Stránka 1 z 1

Zavirovaný počítač

Napsal: stř 19. kvě 2010, 08:28
od Panda1991
V sobotu večer se mi při načítání hry The Sims 3 Cestovní horečka seknul pc, začaly blbnout barvy. Restartovala jsem pc a do systému už jsem se nedostala. Barvy jsou sice v pořádku, ale vynechané čáry se objevují, jsem schopna vyfotit. Systém najede, ale před najetí přihlášení se mi vypne monitor. Dostanu se do nouzového systému, ale obnovení systému nepomáhá, chyba stále přetrvává. Počítač jsem projela dvakrát SUPERAntiSpyware Portable Scanner (o jiném antiviru fungujícím v nouzovém režimu nevím, můj avast mi nešel). Našel 17 cookies, pak už nic, ale problém stále přetrvává. Poslední měsíc jsem ovladače aktualizovala pomocí Driver Genius Professional Edition 2009. Můžu ještě něco udělat nebo mi nezbývá než formátování disku a nová instalace windows xp?

Re: Zavirovaný počítač

Napsal: stř 19. kvě 2010, 08:43
od zombux
skoro bych to viděl na problém s grafickou kartou

Re: Zavirovaný počítač

Napsal: čtv 20. kvě 2010, 07:14
od Havlos
Doporučují vyzkoušet grafickou kartu pokud je možné v jiném PC :) a zkusit projet PC tímto prográmkem http://www.hijackthis.cz/ Jak psál víše zombux je možno že odešla grafika

Re: Zavirovaný počítač

Napsal: čtv 27. kvě 2010, 18:43
od kilmal
Zdravim,
dovolim si opravit uzivatele Havlos, vlozte log ze RSITu, je podorbnejsi nez HJT...Zatim pc neformatujte, pokud je odesla grafika, stejne vam to nepomuze

Re: Zavirovaný počítač

Napsal: čtv 27. kvě 2010, 22:24
od jan.svoboda
Dovolím si opravit uživatele kilmal, protože plně souhlasím s kolegou Zombuxem, vidím to dle příznaků na grafickou kartu... A silně pochybuji, že by tohle měla na vině virová nákaza. No ale s formátem souhlasím, asi u GK těžko pomůže.

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 07:07
od kilmal
2 jan.svoboda: ja ji chtel jen naprosto vyloucit, psal jsem ze gk mohla jit do kytek...

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 09:58
od jan.svoboda
Jj... Buď se tak trošku GK peče, nebo už je nadobro v háji jádro GPU.

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 10:16
od kilmal
Proto jak bylo navrzeno, vyzkouset gk v jinem stroji

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 10:21
od jan.svoboda
Asi tak :) No a pokud jinde bude fungovat, pak už není problém mrknout na to, jestli tam je v PC nějaká potvůrka.

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 19:16
od Panda1991
Takže do systému jsem se dostala vymazáním ovladačů pomocí Driver Sweeper. Nechodí mi GK, pokud nainstaluji ovladače jsem tam kde jsem byla a musím je zase mazat. Sháním, kde bych mohla svoji GK vyzkoušet a i nějakou jinou, jenomže druhý pc má rozhraní AGP :-(. Přidávám log:



Logfile of random's system information tool 1.07 (written by random/random)
Run by Fiser at 2010-05-28 19:02:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 84 GB (35%) free of 238 GB
Total RAM: 1023 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:03:52, on 28.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP3 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\Twain_32\NX VEGA 300\SnapTrap.exe
C:\WINDOWS\system32\winsys2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Media Key\MagicKey.exe
C:\Program Files\Media Key\OSD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Fiser\Dokumenty\Instalačky\RSIT.exe
C:\Program Files\trend micro\Fiser.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aktualne.cz/?ms=ae
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Windows Internet Explorer: Aktuálně.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [STICAP] C:\WINDOWS\Twain_32\NX VEGA 300\SnapTrap.exe
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Media Key.lnk = C:\Program Files\Media Key\MagicKey.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Supermapy - {0BDB44DF-BD05-48EF-AEA4-3BBF1AA9D446} - http://www.supermapy.cz (file missing) (HKCU)
O9 - Extra button: Bleskově - {0E5A329B-1CCC-4ACD-BD3F-AA35D401170E} - http://www.bleskove.cz (file missing) (HKCU)
O9 - Extra button: Aktuálně - {27BC0EBC-8B60-4A8A-AB5C-9AC55C4A5ED0} - http://aktualne.centrum.cz (file missing) (HKCU)
O9 - Extra button: Fotoalba - {2E24F197-521F-42B5-BC9E-8B73A49CFEDB} - http://www.fotoalba.cz (file missing) (HKCU)
O9 - Extra button: Slovníky - {721B2D12-CD49-4332-9B89-425478676E32} - http://slovniky.centrum.cz (file missing) (HKCU)
O9 - Extra button: Stahuj.cz - {7475888B-1F24-4DF8-8737-E5ED984B742A} - http://www.stahuj.cz (file missing) (HKCU)
O9 - Extra button: Centrum.cz - {750873F9-F280-4BDD-8BCA-9387669F814C} - http://www.centrum.cz (file missing) (HKCU)
O9 - Extra button: Počasí - {9A963FE8-4A05-40CC-8314-83C99B7000CC} - http://pocasi.centrum.cz (file missing) (HKCU)
O9 - Extra button: Xchat.cz - {A209E7A9-4FD9-4F9C-864A-EA3FFCAE5F3A} - http://www.xchat.cz (file missing) (HKCU)
O9 - Extra button: Žena.cz - {CA7D271C-2086-417D-9554-F60BA865AA9F} - http://www.zena.cz (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2276571843
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca193dccc2d320) (gupdate1ca193dccc2d320) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: STSService - Unknown owner - C:\Program Files\SoundTaxi Media Suite\STSService.exe

--
End of file - 11282 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-04-15 1375624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}]
Kwyshell MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files\BS.Player ControlBar\BSToolbar.dll [2008-10-08 859592]
{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Kwyshell MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]
{D4027C7F-154A-4066-A1AD-4243D8127440} - CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-04-15 1375624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-11 69632]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2005-07-08 1397760]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2009-10-27 557056]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-12-25 18789408]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"nwiz"=nwiz.exe /install []
"STICAP"=C:\WINDOWS\Twain_32\NX VEGA 300\SnapTrap.exe [2004-11-05 155648]
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-09-07 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-09-07 69632]
"WinSys2"=C:\WINDOWS\system32\winsys2.exe [2006-10-03 217088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-10 39408]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Media Key.lnk - C:\Program Files\Media Key\MagicKey.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Sierra\Empire Earth II\EE2X.exe"="C:\Program Files\Sierra\Empire Earth II\EE2X.exe:*:Enabled:Empire Earth II: The Art of Supremacy"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\RapidDown\rapiddown.exe"="C:\Program Files\RapidDown\rapiddown.exe:*:Enabled:rapiddown"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{409e2daa-a902-11dd-bda7-001d60570e25}]
shell\AutoRun\command - nymdik.exe
shell\open\command - nymdik.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f110634-dc10-11dd-be17-001d60570e25}]
shell\AutoRun\command - E:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c23bc96-1fe3-11df-9b8b-001d60570e25}]
shell\AutoRun\command - E:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f330b1c4-b256-11dd-bdbb-001d60570e25}]
shell\AutoRun\command - H:\setupSNK.exe


