Moc prosim o kontrolu logu (vyřešeno) Vyřešeno

[iMohos]

Mozná jsem trosku natvrdlý,ale nevím které cárky mylíte.V tom on-line testu tam zadné čárky nebyli :idea:

[Reklama]

[iMohos]

jeste kdyz kliknu na ten odkaz dole,vyleze mi:

Soubor H_tKeysH__k.DLL přijatý 2008.02.13 12:41:18 (CET)
Současný stav: Dokončeno
Výsledek: 14/32 (43.75%)

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2008.2.13.11 2008.02.13 Win-Trojan/Xema.variant
AntiVir 7.6.0.65 2008.02.13 -
Authentium 4.93.8 2008.02.13 -
Avast 4.7.1098.0 2008.02.13 -
AVG 7.5.0.516 2008.02.13 -
BitDefender 7.2 2008.02.13 -
CAT-QuickHeal None 2008.02.12 CrackTool.HotHook.dll (Not a Virus)
ClamAV 0.92 2008.02.13 Trojan.W32.HotKeysHook.A-2
DrWeb 4.44.0.09170 2008.02.13 Tool.Hatkeys
eSafe 7.0.15.0 2008.02.11 -
eTrust-Vet 31.3.5533 2008.02.13 -
Ewido 4.0 2008.02.12 -
FileAdvisor 1 2008.02.13 High threat detected
Fortinet 3.14.0.0 2008.02.13 W32/Hotkeys.B!tr
F-Prot 4.4.2.54 2008.02.12 W32/Keylogger.BQ
F-Secure 6.70.13260.0 2008.02.13 W32/HotKeys.A
Ikarus T3.1.1.20 2008.02.13 Win32.KeyLogger.HatKeys
Kaspersky 7.0.0.125 2008.02.13 -
McAfee 5228 2008.02.12 -
Microsoft 1.3204 2008.02.13 -
NOD32v2 2871 2008.02.13 Win32/Keylogger.HotKeysHook.A
Norman 5.80.02 2008.02.12 W32/HotKeys.A
Panda 9.0.0.4 2008.02.13 -
Prevx1 V2 2008.02.13 Generic.Malware
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.13 HotKeys Hook
Sunbelt 2.2.907.0 2008.02.13 -
Symantec 10 2008.02.13 -
TheHacker 6.2.9.218 2008.02.12 -
VBA32 3.12.6.0 2008.02.11 RiskWare.CrackTool.Win32.HotHook.dll
VirusBuster 4.3.26:9 2008.02.12 -
Webwasher-Gateway 6.6.2 2008.02.13 -
Rozšiřující informace
File size: 20480 bytes
MD5: 116ec20265b00cfe389518e2a0c7ed81
SHA1: d04c903ef681bb18dbf337ffa7ff2a9ccc8bedd6
PEiD: -
Bit9 info: http://fileadvisor.bit9.com/services/ex ... e2a0c7ed81
Prevx info: http://info.prevx.com/aboutprogramtext. ... 00016568B8

[Baron Prášil]

jo,tohle sem myslel

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:

Kód: Vybrat vše

File::
D:\Windows\System32\H@tKeysH@@k.DLL

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{145aa064-a8c2-11dc-a1cf-00030d695be5}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60fc9197-a1b1-11dc-a3b4-00030d695be5}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a884dcd3-a71e-11dc-97a2-00030d695be5}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8ad2658-a337-11dc-80e3-00030d695be5}]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[iMohos]

ComboFix 08-02-13.2 - Fazy 2008-02-14 16:42:57.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.1.1029.18.1238 [GMT 1:00]
Running from: D:\Users\Fazy\Desktop\ComboFix.exe
Command switches used :: D:\Users\Fazy\Desktop\CFScript.txt
* Created a new restore point

FILE
D:\Windows\System32\H@tKeysH@@k.DLL
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Windows\System32\H@tKeysH@@k.DLL

.
((((((((((((((((((((((((( Files Created from 2008-01-14 to 2008-02-14 )))))))))))))))))))))))))))))))
.

