Prosím o kontrolu logu-pomaly štart ntb

robert81 · Příspěvekod **robert81** » 01 pro 2011 14:11

HD Tune: WDC WD3200BEVS-26VAT0 Benchmark

Transfer Rate Minimum : 19.0 MB/sec
Transfer Rate Maximum : 60.3 MB/sec
Transfer Rate Average : 45.5 MB/sec
Access Time : 18.8 ms
Burst Rate : 44.9 MB/sec
CPU Usage : 16.8%

Reklama

Příspěvekod **Žbeky** » 01 pro 2011 16:00

Disk je pomalý

robert81 · Příspěvekod **robert81** » 01 pro 2011 17:36

Prosím ťa,pozrel by si mi ešte jeden PC,sú tu testy .hijack,malw,combfix,diskinfo.................

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:55, on 1. 12. 2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
D:\Software\Eset\egui.exe
D:\Download\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [egui] "D:\Software\Eset\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Software\Eset\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Software\Eset\ekrn.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Software\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Software\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 4720 bytes

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 8282

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

1. 12. 2011 11:24:36
mbam-log-2011-12-01 (11-24-36).txt

Typ: Rychlá kontrola
Kontrolované objekty: 154159
Uplynulý čas: 5 minut, 11 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

ComboFix 11-11-30.01 - Zuzanka . 12. 2011 11:30:00.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.421.1029.18.1014.239 [GMT 1:00]
Running from: d:\download\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-11-01 to 2011-12-01 )))))))))))))))))))))))))))))))
.
.
2011-12-01 10:39 . 2011-12-01 10:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-01 10:11 . 2011-12-01 10:11 -------- d-----w- c:\programdata\Malwarebytes
2011-12-01 10:10 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 17:11 . 2011-11-28 17:11 -------- d-----w- c:\program files\Common Files\Adobe
2011-11-28 12:25 . 2011-05-28 06:08 129536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-11-28 12:25 . 2011-05-28 06:04 247808 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2011-11-28 12:25 . 2011-05-28 06:04 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-28 12:23 . 2011-02-17 06:23 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-11-28 12:23 . 2011-04-30 06:09 758784 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-11-27 16:56 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-11-27 16:51 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-11-27 16:51 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-11-27 16:51 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-11-27 16:51 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-11-27 16:51 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-11-27 16:50 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-11-27 16:50 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-11-27 16:50 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-11-27 16:49 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-11-27 16:49 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-11-27 16:49 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll
2011-11-27 16:49 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-11-27 16:49 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-11-27 16:49 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-11-27 16:49 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-11-27 16:49 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-11-27 16:48 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-27 16:46 . 2010-05-04 18:39 248832 ----a-w- c:\windows\system32\msshsq.dll
2011-11-27 16:46 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-11-27 16:46 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-27 16:45 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-11-27 16:45 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-11-27 16:45 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-11-27 16:45 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-11-27 16:45 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-11-27 16:43 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-27 16:42 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-27 16:42 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-27 16:42 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-11-27 16:42 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-11-27 16:42 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-11-27 16:42 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-11-27 16:42 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-11-27 16:42 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-11-27 16:42 . 2010-01-29 16:22 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-11-27 16:42 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-11-27 16:42 . 2011-04-14 14:24 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-11-27 16:42 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll
2011-11-27 16:42 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-11-27 16:41 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-27 16:39 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-11-27 16:29 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll
2011-11-27 16:29 . 2011-02-12 04:28 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-11-27 11:00 . 2008-01-19 07:43 1081912 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-11-27 10:59 . 2008-01-19 07:36 533504 ----a-w- c:\windows\system32\wmdrmsdk.dll
2011-11-27 10:58 . 2008-01-19 07:37 1382912 ----a-w- c:\windows\system32\WMVSDECD.DLL
2011-11-27 10:57 . 2008-01-19 07:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe
2011-11-27 10:56 . 2008-01-19 07:36 175616 ----a-w- c:\windows\system32\syncui.dll
2011-11-27 10:55 . 2008-01-19 07:34 18944 ----a-w- c:\windows\system32\dmutil.dll
2011-11-27 10:53 . 2008-01-19 07:34 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2011-11-27 10:53 . 2008-01-19 07:36 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2011-11-27 10:53 . 2008-01-19 07:36 742912 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-11-27 10:53 . 2008-01-19 07:36 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2011-11-27 10:53 . 2008-01-19 07:34 191488 ----a-w- c:\windows\system32\wbem\mofd.dll
2011-11-27 10:53 . 2008-01-19 07:34 263168 ----a-w- c:\windows\system32\wbem\esscli.dll
2011-11-27 10:53 . 2008-01-19 07:36 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2011-11-27 10:53 . 2008-01-19 07:36 264704 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2011-11-27 10:53 . 2008-01-19 07:36 129536 ----a-w- c:\windows\system32\sqmapi.dll
2011-11-27 10:53 . 2008-01-19 07:36 704512 ----a-w- c:\windows\system32\SmiEngine.dll
2011-11-27 10:53 . 2008-01-19 07:36 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2011-11-27 10:52 . 2008-01-19 07:36 218624 ----a-w- c:\windows\system32\wdscore.dll
2011-11-27 10:52 . 2008-01-19 07:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2011-11-27 10:51 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2011-11-27 10:51 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2011-11-27 10:51 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2011-11-27 10:51 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2011-11-26 15:59 . 2011-11-26 15:59 -------- d-----w- c:\program files\Microsoft LifeCam
