prosím o kontrolu logu pomalé načítání windows xp

[jaro3]

Zkus ten script v nouz. režimu , nic se nesmazalo..

Log z HJT už nedávej.

[Reklama]

[mafian]

spuštěno v nouzáku

ComboFix 12-03-01.02 - Administrator 02.03.2012 17:02:24.6.4 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2919 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\ativpsrm.bin"
"c:\windows\HideWin.exe"
"c:\windows\REGBK00.ZIP"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\7554
c:\7554\7554.exe
c:\7554\7554_Launcher.exe
c:\7554\AgentManagerPlugin.vPlugin
c:\7554\AIPlugin.vPlugin
c:\7554\AssetsData.v
c:\7554\dotnetfx.exe
c:\7554\Slps.Runtime.Configuration.exe
c:\7554\Slps.Runtime.Installer.dll
c:\7554\Uninstall.exe
c:\7554\Videos\credit_wmv2.avi
c:\7554\Videos\default.avi
c:\7554\Videos\Intro10.avi
c:\7554\Videos\Intro11.avi
c:\7554\Videos\Intro12.avi
c:\7554\Videos\Intro2.avi
c:\7554\Videos\Intro3.avi
c:\7554\Videos\Intro4.avi
c:\7554\Videos\Intro5.avi
c:\7554\Videos\Intro6.avi
c:\7554\Videos\Intro7.avi
c:\7554\Videos\Intro8.avi
c:\7554\Videos\Intro9.avi
c:\7554\Videos\outtro_wmv.avi
c:\program files\ESET
c:\windows\ativpsrm.bin
c:\windows\HideWin.exe
c:\windows\REGBK00.ZIP
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPTD
-------\Service_sptd
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-02 do 2012-03-02 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-28 06:37 . 2011-12-28 12:12 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 16:23 . 2011-12-28 11:12 41184 ----a-w- c:\windows\avastSS.scr
2012-02-23 16:23 . 2011-12-28 11:12 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-23 16:13 . 2011-12-28 11:22 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-02-23 16:12 . 2011-12-28 11:12 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-23 16:12 . 2011-12-28 11:12 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-23 16:12 . 2011-12-28 11:21 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-02-23 16:10 . 2011-12-28 11:12 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-23 16:10 . 2011-12-28 11:12 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-23 16:10 . 2011-12-28 11:12 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-02-23 16:10 . 2011-12-28 11:12 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-02-23 16:10 . 2011-12-28 11:12 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 16:07 . 2011-12-28 11:12 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-01-29 16:29 . 2012-01-29 16:29 117760 ----a-r- c:\documents and settings\uživatel\Data aplikací\Microsoft\Installer\{3FE7D2BF-DB37-429A-B47E-5DE073404A42}\IconTmpl.50919BAA_6A87_4FF2_9F31_77666E9D001A.exe
2012-01-27 19:26 . 2012-01-27 19:26 572928 ----a-w- c:\windows\system32\msvcp90.dll
2012-01-27 19:26 . 2012-01-27 19:26 655872 ----a-w- c:\windows\system32\msvcr90.dll
2012-01-27 19:26 . 2012-01-27 19:26 34048 ----a-w- c:\windows\system32\eEmpty.exe
2012-01-27 19:25 . 2012-01-27 19:19 141333296 ----a-w- C:\mwav.exe
2012-01-12 17:20 . 2001-10-25 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-10 16:21 . 2012-01-10 16:21 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-04 15:12 . 2011-12-28 09:29 16608 ----a-w- c:\windows\gdrv.sys
2011-12-31 19:49 . 2011-12-29 10:39 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-12-29 10:29 . 2011-12-29 10:29 166976 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-12-17 19:42 . 2001-10-25 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2001-10-25 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2001-10-25 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2011-12-28 10:55 385024 ------w- c:\windows\system32\html.iec
2011-12-06 03:42 . 2009-01-14 07:14 7490560 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-12-06 03:39 . 2011-12-28 10:28 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-12-06 03:26 . 2012-01-04 08:58 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-12-06 03:26 . 2012-01-04 08:58 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-12-06 03:19 . 2012-01-04 08:58 7376896 ----a-w- c:\windows\system32\aticaldd.dll
2011-12-06 03:07 . 2009-01-14 05:46 19357696 ----a-w- c:\windows\system32\atioglxx.dll
2011-12-06 02:55 . 2011-12-28 10:28 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 02:54 . 2009-01-14 04:47 304640 ----a-w- c:\windows\system32\ati2dvag.dll
2011-12-06 02:49 . 2009-01-14 04:22 5334656 ----a-w- c:\windows\system32\ati3duag.dll
2011-12-06 02:39 . 2012-01-04 08:58 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-12-06 02:33 . 2009-01-14 04:36 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-12-06 02:33 . 2009-01-14 04:36 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-12-06 02:32 . 2009-01-14 04:36 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-12-06 02:32 . 2009-01-14 04:35 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-12-06 02:32 . 2009-01-14 04:35 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2011-12-06 02:31 . 2009-01-14 04:34 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-12-06 02:29 . 2009-01-14 04:32 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-12-06 02:29 . 2009-01-14 04:05 3307776 ----a-w- c:\windows\system32\ativvaxx.dll
2011-12-06 02:28 . 2012-01-04 08:58 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 02:24 . 2009-01-14 03:45 806912 ----a-w- c:\windows\system32\atikvmag.dll
2011-12-06 02:21 . 2009-01-14 04:53 602112 ----a-w- c:\windows\system32\atiok3x2.dll
2011-12-06 02:19 . 2009-01-14 03:44 233472 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:18 . 2009-01-14 03:44 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-12-06 02:12 . 2009-01-14 03:37 884736 ----a-w- c:\windows\system32\ati2cqag.dll
2011-12-06 02:12 . 2009-01-14 03:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-06 02:10 . 2012-01-04 08:58 65024 ----a-w- c:\windows\system32\atimpc32.dll
2011-12-06 02:10 . 2009-01-14 03:50 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\system32\amdocl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 16:23 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UpdateService\isuspm.exe" [2005-02-16 221184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKLM\~\startupfolder\C:^Documents and Settings^uživatel^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 07:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-11-10 09:17 3514176 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FTweakFCleaner]
2010-06-21 13:56 1763840 ----a-w- c:\program files\FCleaner\FCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 17:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 17:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2005-10-26 15:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-29 16:11 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-09-30 11:19 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [28.12.2011 12:21 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [28.12.2011 12:21 196440]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [28.12.2011 12:22 112984]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [1.3.2012 10:59 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28.12.2011 12:12 610648]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.12.2011 12:12 337112]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [10.1.2012 17:21 239168]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.12.2011 12:12 20696]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [28.12.2011 12:21 131288]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [23.1.2012 19:52 793048]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [28.10.2010 19:31 2156952]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [27.2.2012 19:05 100368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{E0A2D612-9559-4215-AAD7-1B34697AC779}: NameServer = 10.0.0.138
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CECD6A3-55D5-D1F3-C348-EE754667ECF7}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć
*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="???\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.8"
"DeviceInstanceIds"=multi:"e:\\chipset\\7-ser\\xp\\sbdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1236)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'Explorer.EXE'(948)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wdfmgr.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2012-03-02 17:11:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-02 16:11
ComboFix2.txt 2012-03-02 10:46
ComboFix3.txt 2012-03-02 09:21
.
Před spuštěním: Volných bajtů: 46 183 137 280
Po spuštění: Volných bajtů: 46 055 034 880
.
- - End Of File - - 39D7A67E32CF616285E607699EB8D577