2008-02-13 15:02 . 2008-02-13 15:02 194,560 --a------ D:\Windows\System32\WebClnt.dll
2008-02-13 15:02 . 2008-02-13 15:02 110,080 --a------ D:\Windows\System32\drivers\mrxdav.sys
2008-02-13 14:54 . 2008-02-13 14:54 <DIR> d-------- D:\Program Files\Ubisoft
2008-02-13 14:54 . 2008-02-13 14:54 3,504,696 --a------ D:\Windows\System32\ntkrnlpa.exe
2008-02-13 14:53 . 2008-02-13 14:53 4,247,552 --a------ D:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 14:53 . 2008-02-13 14:53 1,686,528 --a------ D:\Windows\System32\gameux.dll
2008-02-13 07:37 . 2008-02-13 07:37 1,244,672 --a------ D:\Windows\System32\mcmde.dll
2008-02-12 20:48 . 2008-02-12 20:49 <DIR> d-------- D:\Program Files\Midnight Club 2
2008-02-12 20:09 . 2008-02-12 20:09 <DIR> d-a------ D:\Windows\zts2.exe
2008-02-12 20:09 . 2008-02-12 20:09 <DIR> d-a------ D:\Windows\System32\vcmgcd32.dll
2008-02-12 20:09 . 2008-02-12 20:09 <DIR> d-a------ D:\Windows\System32\iifgfgf.dll
2008-02-12 20:09 . 2008-02-12 20:09 <DIR> d-a------ D:\Windows\rundll16.exe
2008-02-12 20:09 . 2008-02-12 20:09 <DIR> d-a------ D:\Windows\rundl132.dll
2008-02-12 20:09 . 2008-02-12 20:09 <DIR> d-a------ D:\Windows\logo1_.exe
2008-02-12 20:09 . 2008-02-12 20:09 22 --a------ D:\Windows\REGBK00.ZIP
2008-02-12 20:01 . 2008-02-12 20:06 50 --a------ D:\Windows\Lic.xxx
2008-02-12 18:30 . 2008-02-12 18:30 268 --ah----- D:\sqmdata06.sqm
2008-02-12 18:30 . 2008-02-12 18:30 244 --ah----- D:\sqmnoopt06.sqm
2008-02-12 18:23 . 2008-02-12 18:23 <DIR> d-------- D:\Program Files\RegCleaner
2008-02-12 18:23 . 2008-02-12 18:23 <DIR> d-------- D:\Program Files\CCleaner
2008-02-12 14:44 . 2008-02-12 14:44 <DIR> d-------- D:\Heroes of Might and Magic V
2008-02-12 09:25 . 2008-02-12 09:25 <DIR> d-------- D:\Program Files\Codemasters
2008-02-11 21:50 . 2008-02-11 21:50 268 --ah----- D:\sqmdata05.sqm
2008-02-11 21:50 . 2008-02-11 21:50 244 --ah----- D:\sqmnoopt05.sqm
2008-02-11 19:14 . 2008-02-11 19:18 <DIR> d-------- D:\Colin.McRae.Rally.04-DEViANCE
2008-02-11 16:09 . 2004-08-18 09:34 442,368 -ra------ D:\Windows\System32\vp6vfw.dll
2008-02-11 11:12 . 2008-02-11 11:12 268 --ah----- D:\sqmdata04.sqm
2008-02-11 11:12 . 2008-02-11 11:12 244 --ah----- D:\sqmnoopt04.sqm
2008-02-11 08:54 . 2008-02-11 09:06 <DIR> d-------- D:\Sims 2
2008-02-10 21:33 . 2008-02-10 21:33 268 --ah----- D:\sqmdata03.sqm
2008-02-10 21:33 . 2008-02-10 21:33 244 --ah----- D:\sqmnoopt03.sqm
2008-02-10 14:10 . 2008-02-10 14:10 268 --ah----- D:\sqmdata02.sqm
2008-02-10 14:10 . 2008-02-10 14:10 244 --ah----- D:\sqmnoopt02.sqm
2008-02-09 22:40 . 2008-02-09 22:40 268 --ah----- D:\sqmdata01.sqm
2008-02-09 22:40 . 2008-02-09 22:40 244 --ah----- D:\sqmnoopt01.sqm
2008-02-08 23:10 . 2008-02-08 23:10 268 --ah----- D:\sqmdata00.sqm
2008-02-08 23:10 . 2008-02-08 23:10 244 --ah----- D:\sqmnoopt00.sqm
2008-02-08 22:50 . 2008-02-08 22:50 <DIR> d-------- D:\Users\Fazy\AppData\Roaming\Atari
2008-02-08 22:48 . 2008-02-08 22:48 <DIR> d-------- D:\Program Files\Common Files\PocketSoft
2008-02-08 22:48 . 2002-02-27 18:50 197,120 --a------ D:\Windows\patchw32.dll
2008-02-08 22:43 . 2008-02-08 22:43 <DIR> d-------- D:\Program Files\Atari
2008-02-08 21:17 . 2008-02-08 22:35 605,503,379 --a------ D:\Roller.coaster.Tycoon.3.-.Multilanguage. .Serial. .No-CD.Patch.(PC-ISO).[EliteTeamX.com].rar
2008-02-08 20:34 . 2008-02-08 20:34 <DIR> d-------- D:\Users\Fazy\AppData\Roaming\QIP
2008-02-07 18:00 . 2008-02-07 18:00 278,984 --a------ D:\Windows\System32\drivers\atksgt.sys