2011-11-26 15:57 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-11-26 15:57 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-11-26 12:30 . 2011-11-26 12:30 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-11-23 19:33 . 2011-11-23 19:33 -------- d-----w- c:\programdata\SonicStage
2011-11-23 19:21 . 2011-11-23 19:21 -------- d-----w- c:\windows\system32\Iosubsys
2011-11-23 19:20 . 2011-11-23 19:21 -------- d-----w- c:\program files\Common Files\Sony Shared
2011-11-21 08:17 . 2011-11-21 08:17 -------- d-----w- c:\program files\Common Files\EZB Systems
2011-11-20 16:44 . 2011-11-26 16:05 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-19 08:54 . 2011-11-19 08:54 -------- d-----r- c:\program files\Skype
2011-11-19 08:54 . 2011-11-19 08:54 -------- d-----w- c:\programdata\Skype
2011-11-18 19:38 . 2011-11-18 19:38 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-11-18 19:38 . 2011-11-18 19:38 269312 ----a-w- c:\windows\system32\es.dll
2011-11-18 19:32 . 2011-11-18 19:32 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-11-18 19:32 . 2011-11-18 19:32 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-11-18 19:32 . 2011-11-18 19:32 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-11-18 19:32 . 2011-11-18 19:32 11264 ----a-w- c:\windows\system32\icardres.dll
2011-11-18 19:32 . 2011-11-18 19:32 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-11-18 19:32 . 2011-11-18 19:32 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-11-18 18:52 . 2011-11-18 18:57 -------- d-----w- c:\program files\Common Files\Ahead
2011-11-18 18:41 . 2011-11-18 18:41 -------- d-----w- c:\windows\system32\ShellExt
2011-11-18 18:02 . 2011-01-19 16:47 22504 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-11-18 18:00 . 2011-11-18 18:25 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-11-18 17:59 . 2011-11-18 17:59 -------- d-----w- c:\windows\system32\Macromed
2011-11-18 17:55 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-11-18 17:55 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-11-18 17:55 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-11-18 17:55 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-11-18 17:55 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-11-18 17:55 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-11-18 17:55 . 2011-01-13 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-11-18 17:54 . 2011-11-18 17:54 -------- d-----w- c:\programdata\Apple Computer
2011-11-18 17:53 . 2011-11-26 15:43 -------- d-----w- c:\program files\Apple Software Update
2011-11-18 17:47 . 2011-11-30 12:53 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-18 17:43 . 2011-11-18 17:43 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-18 17:38 . 2011-11-18 17:38 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-11-18 16:55 . 2011-11-18 16:55 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-11-18 16:55 . 2011-11-18 16:55 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-11-18 16:35 . 2011-10-18 00:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3DB0958-1D24-44FA-879D-5CCCEBCE92EC}\mpengine.dll
2011-11-18 16:32 . 2011-11-18 16:32 -------- d-----w- c:\program files\Synaptics
2011-11-18 16:30 . 2011-11-18 16:30 -------- d-----w- c:\program files\Analog Devices
2011-11-18 16:28 . 2011-11-18 16:28 -------- d-----w- c:\program files\CONEXANT
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-27 11:25 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-11-27 11:25 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-11-18 19:37 . 2011-11-18 19:37 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-11-18 16:55 . 2011-11-18 16:55 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2011-11-15 21:54 . 2011-11-15 21:54 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-11-15 21:24 . 2011-11-15 21:24 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-11-15 21:24 . 2011-11-15 21:24 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-11-15 21:24 . 2011-11-15 21:24 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-11-15 21:24 . 2011-11-15 21:24 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-11-15 21:24 . 2011-11-15 21:24 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="d:\software\Eset\egui.exe" [2009-05-14 2029640]
"Malwarebytes' Anti-Malware"="d:\software\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]
2010-09-17 16:55 431464 ----a-w- c:\program files\ThinkPad\ConnectUtilities\ACTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACWlIcon]
2010-09-17 16:55 181608 ----a-w- c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2011-11-16 05:14 293376 ----a-w- c:\windows\System32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2009-12-01 01:39 256576 ------w- c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-11 19:13 166424 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-11 19:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-05-20 14:27 119152 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
2007-03-01 01:02 120368 ------w- c:\progra~1\Lenovo\LENOVO~1\LPMGR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-11 19:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 16:18 413696 ----a-w- d:\software\Quick\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Crawler]
2004-02-03 08:06 454656 ----a-w- d:\software\RCrawler\rcrawler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-07-10 09:40 1282048 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 ------w- d:\software\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-02-18 19:05 2423752 ----a-w- d:\software\Superspyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-04-22 23:16 1725736 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2010-05-20 14:27 762736 ----a-w- c:\windows\vVX1000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2008-01-19 07:36 2153472 ----a-w- c:\windows\System32\oobefldr.dll
.
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2011-11-18 12984]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-11-26 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 SASDIFSV;SASDIFSV;d:\software\Superspyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;d:\software\Superspyware\SASKUTIL.SYS [2010-05-10 67656]
S2 Angelnt;Angelnt;c:\windows\System32\Drivers\ANGELNT.SYS [2011-11-15 51072]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-01-19 22504]
S2 ekrn;ESET Service;d:\software\Eset\ekrn.exe [2009-05-14 731840]
S2 MBAMService;MBAMService;d:\software\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 SBSDWSCService;SBSD Security Center Service;d:\software\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 b57nd60x;%SvcDispName%;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMPROTECTOR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.centrum.sk/
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Zuzanka\AppData\Roaming\Mozilla\Firefox\Profiles\elkj8dr3.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.szco.sk
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TaskTray - (no file)
MSConfigStartUp-Google Update - c:\users\Zuzanka\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2576)
d:\software\Altap\plugins\salamext.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\conime.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2011-12-01 11:49:52 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-01 10:49
.
Pre-Run: Volných bajtů: 31 498 993 664
Post-Run: Volných bajtů: 31 231 344 640
.
- - End Of File - - B02C11F504B3E5608F23DFCB7928A874