======List of files/folders created in the last 1 months======

2010-05-28 17:30:25 ----D---- C:\Program Files\trend micro
2010-05-28 17:30:23 ----D---- C:\rsit
2010-05-21 21:05:54 ----RA---- C:\WINDOWS\system32\WinSys2.exe
2010-05-21 21:05:53 ----RA---- C:\WINDOWS\system32\sw20.exe
2010-05-19 19:22:26 ----HD---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-05-19 19:01:51 ----D---- C:\DISNEY
2010-05-19 19:01:51 ----D---- C:\Converted
2010-05-19 17:21:12 ----D---- C:\Program Files\Warcraft III(2)
2010-05-19 16:18:46 ----D---- C:\Program Files\Phyxion.net
2010-05-17 17:10:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files
2010-05-16 00:15:35 ----A---- C:\DPsFnshr.exe
2010-05-15 17:44:34 ----A---- C:\WINDOWS\ntbtlog.txt
2010-05-09 14:12:46 ----D---- C:\Intel
2010-05-09 11:04:32 ----D---- C:\Program Files\PCI Audio Applications
2010-05-09 09:35:37 ----A---- C:\WINDOWS\AS_Debug.txt
2010-05-08 22:47:47 ----D---- C:\Program Files\Lavalys

======List of files/folders modified in the last 1 months======

2010-05-28 18:33:47 ----D---- C:\WINDOWS\system32
2010-05-28 17:30:35 ----D---- C:\WINDOWS\Prefetch
2010-05-28 17:30:25 ----RD---- C:\Program Files
2010-05-28 17:26:00 ----D---- C:\Program Files\Mozilla Thunderbird
2010-05-28 16:37:00 ----D---- C:\WINDOWS\Temp
2010-05-28 14:37:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-28 13:12:59 ----A---- C:\WINDOWS\wincmd.ini
2010-05-28 13:10:58 ----D---- C:\Documents and Settings\Fiser\Data aplikací\ICQ
2010-05-28 13:10:35 ----A---- C:\WINDOWS\lgfwup.ini
2010-05-28 13:10:32 ----D---- C:\Program Files\lg_fwupdate
2010-05-26 22:54:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-26 17:06:42 ----SHD---- C:\WINDOWS\Installer
2010-05-26 17:06:33 ----SHD---- C:\Config.Msi
2010-05-21 21:16:58 ----D---- C:\WINDOWS
2010-05-21 21:14:13 ----D---- C:\WINDOWS\system32\drivers
2010-05-21 21:10:11 ----D---- C:\WINDOWS\Help
2010-05-21 21:09:19 ----D---- C:\WINDOWS\nview
2010-05-21 21:07:17 ----HD---- C:\WINDOWS\inf
2010-05-19 20:38:49 ----D---- C:\Program Files\Google
2010-05-19 20:16:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-19 20:07:46 ----D---- C:\Documents and Settings
2010-05-19 19:32:52 ----D---- C:\WINDOWS\system32\CatRoot
2010-05-19 19:32:11 ----ASH---- C:\boot.ini
2010-05-19 19:23:55 ----D---- C:\WINDOWS\system32\config
2010-05-19 19:23:41 ----D---- C:\WINDOWS\system32\wbem
2010-05-19 19:23:40 ----D---- C:\WINDOWS\Registration
2010-05-19 19:22:38 ----D---- C:\WINDOWS\system32\RTCOM
2010-05-19 19:21:31 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-05-19 19:17:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-19 19:01:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-05-19 19:01:23 ----D---- C:\Program Files\ESET
2010-05-17 19:51:13 ----D---- C:\WINDOWS\system
2010-05-16 16:20:37 ----A---- C:\WINDOWS\win.ini
2010-05-16 15:23:52 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-05-16 15:22:45 ----A---- C:\WINDOWS\imsins.BAK
2010-05-15 22:44:54 ----D---- C:\Program Files\Windows Media Player
2010-05-15 22:44:54 ----D---- C:\Program Files\NetMeeting
2010-05-15 22:44:52 ----D---- C:\Program Files\Common Files\Services
2010-05-15 22:44:49 ----D---- C:\Program Files\Outlook Express
2010-05-15 22:44:45 ----D---- C:\Program Files\Internet Explorer
2010-05-15 22:44:36 ----D---- C:\Program Files\Movie Maker
2010-05-15 22:44:02 ----D---- C:\Program Files\Common Files\System
2010-05-15 22:42:31 ----D---- C:\Program Files\Windows Media Connect 2
2010-05-15 22:42:24 ----D---- C:\Program Files\Messenger
2010-05-15 22:42:07 ----D---- C:\Program Files\Windows NT
2010-05-14 20:15:31 ----D---- C:\Documents and Settings\Fiser\Data aplikací\Skype
2010-05-14 20:15:02 ----D---- C:\Documents and Settings\Fiser\Data aplikací\skypePM
2010-05-09 14:16:41 ----D---- C:\Program Files\NVIDIA Corporation
2010-05-09 14:13:20 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-09 11:04:40 ----D---- C:\WINDOWS\Media
2010-05-09 10:10:21 ----D---- C:\Program Files\C-Media
2010-05-09 09:34:40 ----D---- C:\Program Files\Realtek
2010-05-08 21:50:30 ----D---- C:\WINDOWS\Minidump
2010-05-04 18:36:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-04-14 28880]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-12-02 82380]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-04-14 46672]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-08 28672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-28 9291]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-04-14 100432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-04-14 23376]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-11-01 35840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-12-25 6039584]
R3 PAC207;NX-Vega; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-01-25 154112]
R3 SndTAudio;SndTAudio; C:\WINDOWS\system32\drivers\SndTAudio.sys [2009-11-19 23096]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-09-13 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-09-13 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-03-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-03-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-03-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-03-11 79488]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SQTECH930B;NX VEGA 300; C:\WINDOWS\System32\Drivers\Capt930b.sys [2005-01-26 247325]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
S2 gupdate1ca193dccc2d320;Služba Google Update (gupdate1ca193dccc2d320); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-10 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-10 190448]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-29 572928]
S3 SMServer;SMServer; C:\WINDOWS\system32\snmvtsvc.exe [2009-11-19 249856]
S3 STSService;STSService; C:\Program Files\SoundTaxi Media Suite\STSService.exe [2009-11-19 335872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 19:41
od kilmal
Chvili strpeni, na logu delam...je tam fura zbytecnosti co jsem videl, ale s tim si poradime...
Hlavne nekde zkuste tu GK at vime ci neni chyba v ni - i kdyz to na to ukazuje...