2008-02-07 18:00 . 2008-02-07 18:00 25,416 --a------ D:\Windows\System32\drivers\lirsgt.sys
2008-02-07 17:16 . 2008-02-07 17:16 <DIR> d-------- D:\Program Files\7-Zip
2008-02-06 20:08 . 2008-02-06 20:08 34,064 --a------ D:\Windows\System32\lhacm.acm
2008-02-06 19:20 . 2008-02-12 08:54 <DIR> d-------- D:\Users\Fazy\AppData\Roaming\Skype
2008-02-06 19:18 . 2008-02-06 19:18 <DIR> d-------- D:\Program Files\Skype
2008-02-04 18:47 . 2008-02-04 18:47 331 --a------ D:\Windows\doom3.ini
2008-02-04 18:38 . 2008-02-04 18:46 <DIR> d-------- D:\Program Files\DOOM 3
2008-02-03 20:02 . 2008-02-03 20:02 <DIR> d-------- D:\Windows\PIF
2008-01-30 19:52 . 2008-01-30 20:05 <DIR> d-------- D:\Program Files\Pcsx2_0.9.4
2008-01-29 21:58 . 2008-01-29 21:58 <DIR> d-------- D:\Program Files\Common Files\Steam
2008-01-29 21:43 . 2008-01-30 15:08 <DIR> d-------- D:\Program Files\ATI
2008-01-29 21:42 . 2008-01-29 22:00 <DIR> d-------- D:\Program Files\ATI Technologies
2008-01-27 17:59 . 2006-04-29 14:25 40,960 --a------ D:\Windows\System32\psfind.dll
2008-01-27 14:31 . 2008-01-31 13:19 <DIR> d-------- D:\Users\Fazy\AppData\Roaming\Hamachi
2008-01-27 14:30 . 2008-01-27 14:30 25,280 --a------ D:\Windows\System32\drivers\hamachi.sys
2008-01-26 21:12 . 2008-01-26 21:18 <DIR> d-------- D:\Program Files\VirtualDJ
2008-01-25 19:23 . 2007-12-03 02:10 644,400 --a------ D:\Windows\System32\MSCOMCT2.OCX
2008-01-25 13:08 . 2008-01-25 13:08 <DIR> d-------- D:\Windows\PCHEALTH
2008-01-25 13:01 . 2008-02-12 18:30 <DIR> d-------- D:\Program Files\Windows Live
2008-01-25 13:01 . 2008-01-25 13:08 <DIR> d--hsc--- D:\Program Files\Common Files\WindowsLiveInstaller
2008-01-25 13:00 . 2008-01-25 13:00 <DIR> d-------- D:\Users\All Users\WLInstaller
2008-01-25 13:00 . 2008-01-25 13:00 <DIR> d-------- D:\ProgramData\WLInstaller
2008-01-24 15:45 . 2008-01-24 15:45 <DIR> d-------- D:\Users\All Users\WinZip
2008-01-24 15:45 . 2008-01-24 15:45 <DIR> d-------- D:\ProgramData\WinZip
2008-01-23 14:59 . 2008-01-23 14:59 1,409 --a------ D:\Windows\QTFont.for
2008-01-23 14:58 . 2008-01-23 14:58 <DIR> d-------- D:\Program Files\iTunes
2008-01-23 14:58 . 2008-01-23 14:58 <DIR> d-------- D:\Program Files\iPod
2008-01-19 18:50 . 2008-01-19 18:50 <DIR> d-------- D:\Program Files\UltraISO
2008-01-19 18:50 . 2008-01-19 18:50 <DIR> d-------- D:\Program Files\Common Files\EZB Systems
2008-01-15 19:10 . 2008-02-07 19:33 54,904 --a------ D:\Users\Fazy\AppData\Roaming\GDIPFONTCACHEV1.DAT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-14 15:40 --------- d-----w D:\Program Files\Mozilla Firefox 3 Beta 1
2008-02-13 18:44 --------- d-----w D:\Program Files\ICQToolbar
2008-02-13 14:03 98,304 ----a-w D:\Windows\System32\CmdLineExt.dll
2008-02-13 14:00 943,800 ----a-w D:\Windows\System32\winload.exe
2008-02-13 14:00 905,400 ----a-w D:\Windows\System32\winresume.exe
2008-02-13 14:00 7,168 ----a-w D:\Windows\System32\f3ahvoas.dll
2008-02-13 14:00 613,888 ----a-w D:\Windows\System32\wpd_ci.dll
2008-02-13 14:00 6,656 ----a-w D:\Windows\System32\kbd106n.dll
2008-02-13 14:00 595,456 ----a-w D:\Windows\System32\schedsvc.dll
2008-02-13 14:00 558,080 ----a-w D:\Windows\System32\oleaut32.dll
2008-02-13 14:00 54,784 ----a-w D:\Windows\system32\drivers\i8042prt.sys
2008-02-13 14:00 495,160 ----a-w D:\Windows\system32\drivers\Wdf01000.sys
2008-02-13 14:00 39,424 ----a-w D:\Windows\System32\lodctr.exe
2008-02-13 14:00 35,384 ----a-w D:\Windows\system32\drivers\WdfLdr.sys