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Business Edition SP1 [6.0 Build 6001] (x86)
Date : 2011/12/01 11:56:01

-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801G (řada ICH7) v režimu Ultra ATA - 27DF [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVDRAM GSA-4083N ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ Kanál IDE (0)
- ST910021AS ATA Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST910021AS : 100.0 GB [0-1-0, pd1]

----------------------------------------------------------------------------
(1) ST910021AS
----------------------------------------------------------------------------
Model : ST910021AS
Firmware : 4.06
Serial Number : 5MH01NTQ
Disk Size : 100.0 GB (8.4/100.0/100.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 195369455
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/150
Power On Hours : 8433 hours
Power On Count : 2545 count
Temparature : 44 C (111 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 101 _86 _34 000001EA39C3 Read Error Rate
03 _92 _92 __0 000000000000 Spin-Up Time
04 _97 _97 _20 000000000E4E Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _85 _60 _30 000014C114C0 Seek Error Rate
09 _91 _91 __0 0000000020F1 Power-On Hours
0A 100 _19 _34 000000000000 Spin Retry Count
0C _98 _98 _32 0000000009F1 Power Cycle Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BD __1 __1 __0 0000000010F9 High Fly Writes
BE _56 _36 _45 00002C17002C Airflow Temperature
C0 _83 _83 __0 000000008A1E Power-off Retract Count
C1 __1 __1 __0 0000001CFB5F Load/Unload Cycle Count
C2 _44 _64 __0 00020000002C Temperature
C3 _56 _47 __0 000001EA39C3 Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 199 __0 000000000006 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
CA 100 253 __0 000000000000 Data Address Mark Error