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_USERS\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CECD6A3-55D5-D1F3-C348-EE754667ECF7}*]

RegNull::
[HKEY_USERS\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CECD6A3-55D5-D1F3-C348-EE754667ECF7}*]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[mafian]

ComboFix 12-03-01.02 - uživatel 03.03.2012 11:07:45.7.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2679 [GMT 1:00]
Spuštěný z: c:\documents and settings\u×ivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\u×ivatel\Plocha\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-03 do 2012-03-03 )))))))))))))))))))))))))))))))
.
.
2012-03-02 16:07 . 2012-03-02 16:07 0 ----a-w- c:\windows\ativpsrm.bin
2012-03-02 08:28 . 2012-03-02 08:28 -------- d---a-w- c:\windows\rundll16.exe
2012-03-02 08:28 . 2012-03-02 08:28 -------- d---a-w- c:\windows\logo1_.exe
2012-03-02 08:11 . 2012-03-02 08:15 -------- d-----w- c:\documents and settings\Administrator
2012-03-01 11:03 . 2012-03-01 11:04 -------- d-----w- c:\program files\Polda3Mezihry
2012-03-01 09:59 . 2012-02-23 16:11 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-02-27 18:06 . 2012-02-27 18:06 -------- d-----w- c:\program files\AMD APP
2012-02-27 18:05 . 2011-12-20 07:39 100368 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2012-02-27 18:04 . 2012-02-27 18:04 -------- d-----w- C:\AMD
2012-02-22 15:23 . 2012-02-22 15:23 -------- d---a-w- c:\windows\system32\runouce.exe
2012-02-22 15:02 . 2012-02-22 15:02 632064 ----a-w- c:\windows\system32\msvcr80.dll
2012-02-22 15:02 . 2012-02-22 15:02 554240 ----a-w- c:\windows\system32\msvcp80.dll
2012-02-22 15:02 . 2008-04-14 07:52 137216 ----a-w- c:\windows\system32\T.COM
2012-02-22 15:02 . 2008-04-14 07:52 147968 ----a-w- c:\windows\R.COM
2012-02-22 15:02 . 2012-02-22 15:02 -------- d-----w- c:\program files\Common Files\MicroWorld
2012-02-22 15:02 . 2012-02-22 15:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2012-02-19 10:50 . 2012-02-19 10:50 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
2012-02-19 10:50 . 2012-02-19 10:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
2012-02-19 10:46 . 2012-02-19 10:46 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\HideIPEasy
2012-02-19 10:46 . 2012-02-19 10:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HideIPEasy
2012-02-19 10:46 . 2012-02-19 10:46 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
2012-02-19 10:46 . 2012-02-19 10:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
2012-02-19 10:16 . 2012-02-19 10:16 196608 ----a-w- c:\windows\system32\HMIPCore.dll
2012-02-19 10:15 . 2009-01-22 01:40 163840 ----a-w- c:\windows\system32\SecureNet.dll
2012-02-19 10:15 . 2012-02-19 10:49 -------- d-----w- c:\program files\Hide My IP 2009
2012-02-17 15:43 . 2012-02-17 15:43 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\Vso
2012-02-17 15:07 . 2012-02-17 15:38 -------- d-----w- c:\documents and settings\uživatel\Local Settings\Data aplikací\WMTools Downloaded Files
2012-02-15 08:06 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 08:06 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-13 20:08 . 2012-02-13 20:08 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\OpenOffice.org
2012-02-13 20:07 . 2012-02-13 20:07 -------- d-----w- c:\program files\OpenOffice.org 3
2012-02-13 13:34 . 2012-02-13 13:35 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\Teleca
2012-02-13 13:34 . 2012-02-13 13:34 -------- d-----w- c:\documents and settings\All Users\Documents
2012-02-13 13:34 . 2012-02-13 13:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony Ericsson
2012-02-13 13:34 . 2012-02-13 13:34 -------- d-----w- c:\program files\Common Files\Teleca Shared
2012-02-13 13:34 . 2012-02-13 13:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Teleca
2012-02-13 13:34 . 2012-02-13 13:34 -------- d-----w- c:\program files\Sony Ericsson
2012-02-13 13:32 . 2012-02-13 13:32 94064 ----a-w- c:\windows\system32\drivers\w810mdm.sys
2012-02-13 13:32 . 2012-02-13 13:32 85408 ----a-w- c:\windows\system32\drivers\w810mgmt.sys
2012-02-13 13:32 . 2012-02-13 13:32 8336 ----a-w- c:\windows\system32\drivers\w810mdfl.sys
2012-02-13 13:32 . 2012-02-13 13:32 83344 ----a-w- c:\windows\system32\drivers\w810obex.sys
2012-02-13 13:32 . 2012-02-13 13:32 6176 ----a-w- c:\windows\system32\drivers\w810cmnt.sys
2012-02-13 13:32 . 2012-02-13 13:32 6176 ----a-w- c:\windows\system32\drivers\w810cm.sys