2008-02-13 14:00 35,384 ----a-w D:\Windows\system32\drivers\kbdclass.sys
2008-02-13 14:00 35,328 ----a-w D:\Windows\System32\dispci.dll
2008-02-13 14:00 34,360 ----a-w D:\Windows\system32\drivers\mouclass.sys
2008-02-13 14:00 32,256 ----a-w D:\Windows\System32\unlodctr.exe
2008-02-13 14:00 260,096 ----a-w D:\Windows\System32\dpx.dll
2008-02-13 14:00 23,552 ----a-w D:\Windows\System32\nshhttp.dll
2008-02-13 14:00 224,824 ----a-w D:\Windows\System32\clfs.sys
2008-02-13 14:00 221,696 ----a-w D:\Windows\System32\umpnpmgr.dll
2008-02-13 14:00 19,968 ----a-w D:\Windows\system32\drivers\sermouse.sys
2008-02-13 14:00 19,456 ----a-w D:\Windows\System32\cfgmgr32.dll
2008-02-13 14:00 17,408 ----a-w D:\Windows\System32\prflbmsg.dll
2008-02-13 14:00 15,872 ----a-w D:\Windows\system32\drivers\mouhid.sys
2008-02-13 14:00 15,872 ----a-w D:\Windows\system32\drivers\kbdhid.sys
2008-02-13 14:00 12,800 ----a-w D:\Windows\System32\batt.dll
2008-02-13 14:00 115,200 ----a-w D:\Windows\System32\loadperf.dll
2008-02-13 14:00 101,888 ----a-w D:\Windows\System32\drvinst.exe
2008-02-13 14:00 1,585,664 ----a-w D:\Windows\System32\setupapi.dll
2008-02-13 13:54 803,328 ----a-w D:\Windows\system32\drivers\tcpip.sys
2008-02-13 13:54 45,112 ----a-w D:\Windows\system32\drivers\pciidex.sys
2008-02-13 13:54 3,470,392 ----a-w D:\Windows\System32\ntoskrnl.exe
2008-02-13 13:54 24,064 ----a-w D:\Windows\System32\netcfg.exe
2008-02-13 13:54 22,016 ----a-w D:\Windows\System32\netiougc.exe
2008-02-13 13:54 216,632 ----a-w D:\Windows\system32\drivers\netio.sys
2008-02-13 13:54 21,560 ----a-w D:\Windows\system32\drivers\atapi.sys
2008-02-13 13:54 167,424 ----a-w D:\Windows\System32\tcpipcfg.dll
2008-02-13 13:54 154,624 ----a-w D:\Windows\system32\drivers\nwifi.sys
2008-02-13 13:54 15,928 ----a-w D:\Windows\system32\drivers\pciide.sys
2008-02-13 13:54 109,624 ----a-w D:\Windows\system32\drivers\ataport.sys
2008-02-13 13:54 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-02-13 13:53 537,600 ----a-w D:\Windows\AppPatch\AcLayers.dll
2008-02-13 13:53 449,536 ----a-w D:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 13:53 2,144,256 ----a-w D:\Windows\AppPatch\AcGenral.dll
2008-02-13 13:53 173,056 ----a-w D:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 06:38 824,832 ----a-w D:\Windows\System32\wininet.dll
2008-02-13 06:38 56,320 ----a-w D:\Windows\System32\iesetup.dll
2008-02-13 06:38 52,736 ----a-w D:\Windows\AppPatch\iebrshim.dll
2008-02-13 06:38 26,624 ----a-w D:\Windows\System32\ieUnatt.exe
2008-02-13 06:33 --------- d-----w D:\Users\Fazy\AppData\Roaming\uTorrent
2008-02-12 08:34 43,520 ----a-w D:\Windows\System32\CmdLineExt03.dll
2008-02-12 07:30 --------- d-----w D:\Users\Fazy\AppData\Roaming\skypePM
2008-02-11 15:09 --------- d-----w D:\Program Files\EA GAMES
2008-02-06 18:18 --------- d-----w D:\ProgramData\Skype
2008-02-03 19:14 22,328 ----a-w D:\Windows\system32\drivers\PnkBstrK.sys
2008-02-03 19:14 103,736 ----a-w D:\Windows\System32\PnkBstrB.exe
2008-02-02 10:46 --------- d---a-w D:\ProgramData\TEMP
2008-01-26 21:29 --------- d-----w D:\Program Files\GameSpy Arcade
2008-01-25 18:23 --------- d-----w D:\Program Files\Google
2008-01-24 08:54 --------- d-----w D:\ProgramData\Media Center Programs
2008-01-23 13:58 --------- d-----w D:\ProgramData\Apple Computer
2008-01-19 17:52 22,528 ----a-w D:\Windows\system32\drivers\nhcDriver.sys
2008-01-19 13:44 --------- d-----w D:\Program Files\QIP
2008-01-16 15:03 --------- d-----w D:\Program Files\Scorpions WinCheater
