-08 10:59 . 2010-10-08 11:04 -------- d-----w- c:\program files\YouTube HD Transfer
2010-10-07 09:56 . 2010-10-09 23:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-06 14:38 . 2010-10-06 14:39 -------- d-----w- c:\program files\Common Files\PCTV Systems
2010-10-06 14:38 . 2010-10-06 14:38 -------- d-----w- c:\program files\PCTV Systems
2010-10-06 13:02 . 2010-10-06 15:17 -------- d-----w- c:\program files\Microsoft Works
2010-10-06 12:57 . 2010-10-06 12:58 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-10-06 12:56 . 2010-10-06 13:01 -------- d-----w- c:\windows\SHELLNEW
2010-10-06 12:56 . 2010-10-06 12:56 -------- d-----r- C:\MSOCache
2010-10-06 10:50 . 2010-10-06 10:50 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\TvDigital
2010-10-06 10:17 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-10-06 10:17 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-10-06 10:16 . 2010-10-06 10:16 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\PCTV Systems
2010-10-06 10:14 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-10-06 10:14 . 2008-04-13 22:16 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
2010-10-06 10:12 . 2007-10-19 12:22 13824 ----a-w- c:\windows\system32\drivers\modrc.sys
2010-10-06 10:12 . 2006-09-08 13:52 53248 ----a-w- c:\windows\system32\ModrcCoInstall.dll
2010-10-06 10:09 . 2010-10-06 14:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PCTV Systems
2010-10-06 10:07 . 2010-04-23 11:23 859648 ----a-w- c:\windows\system32\drivers\mod7700.sys
2010-10-06 10:07 . 2008-04-14 06:52 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2010-10-06 10:07 . 2008-04-14 06:52 61952 ----a-w- c:\windows\system32\kstvtune.ax
2010-10-06 10:07 . 2008-04-14 06:52 28672 ----a-w- c:\windows\system32\vidcap.ax
2010-10-06 10:07 . 2008-04-14 06:52 43008 ----a-w- c:\windows\system32\ksxbar.ax
2010-10-06 10:07 . 2008-04-14 06:52 18432 ----a-w- c:\windows\system32\BdaPlgIn.ax
2010-10-06 10:07 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-10-06 10:07 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-10-06 10:07 . 2008-04-13 22:16 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-10-06 10:07 . 2008-04-13 22:16 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys
2010-10-02 20:51 . 2010-10-02 20:51 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\Cyberlink
2010-10-02 20:51 . 2010-10-02 20:55 -------- d-----w- c:\documents and settings\Petr\Data aplikací\CyberLink
2010-10-02 20:44 . 2010-10-09 07:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CyberLink
2010-10-02 20:43 . 2010-10-02 20:43 -------- d-----w- c:\program files\Common Files\CyberLink
2010-10-02 20:40 . 2010-10-02 20:44 -------- d-----w- c:\program files\CyberLink
2010-10-01 13:57 . 2010-10-01 13:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVS4YOU
2010-10-01 13:53 . 2010-10-01 14:05 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-10-01 13:52 . 2008-11-24 10:00 82944 ----a-w- c:\windows\system32\vct3216.acm
2010-10-01 13:52 . 2008-11-24 10:00 38912 ----a-w- c:\windows\system32\alf2cd.acm
2010-10-01 13:52 . 2008-11-24 10:00 13239 ----a-w- c:\windows\system32\Scg726.acm
2010-10-01 13:52 . 2008-11-24 10:00 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2010-10-01 13:52 . 2008-11-24 10:00 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-10-01 13:52 . 2008-11-24 10:00 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-10-01 13:52 . 2008-11-24 10:00 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-10-01 13:52 . 2008-11-24 10:00 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-10-01 13:52 . 2010-10-01 14:05 -------- d-----w- c:\program files\AVS4YOU
2010-10-01 13:47 . 2010-10-01 13:47 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\Speedchecker
2010-10-01 09:17 . 2010-10-01 09:17 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\2K Games
2010-10-01 09:15 . 2010-10-01 09:15 -------- d-----w- c:\program files\NVIDIA Corporation
2010-10-01 09:15 . 2010-10-06 13:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-01 09:13 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-10-01 09:01 . 2010-10-01 09:01 -------- d-----w- c:\program files\2K Games
2010-10-01 07:11 . 2010-10-01 07:11 -------- d-----w- c:\program files\xrecode II
2010-09-26 08:11 . 2010-09-26 08:11 -------- d-----w- c:\program files\DjVuZone
2010-09-25 23:02 . 2010-09-25 23:02 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2010-09-25 21:09 . 2010-09-25 21:09 -------- d-----w- c:\windows\system32\GroupPolicy
2010-09-24 07:50 . 2010-09-24 07:50 -------- d-----w- c:\documents and settings\Petr\Data aplikací\SurfSecret Privacy Suite
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-10-16_11.47.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-18 22:54 . 2010-10-18 22:54 16384 c:\windows\Temp\Perflib_Perfdata_1e0.dat
+ 2010-09-27 16:50 . 2010-10-16 12:48 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe
- 2010-09-27 16:50 . 2010-10-14 09:53 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe
+ 2010-07-24 01:25 . 2010-10-16 12:48 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2010-07-24 01:25 . 2010-10-14 09:53 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2010-07-24 2645528]
"Kalendar"="c:\program files\Kalendar\kalendar.exe" [2005-11-09 580608]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"CTSysVol"="c:\program files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MediaKey"="c:\progra~1\MediaKey\MMKeybd.EXE" [2003-01-17 172032]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-29 2500552]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2010-06-28 75048]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-31 385024]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
EasySetPackage.lnk - c:\program files\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2010-10-11 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^PHOTOfunSTUDIO 5.0.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\PHOTOfunSTUDIO 5.0.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 5.0.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-28 16:09 136176 ----atw- c:\documents and settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-01-31 21:13 385024 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"UpdReg"=c:\windows\UpdReg.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [4.6.2010 11:55 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [1.6.2010 19:00 25240]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/02 22:44];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [28.6.2010 22:50 87536]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10.10.2010 23:29 135336]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [24.7.2010 2:51 1386008]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [9.8.2010 20:49 90112]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [27.8.2010 14:59 1051968]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10.5.2010 11:33 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10.5.2010 11:32 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10.5.2010 11:32 482304]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [9.8.2010 21:13 27632]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [24.2.2010 14:41 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [9.8.2010 21:13 13224]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [10.3.2010 8:18 24216]
S3 LGDDCDevice;LGDDCDevice;c:\windows\system32\LGI2CDriver.sys [11.10.2010 23:24 16384]
S3 LGII2CDevice;LGII2CDevice;c:\windows\system32\LGPII2CDriver.sys [11.10.2010 23:24 19456]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [9.8.2010 20:51 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [9.8.2010 20:51 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [9.8.2010 20:51 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [9.8.2010 20:51 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [9.8.2010 20:51 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [9.8.2010 20:51 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [9.8.2010 20:51 115752]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [25.7.2010 0:04 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-10-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\4vubzabv.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda ... 1_0yatb&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-connections-per-server - 8
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(760)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(2360)
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
.
**************************************************************************
.
Celkový čas: 2010-10-19 01:12:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-18 23:12
ComboFix2.txt 2010-10-16 12:01
ComboFix3.txt 2010-10-10 20:48