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0C 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 35 4D 48 30 31 4E 54 51 00 00 40 00 00 04 34 2E
030: 30 36 20 20 20 20 53 54 39 31 30 30 32 31 41 53
040: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 19 EF 0B A5 00 00 00 07
080: 00 03 00 78 00 78 00 F0 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 04 02 00 00 00 48 00 48
0A0: 00 FE 00 00 34 6B 7D 09 60 03 34 69 3C 09 60 03
0B0: 04 3F 00 00 00 00 80 80 FF FE 00 00 FE 00 00 00
0C0: 00 00 00 00 00 00 00 00 19 EF 0B A5 00 00 00 00
0D0: 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 22 30 0B A5 22 30 0B A5 20 20 00 02 C2 B6
110: 00 02 00 00 3C 06 3C 06 FF FF 07 C6 01 00 00 00
120: 10 0F 18 00 00 02 00 80 40 04 40 04 60 A2 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 0B
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 A5

Příspěvekod **Žbeky** » 01 pro 2011 17:51

A to je zas co za počítač? A kdo ti radil udělat combofix?

Příspěvekod **memphisto** » 01 pro 2011 17:52

Odinstaluj Spybot. Potom...

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\programdata\Spybot - Search & Destroy

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=-
"EnableUIADesktopToggle"=-

DDS::
mStart Page = hxxp://home.sweetim.com

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

robert81 · Příspěvekod **robert81** » 01 pro 2011 18:53

Je to ntb Lenovo Z61t,chcel som len vedieť či je soft OK.........niečo som pokazil tým keď som oskenoval systém combofixom?Pošlem teda ešte jeden log z hijack ako to vyzerá aktuálne..........alebo mám to teda ešte raz prebehnúť combofixom s týmto CFScriptom?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:04, on 1. 12. 2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\Software\Eset\egui.exe
C:\Windows\system32\conime.exe
D:\Download\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [egui] "D:\Software\Eset\egui.exe" /hide /waitservice
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Software\Eset\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Software\Eset\ekrn.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Software\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Software\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Software\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 4227 bytes

Příspěvekod **Žbeky** » 01 pro 2011 20:11

Já jen že můžeš víc věcí dodrbat než spravit... Takové hrrr hrrr šup šup mám ze všeho nejraději