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 20:09
od kilmal
Zdravim, havet tam neni, jen zbytecnosti, je opravdu treba tu GK vyzkouset jinde...

:arrow: Provedte fixnuti v HJT
  • HJT najdete zde C:\Program Files\trend micro\Fiser.exe
  • Fix znamena ze spustite HJT
  • Otevre se Vam okno, kliknete na Do a system scan only
  • v dalsim okne najdete radky ktere mate nize
  • Kód: Vybrat vše

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
    O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Media Key.lnk = C:\Program Files\Media Key\MagicKey.exe
    O9 - Extra button: Supermapy - {0BDB44DF-BD05-48EF-AEA4-3BBF1AA9D446} - http://www.supermapy.cz  (file missing) (HKCU)
    O9 - Extra button: Bleskově - {0E5A329B-1CCC-4ACD-BD3F-AA35D401170E} - http://www.bleskove.cz (file missing) (HKCU)
    O9 - Extra button: Aktuálně - {27BC0EBC-8B60-4A8A-AB5C-9AC55C4A5ED0} - http://aktualne.centrum.cz (file missing) (HKCU)
    O9 - Extra button: Fotoalba - {2E24F197-521F-42B5-BC9E-8B73A49CFEDB} - http://www.fotoalba.cz (file missing) (HKCU)
    O9 - Extra button: Slovníky - {721B2D12-CD49-4332-9B89-425478676E32} - http://slovniky.centrum.cz (file missing) (HKCU)
    O9 - Extra button: Stahuj.cz - {7475888B-1F24-4DF8-8737-E5ED984B742A} - http://www.stahuj.cz (file missing) (HKCU)
    O9 - Extra button: Centrum.cz - {750873F9-F280-4BDD-8BCA-9387669F814C} - http://www.centrum.cz (file missing) (HKCU)
    O9 - Extra button: Počasí - {9A963FE8-4A05-40CC-8314-83C99B7000CC} - http://pocasi.centrum.cz (file missing) (HKCU)
    O9 - Extra button: Xchat.cz - {A209E7A9-4FD9-4F9C-864A-EA3FFCAE5F3A} - http://www.xchat.cz (file missing) (HKCU)
    O9 - Extra button: Žena.cz - {CA7D271C-2086-417D-9554-F60BA865AA9F} - http://www.zena.cz (file missing) (HKCU)
  • Vedle nich je ctverecek do kterého udelate zatrzitko
  • Kliknete na Fix checked (vlevo dole)
  • HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo
:arrow: Zapojte vsechny klicenky do USB a stahnete USBfix na plochu
  • Spustte a zvolte jazyk E
  • dejte 2 a enter - je mozne ze pc bude restartovano
  • po dokonceni na Vas vyskoci log, djete ho sem - pripadne jej najdete C:\UsbFix.txt
:arrow: Tento soubor C:\DPsFnshr.exe dejte otestovat na VirusTotal
  • Kliknete na Prochazet
  • Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
  • Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
  • Kliknete na Otestovat soubor
  • Vysledek analyzy sem vlozte (jako odkaz)
:arrow: Odinstalujte nepotrebne toolbary

