PC-HELP.CZ

České diskuzní fórum o počítačích
https://pc-help.cnews.cz/

problém s pc

https://pc-help.cnews.cz/viewtopic.php?f=70&t=32039

Stránka 1 z 1

problém s pc

Napsal: 10 říj 2008 19:08
od nuder
Ahoj prosim mám problém nejdou mi některý procesy ukončit a je jich tam moc ....dále mi nejde mechanika nespouští automaticky cd a některý hry se sekaj....vše se stalo po tom co jsem měl virus alert...prosím pomozte mi...dík zde log z combofixu a z hijackthis ...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17, on 9.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\ferda\Dokumenty\antiviry\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8367 bytes

ComboFix 08-10-09.06 - ferda 2008-10-10 13:28:20.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.745 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\ferda\Dokumenty\antiviry\ComboFix.exe
* Vytvořen nový Bod Obnovení

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr1.dat

----- BITS: Možné infikované stránky -----

hxxp://78.157.143.198
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-09-10 do 2008-10-10 )))))))))))))))))))))))))))))))
.

2008-10-08 20:37 . 2008-10-08 20:37 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Nokia
2008-10-08 15:13 . 2008-10-08 15:13 <DIR> d-------- C:\Documents and Settings\ferda\lucka
2008-10-07 19:02 . 2008-10-07 19:02 <DIR> d---s---- C:\Documents and Settings\ferda\UserData
2008-10-01 16:36 . 2008-10-01 16:37 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\SPORE
2008-10-01 16:23 . 2008-10-01 16:23 <DIR> d-------- C:\Program Files\MSECache
2008-10-01 15:46 . 2008-10-10 11:53 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\skypePM
2008-10-01 15:46 . 2008-10-10 12:14 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Skype
2008-10-01 15:46 . 2008-10-01 15:46 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-10-01 15:45 . 2008-10-01 15:45 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-10-01 15:45 . 2008-10-01 15:45 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Skype
2008-09-28 10:41 . 2008-09-28 10:41 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Ahead
2008-09-28 10:39 . 2008-09-28 12:16 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Ahead
2008-09-28 09:57 . 2008-09-28 15:13 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Vso
2008-09-27 21:10 . 2008-09-27 21:10 <DIR> d-------- C:\Program Files\Codemasters
2008-09-27 21:09 . 2008-09-27 21:09 <DIR> d-------- C:\Documents and Settings\Táta\Data aplikací\InstallShield
2008-09-26 20:13 . 2008-09-26 20:14 <DIR> d-------- C:\Documents and Settings\Táta\Data aplikací\PC Suite
2008-09-26 20:13 . 2008-09-26 20:14 <DIR> d-------- C:\Documents and Settings\Táta\Data aplikací\Nokia
2008-09-26 14:44 . 2008-09-26 14:49 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-09-26 14:44 . 2008-09-26 14:44 22,328 --a------ C:\Documents and Settings\ferda\Data aplikací\PnkBstrK.sys
2008-09-26 14:34 . 2008-09-26 14:34 <DIR> d-------- C:\Program Files\Activision
2008-09-24 20:09 . 2008-09-24 20:10 <DIR> d-------- C:\Documents and Settings\Táta\Data aplikací\ICQ
2008-09-23 18:43 . 2008-09-23 18:43 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Lost Marble
2008-09-22 19:54 . 2008-09-22 19:54 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Malwarebytes
2008-09-22 19:34 . 2008-09-22 19:34 <DIR> d-------- C:\Program Files\Sun
2008-09-22 19:33 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-22 19:31 . 2008-09-22 19:33 <DIR> d-------- C:\Program Files\Java
2008-09-22 19:30 . 2008-09-22 19:30 <DIR> d-------- C:\Program Files\Common Files\Java
2008-09-22 18:04 . 2008-09-22 18:04 <DIR> d-------- C:\Program Files\Alwil Software
2008-09-22 17:15 . 2008-09-22 17:17 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\uTorrent
2008-09-21 20:44 . 2008-09-21 20:44 <DIR> d-------- C:\Documents and Settings\Táta\Data aplikací\ESET
2008-09-21 20:43 . 2008-10-01 22:32 <DIR> d-------- C:\Documents and Settings\Táta\Plocha
2008-09-21 20:43 . 2008-10-01 22:32 <DIR> d-------- C:\Documents and Settings\Táta\Plocha
2008-09-21 20:43 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\Táta\Okolní tiskárny
2008-09-21 20:43 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\Táta\Okolní tiskárny
2008-09-21 20:43 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\Táta\Okolní síť
2008-09-21 20:43 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\Táta\Okolní síť
2008-09-21 20:43 . 2008-09-21 20:44 <DIR> dr------- C:\Documents and Settings\Táta\Oblíbené položky
2008-09-21 20:43 . 2008-09-21 20:44 <DIR> dr------- C:\Documents and Settings\Táta\Oblíbené položky
2008-09-21 20:43 . 2007-02-19 19:52 <DIR> d--h----- C:\Documents and Settings\Táta\Šablony
2008-09-21 20:43 . 2007-02-19 19:52 <DIR> d--h----- C:\Documents and Settings\Táta\Šablony
2008-09-21 20:43 . 2007-02-19 20:43 <DIR> dr------- C:\Documents and Settings\Táta\Nabídka Start
2008-09-21 20:43 . 2007-02-19 20:43 <DIR> dr------- C:\Documents and Settings\Táta\Nabídka Start
2008-09-21 20:43 . 2008-10-08 20:38 <DIR> dr------- C:\Documents and Settings\Táta\Dokumenty
2008-09-21 20:43 . 2008-10-08 20:38 <DIR> dr------- C:\Documents and Settings\Táta\Dokumenty
2008-09-21 20:43 . 2008-09-27 21:09 <DIR> dr-h----- C:\Documents and Settings\Táta\Data aplikací
2008-09-21 20:43 . 2008-09-27 21:09 <DIR> dr-h----- C:\Documents and Settings\Táta\Data aplikací
2008-09-21 20:43 . 2008-09-21 20:43 <DIR> d-------- C:\Documents and Settings\Táta