2012-02-13 13:32 . 2012-02-13 13:32 58288 ----a-w- c:\windows\system32\drivers\w810bus.sys
2012-02-13 13:32 . 2012-02-13 13:32 5808 ----a-w- c:\windows\system32\drivers\w810whnt.sys
2012-02-13 13:32 . 2012-02-13 13:32 5808 ----a-w- c:\windows\system32\drivers\w810wh.sys
2012-02-13 13:32 . 2012-02-13 13:32 -------- d-----w- c:\windows\Downloaded Installations
2012-02-13 13:24 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2012-02-13 13:24 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-02-10 16:21 . 2012-02-21 13:11 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\Posta
2012-02-10 16:21 . 2012-02-21 13:11 -------- d-----w- c:\program files\Pošta 3
2012-02-05 09:53 . 2012-03-03 07:42 6066 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-02-04 08:14 . 2012-02-04 08:14 -------- d-----w- c:\program files\CrystalDiskInfo
2012-02-04 08:14 . 2012-02-04 08:14 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\OpenCandy
2012-02-02 13:45 . 2012-02-02 13:45 -------- d-----w- c:\documents and settings\uživatel\Data aplikací\Malwarebytes
2012-02-02 13:45 . 2012-02-02 13:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-02-02 13:45 . 2012-02-02 13:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-02 13:45 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-02 13:44 . 2012-02-02 13:45 9502424 ----a-w- C:\mbam-setup-1.60.1.1000.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-28 06:37 . 2011-12-28 12:12 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 16:23 . 2011-12-28 11:12 41184 ----a-w- c:\windows\avastSS.scr
2012-02-23 16:23 . 2011-12-28 11:12 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-23 16:13 . 2011-12-28 11:22 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-02-23 16:12 . 2011-12-28 11:12 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-23 16:12 . 2011-12-28 11:12 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-23 16:12 . 2011-12-28 11:21 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-02-23 16:10 . 2011-12-28 11:12 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-23 16:10 . 2011-12-28 11:12 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-23 16:10 . 2011-12-28 11:12 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-02-23 16:10 . 2011-12-28 11:12 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-02-23 16:10 . 2011-12-28 11:12 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 16:07 . 2011-12-28 11:12 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-01-29 16:29 . 2012-01-29 16:29 117760 ----a-r- c:\documents and settings\uživatel\Data aplikací\Microsoft\Installer\{3FE7D2BF-DB37-429A-B47E-5DE073404A42}\IconTmpl.50919BAA_6A87_4FF2_9F31_77666E9D001A.exe
2012-01-27 19:26 . 2012-01-27 19:26 572928 ----a-w- c:\windows\system32\msvcp90.dll
2012-01-27 19:26 . 2012-01-27 19:26 655872 ----a-w- c:\windows\system32\msvcr90.dll
2012-01-27 19:26 . 2012-01-27 19:26 34048 ----a-w- c:\windows\system32\eEmpty.exe
2012-01-27 19:25 . 2012-01-27 19:19 141333296 ----a-w- C:\mwav.exe
2012-01-12 17:20 . 2001-10-25 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-10 16:21 . 2012-01-10 16:21 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-04 15:12 . 2011-12-28 09:29 16608 ----a-w- c:\windows\gdrv.sys
2011-12-31 19:49 . 2011-12-29 10:39 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-12-29 10:29 . 2011-12-29 10:29 166976 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-12-17 19:42 . 2001-10-25 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2001-10-25 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2001-10-25 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2011-12-28 10:55 385024 ------w- c:\windows\system32\html.iec
2011-12-06 03:42 . 2009-01-14 07:14 7490560 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-12-06 03:39 . 2011-12-28 10:28 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-12-06 03:26 . 2012-01-04 08:58 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-12-06 03:26 . 2012-01-04 08:58 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-12-06 03:19 . 2012-01-04 08:58 7376896 ----a-w- c:\windows\system32\aticaldd.dll
2011-12-06 03:07 . 2009-01-14 05:46 19357696 ----a-w- c:\windows\system32\atioglxx.dll
2011-12-06 02:55 . 2011-12-28 10:28 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 02:54 . 2009-01-14 04:47 304640 ----a-w- c:\windows\system32\ati2dvag.dll
2011-12-06 02:49 . 2009-01-14 04:22 5334656 ----a-w- c:\windows\system32\ati3duag.dll