Už udělej ten skript od memphista

robert81 · Příspěvekod **robert81** » 02 pro 2011 16:21

ComboFix 11-11-30.01 - Zuzanka . 12. 2011 15:58:05.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.421.1029.18.1014.223 [GMT 1:00]
Running from: c:\users\Zuzanka\Desktop\ComboFix.exe
Command switches used :: c:\users\Zuzanka\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Spybot - Search & Destroy
c:\programdata\Spybot - Search & Destroy\ProcCache.sbc
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM10.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM11.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM12.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM13.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM14.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM15.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM16.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM17.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM18.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM19.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM7.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM8.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM9.zip
.
.
((((((((((((((((((((((((( Files Created from 2011-11-02 to 2011-12-02 )))))))))))))))))))))))))))))))
.
.
2011-12-02 15:07 . 2011-12-02 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-01 10:11 . 2011-12-01 10:11 -------- d-----w- c:\programdata\Malwarebytes
2011-12-01 10:10 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 17:11 . 2011-11-28 17:11 -------- d-----w- c:\program files\Common Files\Adobe
2011-11-28 12:25 . 2011-05-28 06:08 129536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-11-28 12:25 . 2011-05-28 06:04 247808 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2011-11-28 12:25 . 2011-05-28 06:04 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-28 12:23 . 2011-02-17 06:23 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-11-28 12:23 . 2011-04-30 06:09 758784 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-11-27 16:56 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-11-27 16:51 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-11-27 16:51 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-11-27 16:51 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-11-27 16:51 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-11-27 16:51 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-11-27 16:50 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-11-27 16:50 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-11-27 16:50 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-11-27 16:49 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-11-27 16:49 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-11-27 16:49 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll
2011-11-27 16:49 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-11-27 16:49 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-11-27 16:49 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-11-27 16:49 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-11-27 16:49 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-11-27 16:48 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-27 16:46 . 2010-05-04 18:39 248832 ----a-w- c:\windows\system32\msshsq.dll
2011-11-27 16:46 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-11-27 16:46 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-27 16:45 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-11-27 16:45 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-11-27 16:45 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-11-27 16:45 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-11-27 16:45 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-11-27 16:43 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-27 16:42 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-27 16:42 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-27 16:42 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-11-27 16:42 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-11-27 16:42 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-11-27 16:42 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-11-27 16:42 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-11-27 16:42 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-11-27 16:42 . 2010-01-29 16:22 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-11-27 16:42 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-11-27 16:42 . 2011-04-14 14:24 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-11-27 16:42 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll
2011-11-27 16:42 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-11-27 16:41 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-27 16:39 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-11-27 16:29 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll
2011-11-27 16:29 . 2011-02-12 04:28 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-11-27 11:00 . 2008-01-19 07:43 1081912 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-11-27 10:59 . 2008-01-19 07:36 533504 ----a-w- c:\windows\system32\wmdrmsdk.dll
2011-11-27 10:58 . 2008-01-19 07:37 1382912 ----a-w- c:\windows\system32\WMVSDECD.DLL
2011-11-27 10:57 . 2008-01-19 07:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe
2011-11-27 10:56 . 2008-01-19 07:36 175616 ----a-w- c:\windows\system32\syncui.dll
2011-11-27 10:55 . 2008-01-19 07:34 18944 ----a-w- c:\windows\system32\dmutil.dll
2011-11-27 10:53 . 2008-01-19 07:34 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2011-11-27 10:53 . 2008-01-19 07:36 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2011-11-27 10:53 . 2008-01-19 07:36 742912 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-11-27 10:53 . 2008-01-19 07:36 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2011-11-27 10:53 . 2008-01-19 07:34 191488 ----a-w- c:\windows\system32\wbem\mofd.dll
2011-11-27 10:53 . 2008-01-19 07:34 263168 ----a-w- c:\windows\system32\wbem\esscli.dll
2011-11-27 10:53 . 2008-01-19 07:36 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2011-11-27 10:53 . 2008-01-19 07:36 264704 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2011-11-27 10:53 . 2008-01-19 07:36 129536 ----a-w- c:\windows\system32\sqmapi.dll
2011-11-27 10:53 . 2008-01-19 07:36 704512 ----a-w- c:\windows\system32\SmiEngine.dll
2011-11-27 10:53 . 2008-01-19 07:36 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2011-11-27 10:52 . 2008-01-19 07:36 218624 ----a-w- c:\windows\system32\wdscore.dll
2011-11-27 10:52 . 2008-01-19 07:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2011-11-27 10:51 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2011-11-27 10:51 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2011-11-27 10:51 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2011-11-27 10:51 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2011-11-26 15:59 . 2011-11-26 15:59 -------- d-----w- c:\program files\Microsoft LifeCam
2011-11-26 15:57 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-11-26 15:57 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-11-26 12:30 . 2011-11-26 12:30 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-11-23 19:33 . 2011-11-23 19:33 -------- d-----w- c:\programdata\SonicStage
2011-11-23 19:21 . 2011-11-23 19:21 -------- d-----w- c:\windows\system32\Iosubsys
2011-11-23 19:20 . 2011-11-23 19:21 -------- d-----w- c:\program files\Common Files\Sony Shared