2008-09-21 13:10 . 2008-09-21 13:10 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-09-21 13:09 . 2008-09-21 19:24 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-09-21 13:09 . 2008-09-21 13:09 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\SUPERAntiSpyware.com
2008-09-21 13:08 . 2008-09-21 13:08 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-20 19:30 . 2008-09-20 19:30 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\TmpRecentIcons
2008-09-20 18:28 . 2008-09-21 18:10 <DIR> d-------- C:\Documents and Settings\Administrator\Plocha
2008-09-20 18:28 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolní tiskárny
2008-09-20 18:28 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolní síť
2008-09-20 18:28 . 2007-02-19 20:43 <DIR> d-------- C:\Documents and Settings\Administrator\Oblíbené položky
2008-09-20 18:28 . 2007-02-19 19:52 <DIR> d--h----- C:\Documents and Settings\Administrator\Šablony
2008-09-20 18:28 . 2007-02-19 20:43 <DIR> dr------- C:\Documents and Settings\Administrator\Nabídka Start
2008-09-20 18:28 . 2007-02-19 20:43 <DIR> d-------- C:\Documents and Settings\Administrator\Dokumenty
2008-09-20 18:28 . 2007-02-19 20:43 <DIR> dr-h----- C:\Documents and Settings\Administrator\Data aplikací
2008-09-20 18:28 . 2008-09-20 18:28 <DIR> d-------- C:\Documents and Settings\Administrator
2008-09-20 16:37 . 2008-10-01 18:13 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\ICQ
2008-09-20 16:00 . 2008-09-20 16:00 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\ESET
2008-09-20 11:19 . 2008-09-20 11:19 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\Lavasoft
2008-09-20 10:20 . 2008-10-08 20:37 <DIR> d-------- C:\Documents and Settings\ferda\Data aplikací\PC Suite
2008-09-20 10:13 . 2008-10-03 17:39 <DIR> d-------- C:\Documents and Settings\ferda\Plocha
2008-09-20 10:13 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\ferda\Okolní tiskárny
2008-09-20 10:13 . 2007-02-19 20:43 <DIR> d--h----- C:\Documents and Settings\ferda\Okolní síť
2008-09-20 10:13 . 2008-09-27 08:51 <DIR> dr------- C:\Documents and Settings\ferda\Oblíbené položky
2008-09-20 10:13 . 2007-02-19 19:52 <DIR> d--h----- C:\Documents and Settings\ferda\Šablony
2008-09-20 10:13 . 2008-09-22 17:18 <DIR> dr------- C:\Documents and Settings\ferda\Nabídka Start
2008-09-20 10:13 . 2008-10-09 15:13 <DIR> dr------- C:\Documents and Settings\ferda\Dokumenty
2008-09-20 10:13 . 2008-10-08 20:37 <DIR> dr-h----- C:\Documents and Settings\ferda\Data aplikací
2008-09-20 10:13 . 2008-10-10 08:34 <DIR> d-------- C:\Documents and Settings\ferda
2008-09-20 08:12 . 2008-09-20 08:12 <DIR> d-------- C:\Program Files\CCleaner
2008-09-19 19:02 . 2008-03-03 14:25 5,702 --ah----- C:\WINDOWS\nod32restoretemdono.reg
2008-09-16 19:14 . 2008-10-01 12:04 <DIR> d-------- C:\Program Files\DesetiPrsty
2008-09-14 11:18 . 2008-09-14 11:18 <DIR> d-------- C:\WINDOWS\ERUNT
2008-09-13 14:52 . 2008-09-13 14:52 27 --a------ C:\WINDOWS\Lic.xxx
2008-09-13 14:51 . 2008-09-13 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2008-09-13 14:51 . 2004-08-18 14:00 147,968 --a------ C:\WINDOWS\R.COM
2008-09-13 14:51 . 2004-08-18 14:00 137,216 --a------ C:\WINDOWS\system32\T.COM
2008-09-13 13:25 . 2008-09-13 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-09-13 13:16 . 2008-09-13 18:13 14,483,488 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-13 13:16 . 2008-09-13 18:13 170,804 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-10 11:08 137,480 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-10 11:07 183,120 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-01 13:45 --------- d-----w C:\Program Files\Skype
2008-09-27 19:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-22 16:49 --------- d-----w C:\Program Files\ICQ6
2008-09-20 08:37 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\avg8
2008-09-18 16:56 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-09-13 12:02 --------- d-----w C:\Program Files\ICQToolbar
2008-09-12 18:28 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2008-09-11 13:03 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Eset
2008-09-07 17:08 --------- d-----w C:\Program Files\AutoCAD 2009
2008-09-07 17:05 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-09-07 13:03 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-09-07 12:58 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Autodesk
2008-09-06 14:48 4,400 ----a-w C:\WINDOWS\system32\ealregsnapshot1.reg
2008-09-06 14:48 --------- d-----w C:\Program Files\Electronic Arts
2008-09-05 12:52 356,352 ----a-w C:\WINDOWS\eSellerateEngine.dll
2008-08-28 12:17 --------- d-----w C:\Program Files\EA GAMES
2008-08-27 09:21 --------- d-----w C:\Program Files\Rockstar Games
2008-08-25 14:57 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\WinZip
2008-08-22 14:11 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-22 14:11 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-08-22 14:09 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Installations
2008-08-22 14:08 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-08-22 14:08 --------- d-----w C:\Program Files\Nokia
2008-08-22 14:08 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-22 14:08 --------- d-----w C:\Program Files\Common Files\Nokia
2008-08-22 13:45 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\PC Suite
2008-08-22 13:39 --------- d-----w C:\Program Files\DIFX
2008-07-19 06:56 10,520 ----a-w C:\WINDOWS\system32\avgrsstx(2).dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2007-11-19 13:32 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
.