2008-01-10 17:24 --------- d-----w D:\Program Files\Windows Sidebar
2008-01-10 17:24 --------- d-----w D:\Program Files\Windows Mail
2008-01-10 17:20 211,000 ----a-w D:\Windows\system32\drivers\volsnap.sys
2008-01-10 17:20 11,776 ----a-w D:\Windows\System32\sbunattend.exe
2008-01-10 17:20 1,060,920 ----a-w D:\Windows\system32\drivers\ntfs.sys
2008-01-09 15:44 --------- d-----w D:\Users\Fazy\AppData\Roaming\Zoner
2008-01-09 15:40 --------- d-----w D:\Program Files\Zoner
2008-01-08 19:41 66,872 ----a-w D:\Windows\System32\PnkBstrA.exe
2008-01-08 16:22 --------- d-----w D:\Users\Fazy\AppData\Roaming\SecuROM
2008-01-08 16:05 --------- d-----w D:\Program Files\PowerISO
2007-12-31 11:13 --------- d-----w D:\Program Files\SmartFTP Client
2007-12-31 11:04 --------- d-----w D:\Users\Fazy\AppData\Roaming\SmartFTP
2007-12-30 17:30 --------- d-----w D:\Users\Fazy\AppData\Roaming\Apple Computer
2007-12-30 17:27 --------- d-----w D:\Program Files\Apple Software Update
2007-12-30 17:26 --------- d-----w D:\ProgramData\Apple
2007-12-30 10:50 --------- d-----w D:\Program Files\DVDVideoSoft
2007-12-30 10:50 --------- d-----w D:\Program Files\Common Files\DVDVideoSoft
2007-12-28 13:20 --------- d-----w D:\Program Files\AGEIA Technologies
2007-12-28 13:19 --------- d-----w D:\Program Files\Common Files\Wise Installation Wizard
2007-12-25 15:06 --------- d-----w D:\Users\Fazy\AppData\Roaming\ICQ
2007-12-22 14:20 --------- d-----w D:\Program Files\JoWooD
2007-12-16 18:43 --------- d-----w D:\Program Files\Graffiti Studio 2.0
2007-12-16 09:49 --------- d-----w D:\Program Files\Desktop Graffitist
2007-12-16 08:51 --------- d-----w D:\Users\Fazy\AppData\Roaming\Kecal
2007-12-16 08:51 --------- d-----w D:\Program Files\Kecal
2007-12-15 18:03 --------- d-----w D:\Program Files\Piranha Bytes
2007-12-14 20:13 --------- d-----w D:\ProgramData\ESET
2007-12-14 20:13 --------- d-----w D:\Program Files\ESET
2007-12-12 14:52 1,327,104 ----a-w D:\Windows\System32\quartz.dll
2007-12-12 14:51 9,728 ----a-w D:\Windows\System32\LAPRXY.DLL
2007-12-12 14:51 223,232 ----a-w D:\Windows\System32\WMASF.DLL
2007-12-10 16:02 73,216 ----a-w D:\Windows\ST6UNST.EXE
2007-12-10 16:02 249,856 ------w D:\Windows\Setup1.exe
2007-12-10 06:41 229,888 ----a-w D:\Windows\System32\msshsq.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="D:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 18:20 1232896]
"ehTray.exe"="D:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"Fraps"="D:\USERS\FAZY\FRAPS\FRAPS.EXE" [2007-07-12 12:09 3176621]
"DAEMON Tools"="D:\Program Files\DAEMON Tools\daemon.exe" [2007-08-29 16:09 171464]
"AGEIA PhysX SysTray"="D:\Program Files\AGEIA Technologies\bin\TrayIcon.exe" [2007-07-23 09:05 345640]
"StartCCC"="D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"WMPNSCFG"="D:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="D:\Program Files\Windows Defender\MSASCui.exe" [2007-11-30 17:35 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 11:11 4317184 D:\Windows\RtHDVCpl.exe]
"SMSERIAL"="D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 17:31 630784]
"NeroFilterCheck"="D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 20:46 153136]
"Monitor"="D:\Windows\PixArt\PAC207\Monitor.exe" [2006-11-03 11:01 319488]
"PWRISOVM.EXE"="D:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-07 01:05 200704]
"QuickTime Task"="D:\Program Files\VistaCodecPack\QT\QTTask.exe" [2008-01-10 15:27 385024]