2011-11-21 08:17 . 2011-11-21 08:17 -------- d-----w- c:\program files\Common Files\EZB Systems
2011-11-20 16:44 . 2011-11-26 16:05 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-19 08:54 . 2011-11-19 08:54 -------- d-----r- c:\program files\Skype
2011-11-19 08:54 . 2011-11-19 08:54 -------- d-----w- c:\programdata\Skype
2011-11-18 19:38 . 2011-11-18 19:38 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-11-18 19:38 . 2011-11-18 19:38 269312 ----a-w- c:\windows\system32\es.dll
2011-11-18 19:32 . 2011-11-18 19:32 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-11-18 19:32 . 2011-11-18 19:32 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-11-18 19:32 . 2011-11-18 19:32 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-11-18 19:32 . 2011-11-18 19:32 11264 ----a-w- c:\windows\system32\icardres.dll
2011-11-18 19:32 . 2011-11-18 19:32 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-11-18 19:32 . 2011-11-18 19:32 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-11-18 18:52 . 2011-11-18 18:57 -------- d-----w- c:\program files\Common Files\Ahead
2011-11-18 18:41 . 2011-11-18 18:41 -------- d-----w- c:\windows\system32\ShellExt
2011-11-18 18:02 . 2011-01-19 16:47 22504 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-11-18 18:00 . 2011-11-18 18:25 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-11-18 17:59 . 2011-11-18 17:59 -------- d-----w- c:\windows\system32\Macromed
2011-11-18 17:55 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-11-18 17:55 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-11-18 17:55 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-11-18 17:55 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-11-18 17:55 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-11-18 17:55 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-11-18 17:55 . 2011-01-13 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-11-18 17:54 . 2011-11-18 17:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-11-18 17:54 . 2011-11-18 17:54 -------- d-----w- c:\programdata\Apple Computer
2011-11-18 17:53 . 2011-11-26 15:43 -------- d-----w- c:\program files\Apple Software Update
2011-11-18 17:43 . 2011-11-18 17:43 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-18 17:38 . 2011-11-18 17:38 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-11-18 16:55 . 2011-11-18 16:55 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-11-18 16:55 . 2011-11-18 16:55 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-11-18 16:35 . 2011-10-18 00:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3DB0958-1D24-44FA-879D-5CCCEBCE92EC}\mpengine.dll
2011-11-18 16:32 . 2011-11-18 16:32 -------- d-----w- c:\program files\Synaptics
2011-11-18 16:30 . 2011-11-18 16:30 -------- d-----w- c:\program files\Analog Devices
2011-11-18 16:28 . 2011-11-18 16:28 -------- d-----w- c:\program files\CONEXANT
2011-11-18 16:24 . 2011-11-18 16:24 675152 ----a-w- c:\windows\system32\gpprefcl.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-27 11:25 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-11-27 11:25 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-11-18 19:37 . 2011-11-18 19:37 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-11-18 16:55 . 2011-11-18 16:55 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2011-11-15 21:54 . 2011-11-15 21:54 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-11-15 21:24 . 2011-11-15 21:24 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-11-15 21:24 . 2011-11-15 21:24 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-11-15 21:24 . 2011-11-15 21:24 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-11-15 21:24 . 2011-11-15 21:24 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-11-15 21:24 . 2011-11-15 21:24 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="d:\software\Eset\egui.exe" [2009-05-14 2029640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]
2010-09-17 16:55 431464 ----a-w- c:\program files\ThinkPad\ConnectUtilities\ACTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACWlIcon]
2010-09-17 16:55 181608 ----a-w- c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2011-11-16 05:14 293376 ----a-w- c:\windows\System32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2009-12-01 01:39 256576 ------w- c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-11 19:13 166424 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-11 19:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-05-20 14:27 119152 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
2007-03-01 01:02 120368 ------w- c:\progra~1\Lenovo\LENOVO~1\LPMGR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-08-31 16:00 449608 ----a-w- d:\software\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-11 19:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 16:18 413696 ----a-w- d:\software\Quick\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Crawler]
2004-02-03 08:06 454656 ----a-w- d:\software\RCrawler\rcrawler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-07-10 09:40 1282048 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-04-22 23:16 1725736 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2010-05-20 14:27 762736 ----a-w- c:\windows\vVX1000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2008-01-19 07:36 2153472 ----a-w- c:\windows\System32\oobefldr.dll
.
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2011-11-18 12984]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-11-26 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S2 Angelnt;Angelnt;c:\windows\System32\Drivers\ANGELNT.SYS [2011-11-15 51072]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-01-19 22504]
S2 ekrn;ESET Service;d:\software\Eset\ekrn.exe [2009-05-14 731840]
S2 MBAMService;MBAMService;d:\software\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 b57nd60x;%SvcDispName%;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.centrum.sk/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Zuzanka\AppData\Roaming\Mozilla\Firefox\Profiles\elkj8dr3.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.szco.sk
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-SpybotSD TeaTimer - d:\software\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-SUPERAntiSpyware - d:\software\Superspyware\SUPERAntiSpyware.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-02 16:10
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2752)
d:\software\Altap\plugins\salamext.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Completion time: 2011-12-02 16:18:08 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-02 15:18
.
Pre-Run: Volných bajtů: 30 347 689 984
Post-Run: Volných bajtů: 30 167 961 600
.
- - End Of File - - E7DA555A3AD23954FE9FD1BF678DEEE3

Příspěvekod **jaro3** » 02 pro 2011 18:09

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\unrar.dll
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

robert81 · Příspěvekod **robert81** » 02 pro 2011 18:56

http://www.virustotal.com/file-scan/rep ... 1322847839

Nie som si istý či to je už otestované......

Příspěvekod **Žbeky** » 02 pro 2011 20:24

Jak se chová PC?

robert81 · Příspěvekod **robert81** » 02 pro 2011 20:42

Prestal mi fungovať nástroj rizeni uživatelských uctu...........nedá sa vypnúť..........Inak ntb ide celkom dobre..........nevieš poradiť akým sposobom to vypnúť?Bežným sposobom sa to nedá

Prosím o kontrolu logu-pomaly štart ntb Vyřešeno

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Re: Prosím o kontrolu logu-pomaly štart ntb

Kdo je online