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 22:55
od Panda1991
Soubor DPsFnshr.exe v počítači nemám.

log z usbfixu:


############################## | UsbFix V6.115 |

User : Fiser (Administrators) # FI-0FED5F449EBE
Update on 27/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:44:17 | 28.5.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886625 [ Enabled | Updated ]

A:\ -> Disketová jednotka 3 1/2"
C:\ -> Místní pevný disk # 232,88 Go (81,52 Go free) # NTFS
D:\ -> Disk CD-ROM
E:\ -> Vyměnitelný disk # 963,7 Mo (699,33 Mo free) # FAT

################## | Files # Infected Folders |

Deleted ! C:\DOCUME~1\Fiser\LOCALS~1\Temp\VWL176.tmp
Deleted ! C:\DOCUME~1\Fiser\LOCALS~1\Temp\VWL179.tmp
Deleted ! C:\DPsFnshr.exe
Deleted ! C:\Recycler\S-1-5-21-1202660629-1770027372-725345543-1003
Deleted ! E:\autorun.0nf

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{409e2daa-a902-11dd-bda7-001d60570e25}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{4a422ed8-6916-11dd-8fe8-cb488e079131}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{7f110634-dc10-11dd-be17-001d60570e25}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{8c23bc96-1fe3-11df-9b8b-001d60570e25}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{f330b1c4-b256-11dd-bdbb-001d60570e25}\Shell\AutoRun\Command

################## | Listing of the present files |

[13.08.2008 10:51|--a------|0] C:\AUTOEXEC.BAT
[28.05.2010 13:10|--a------|53] C:\biosinfo
[19.05.2010 19:32|--ahs----|211] C:\boot.ini
[25.10.2001 14:00|-rahs----|4952] C:\Bootfont.bin
[13.08.2008 10:51|--a------|0] C:\CONFIG.SYS
[13.08.2008 10:51|-rahs----|0] C:\IO.SYS
[19.06.2009 15:53|--a------|0] C:\MomLog.txt
[13.08.2008 10:51|-rahs----|0] C:\MSDOS.SYS
[13.04.2008 22:13|-rahs----|47564] C:\NTDETECT.COM
[14.04.2008 00:01|-rahs----|250576] C:\ntldr
[?|?|?] C:\pagefile.sys
[05.07.2009 19:43|--a------|272] C:\Sonic-and-Knuckles-(JUE)-[!].srm
[29.06.2009 18:28|--a------|304160] C:\StiImg.dat
[28.05.2010 21:53|--a------|2292] C:\UsbFix.txt
[13.05.2010 17:57|--a------|1354752] E:\Integrace ¬esk‚ republiky do svŘtov‚ho a Evropsk‚ho spoleźenstvˇ.ppt
[15.05.2010 15:54|--a------|9] E:\HDINFO.CFG
[20.05.2010 21:48|--a------|43153] E:\DxDiag.txt
[18.05.2010 16:24|--a------|11122247] E:\SAS_081D96.COM
[19.05.2010 16:09|--a------|4728687] E:\DriverSweeper_2.1.0.exe
[20.05.2010 07:15|--a------|36352] E:\Herrmann, ¬apek Chod.doc
[21.05.2010 14:21|--a------|755486] E:\cpuz_154.zip
[12.10.2007 13:50|--a------|3634881] E:\Alcohol 120% + crack.zip
[21.03.2007 12:00|--a------|17647818] E:\Emilka.exe
[23.07.2009 17:44|--a------|11022391] E:\rld-aos.rar
[25.06.2009 15:44|--a------|1224146] E:\per_soustava.jpg
[05.10.2009 21:42|--a------|6321259] E:\01. Jak Jsem Se Ucil Kourit.mp3
[05.10.2009 22:03|--a------|8822210] E:\Jedovat  slina.avi
[05.10.2009 22:09|--a------|696320] E:\ćimek a Grossmann.ppt
[03.03.2010 19:38|--a------|3327488] E:\Straçilky.ppt
[10.05.2010 21:02|--a------|54329344] E:\0001.TS