Před spuštěním: Volných bajtů: 44 721 876 992
Po spuštění: Volných bajtů: 44 795 244 544

- - End Of File - - 2408C5052AFD310A3FC8BEB2EDBB46A3

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:16:47, on 19.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\MediaKey\MMKeybd.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Kalendar\kalendar.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Petr\Plocha\SRDownloader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Petr\Plocha\hijackthis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files\Cyberlink\Shared Files\brs.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: EasySetPackage.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

--
End of file - 10285 bytes

Příspěvekod **jaro3** » 19 říj 2010 13:36

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

PC se zda byt uz celkem v poradku. Jen jeste mne trapi jedna vec. Po zapnuti a nabehnuti systemu je obraz roztreseny a nekdy i blika. Prave jsem instaloval nejnovejsi ovladace pro GK a dela to stale. Vetsinou pomuze bud zmenit nastaveni kvality barev na 16 bitu a zpet nebo restart.
---příčin může být více , zkus jiné starší ovladače GK , nastavení rozlišení , vyzkoušet připojení kabelu k monitoru ( dotáhnout) , závada v monitoru atd.

gazebo · Příspěvekod **gazebo** » 20 říj 2010 08:12

Fixnuto dle navodu, log nize, no a s tim monitorem, je novej tak snad neni vadnej ale jeste zkusim ty starsi ovladace, konektory jsou v poradku a rozliseni 1920x1080 taky. Diky za Tvuj cas a rady.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:33, on 20.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\PROGRA~1\MediaKey\MMKeybd.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Kalendar\kalendar.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Petr\Plocha\hijackthis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files\Cyberlink\Shared Files\brs.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: EasySetPackage.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

--
End of file - 9453 bytes

Příspěvekod **jaro3** » 20 říj 2010 08:35

Tady je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100%) Vyřešeno

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100 Vyřešeno

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Re: Prosím o kontrolu logu MWAW (PC se seká, využití CPU 100

Kdo je online