D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE [2008-01-24 15:45:09 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

R0 AtiPcie;ATI PCI Express (3GIO) Filter;D:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 16:23]
R1 PSched;Plánovač paketů technologie QoS;D:\Windows\system32\DRIVERS\pacer.sys [2007-11-30 17:39]
R3 athr;Atheros Extensible Wireless LAN device driver;D:\Windows\system32\DRIVERS\athr.sys [2007-12-11 01:32]
R3 R300;R300;D:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 15:09]
R3 RTL8169;Realtek 8169 NT Driver;D:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-09 06:29]
S3 PAC207;SoC PC-Camera;D:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 11:34]
S3 Steam Client Service;Steam Client Service;D:\Program Files\Common Files\Steam\SteamService.exe [2008-01-29 21:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {C61E8F12-31F1-C2E6-DC0C-505CBF2BEE57} /qb
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-14 16:44:47
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-14 16:45:22
ComboFix-quarantined-files.txt 2008-02-14 15:45:20
ComboFix2.txt 2008-02-13 14:20:31
.
2008-02-14 14:39:25 --- E O F ---

[Baron Prášil]

co komp?

[iMohos]

Ja nevim,ale me se to pořád seká:-( Ale prece jen mam pocit,ze se to seká,ale méne.Ale pořád,jak kdyby tam neco porád pracovalo,nevim,jestli to nemuze jeste být taky ATi Catalistem,zkusim se v tom pohrabat.

[Baron Prášil]

podle návodu tady http://www.viry.cz/forum/viewtopic.php?t=11394
udělej a pošli logy z Process a Kernel Module

[iMohos]

Tak to uz zkouset nebudu:nchtel jsem to spustit,hodilo mi to bluescreena,pak se to startovalo asi 3/4 hodiny,vsechno se sekalo,tak sem to restartoval,pak to chodilo normálne,nastestí.Tak jestli by jste,mi poradil,prosím,jiný zpusob.

[Baron Prášil]

neporadím,neb nemám
hledání rootkitů je velmi otravné,už proto,že tam většinou nejsou.

zatím použij nástroje zde krom toho icewordu http://www.rootkit.cz/forum/viewtopic.php?t=14396

blacklight stáhni tady ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

[iMohos]

Dobrý den,barone,pardon ze sem tu nebyl tak dlouho (rodinne duvody),nakonec sem zjistil cim to vsechno s nejvetší pravdepodobností bylo:asi kvuly Widows Sidebar:D Ten totiz bral asi 3sec. jen 1% CPU,potom na chvíly asi 30%,a pak zase odznova:o Takze se vám omlouvám,ze sem vás zneuzíval díky takové veci,jako bylo zpomalování počítače díky Widows Sidebar.A dekuji za rady,urcite to k tomu melo také svuj význam :bigups:

[Baron Prášil]

za nic