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# E:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

Re: Zavirovaný počítač

Napsal: pát 28. kvě 2010, 23:55
od kilmal
:arrow: C:\DPsFnshr.exe uz nemate, USBFix ho smazal Deleted ! C:\DPsFnshr.exe
:arrow: Spustte znovu USBFix, jazyk E (enter), nasledne volba 6 (enter) - tim po sobe USBFix uklidi
:arrow: Jak se chova pc, problemy s gk stale jsou?

Re: Zavirovaný počítač

Napsal: sob 29. kvě 2010, 15:22
od Panda1991
kilmal píše::arrow: C:\DPsFnshr.exe uz nemate, USBFix ho smazal Deleted ! C:\DPsFnshr.exe
:arrow: Spustte znovu USBFix, jazyk E (enter), nasledne volba 6 (enter) - tim po sobe USBFix uklidi
:arrow: Jak se chova pc, problemy s gk stale jsou?
Počítač se chová stále stejně, zkoušela jsem nainstalovat znova ovladače ale stále stejný problém, musely pryč abych se dostala do systému. Jinak kromě té GK, šlape normálně.

Re: Zavirovaný počítač

Napsal: sob 29. kvě 2010, 16:22
od jan.svoboda
Panda1991: Tak s kolegou jste PC vyčistily, ale jak jsem řikal, bohužel to vypadá, že odešla grafická karta... Chtělo by to tedy vyzkoušet jinou / tvojí v jiném PC. A sehnat si novou, a bude to v pohodě ;)

Re: Zavirovaný počítač

Napsal: sob 29. kvě 2010, 22:45
od kilmal
Bohuzel mi tez nezbyva nez souhlasit...GK sla asi do kytek...

Re: Zavirovaný počítač

Napsal: ned 30. kvě 2010, 10:23
od jan.svoboda
Bohužel no, ačkoliv upřímě bych byl radči, kdyby jsi měl pravdu, a uživatelka měla pouze problém s virem a ne hardwarový :) No nic, ty jsi to dočistil, ale alespoň jsme to vyřešily :)

Kilmal: Btw.: Sorry za moje nedávné ostřejší reakce, ale opravdu mě již jmenované forum leze krkem, za ty problémy, co mi dělá. A mám problém rozlišit, kdo je ten provokatér odtamtud a kdo ne. Ty jsi v pohodě a proti tobě nic nemám. Můžeme zakopat válečnou sekeru, kolego ;) ?

Re: Zavirovaný počítač

Napsal: ned 30. kvě 2010, 17:00
od kilmal
Taktez bych byl radeji za havet, aspon by bylo co delat 8-) a uzivatelka by mozna nemusela kupovat novou GK pokud je opravdu v haji...

:idea: Jsem jedine rad, kolego. Omluva se samozrejme prijima a vse je OK!

Re: Zavirovaný počítač

Napsal: ned 30. kvě 2010, 21:53
od jan.svoboda
Přesně tak, HW problémy nemám rád, zvláště, dkyž se musí něco kupovat (peněz není nikdy dost) :D

Díky :)