2011-12-06 02:39 . 2012-01-04 08:58 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-12-06 02:33 . 2009-01-14 04:36 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-12-06 02:33 . 2009-01-14 04:36 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-12-06 02:32 . 2009-01-14 04:36 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-12-06 02:32 . 2009-01-14 04:35 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-12-06 02:32 . 2009-01-14 04:35 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2011-12-06 02:31 . 2009-01-14 04:34 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-12-06 02:29 . 2009-01-14 04:32 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-12-06 02:29 . 2009-01-14 04:05 3307776 ----a-w- c:\windows\system32\ativvaxx.dll
2011-12-06 02:28 . 2012-01-04 08:58 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 02:24 . 2009-01-14 03:45 806912 ----a-w- c:\windows\system32\atikvmag.dll
2011-12-06 02:21 . 2009-01-14 04:53 602112 ----a-w- c:\windows\system32\atiok3x2.dll
2011-12-06 02:19 . 2009-01-14 03:44 233472 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:18 . 2009-01-14 03:44 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-12-06 02:12 . 2009-01-14 03:37 884736 ----a-w- c:\windows\system32\ati2cqag.dll
2011-12-06 02:12 . 2009-01-14 03:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-06 02:10 . 2012-01-04 08:58 65024 ----a-w- c:\windows\system32\atimpc32.dll
2011-12-06 02:10 . 2009-01-14 03:50 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\system32\amdocl.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-02_09.21.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-03 07:38 . 2012-03-03 07:38 16384 c:\windows\temp\Perflib_Perfdata_b3c.dat
+ 2012-03-03 07:38 . 2012-03-03 07:38 16384 c:\windows\temp\Perflib_Perfdata_ab8.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 16:23 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UpdateService\isuspm.exe" [2005-02-16 221184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKLM\~\startupfolder\C:^Documents and Settings^uživatel^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 07:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-11-10 09:17 3514176 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FTweakFCleaner]
2010-06-21 13:56 1763840 ----a-w- c:\program files\FCleaner\FCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 17:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 17:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2005-10-26 15:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-29 16:11 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-09-30 11:19 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [28.12.2011 12:21 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [28.12.2011 12:21 196440]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [28.12.2011 12:22 112984]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [1.3.2012 10:59 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28.12.2011 12:12 610648]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.12.2011 12:12 337112]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [10.1.2012 17:21 239168]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.12.2011 12:12 20696]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [28.12.2011 12:21 131288]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [23.1.2012 19:52 793048]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [28.10.2010 19:31 2156952]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [27.2.2012 19:05 100368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{E0A2D612-9559-4215-AAD7-1B34697AC779}: NameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-03 11:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CECD6A3-55D5-D1F3-C348-EE754667ECF7}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć
*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="???\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.8"
"DeviceInstanceIds"=multi:"e:\\chipset\\7-ser\\xp\\sbdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1236)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2012-03-03 11:12:01
ComboFix-quarantined-files.txt 2012-03-03 10:11
ComboFix2.txt 2012-03-02 16:11
ComboFix3.txt 2012-03-02 10:46
ComboFix4.txt 2012-03-02 09:21
.
Před spuštěním: Volných bajtů: 45 969 170 432
Po spuštění: Volných bajtů: 45 947 305 984
.
- - End Of File - - 9BD2CDF111FE78A49B207AA553CCC0DA


je to snad vše.díky

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[mafian]

jo pc už je lepší naběhne tak za 3 min ale pak stejně ještě tak 1-2 stávkuje než začne něco dělat

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:53:38, on 4.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\uživatel\Dokumenty\HiJackThis.exe
C:\WINDOWS\system32\ctfmon.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UpdateService\isuspm.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0A2D612-9559-4215-AAD7-1B34697AC779}: NameServer = 10.0.0.138
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 5213 bytes

[Žbeky]

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.


Stáhni si Memtest:
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048), dej Start, nech nejméně 2h běžet a pokud bude po 2h stále 0 errors, jsou v pořádku.

[mafian]

memtest ok a crystaldisk je na první stránce jen mi napadlo jak zjistim kolik programu se mi spouští při načítání.protože systém ted naběhne cca 30s nedělá nic pak něco zkusim zapnout(tento počítač či internet) to udělá ale pak se zase kousne tak na 1 min to nedělá nic a pak se to teprva rozhýbe.

[jaro3]

Start--spustit---napiš:
msconfig.msc
záložka po spuštění.

[mafian]

hodí mi to hláěku system windows nemůže najít msconfig.msc.......co stim dál?

[Žbeky]

Tak dej jen msconfig

[mafian]

tak tam mam zaškrtnuto jen avast,RTHDCPL,isuspm,ctfmon nic víc mohlo by to dělat ono jinak systém je nainstalovaný zhruba měsíc.