((((((((((((((((((((((((((((( snapshot@2008-09-28_ 9.51.06.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-26 18:12:56 396,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 09:10:18 16,874,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-21 16:56:50 8,425,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 13:18:34 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-10 07:04:28 846,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 08:11:42 1,767,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-21 17:00:06 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-03-21 16:58:40 4,145,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-03-21 16:58:46 24,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2007-05-10 08:25:40 14,677,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-09-14 19:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 22:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 03:00:34 1,767,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 03:00:48 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2007-10-02 18:00:06 14,708,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020050400000000000F01FEC\12.0.6215\XL12CNV.EXE
+ 2008-10-02 21:27:03 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0405-0000-0000000FF1CE}\O12ConvIcon.exe
- 2008-09-08 06:19:14 409,488 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-02 06:34:04 410,288 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-10 07:28:17 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_548.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 81920]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-18 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBandCustomize"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22204:TCP"= 22204:TCP:BitComet 22204 TCP
"22204:UDP"= 22204:UDP:BitComet 22204 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-18 69120]
.
Obsah adresáře 'Naplánované úlohy'

2008-10-10 C:\WINDOWS\Tasks\A5C2A7F090812590.job
- c:\docume~1\mydva~1\dataap~1\thebas~1\OPEN MPEG README.exe []
.
.
------- Doplňkový sken -------
.
FireFox -: Profile - C:\Documents and Settings\ferda\Data aplikací\Mozilla\Firefox\Profiles\edltylq0.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - google.cz
FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-10 13:31:37
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2008-10-10 13:33:59
ComboFix-quarantined-files.txt 2008-10-10 11:33:43

Před spuštěním: Volných bajtů: 27 207 385 088
Po spuštění: Volných bajtů: 27,211,292,672

251 --- E O F --- 2008-10-02 21:27:04

Re: problém s pc

Napsal: 10 říj 2008 22:00
od jaro3
Logy vypadají čisté, zkus pomocí CCleaneru vyčistit registry a opravit problémy, defragmentaci HDD a jeho kontrolu na chyby.Možnost narušení win- zkusit opravit konzolí nebo WinXP managerem...

Re: problém s pc

Napsal: 11 říj 2008 17:34
od nuder
ahoj dík za ty rady....zkusil jsem zkontrlovat chyby toho hdd ale nic :(....jak si psal ten xpmanager nebo nák tak tak já snim, ale neumim.....i když možná, že nejjepší bude asi ten windows přeinstalovat...ale stejně dík

Re: problém s pc

Napsal: 11 říj 2008 17:40
od Diallix
Este pockajte.

Ta neaktivita CD mechaniky je sposobena koli combofixu.

Stiahnite si tento subor a nasledne ho spustite:
http://leteckaposta.cz/316903490

Po aplikovani suboru je nutne pc restartovat.

S tymi subormi. Ake konkretne Vam nejdu zastavit a ake Vam najviac v CTRL+ALT+DELETE >> PROCESY, najviac zatazuju system?

Re: problém s pc

Napsal: 11 říj 2008 18:35
od nuder
děkuji za ten autorun hned vyzkoušim noo ty procesy ...to je různý...třeba mám cod 4 a tam je takový panbuster a to třeba nejde...vždy šlo...někdy wauclt.....nejvíce mi zatěžujou svchost.exe a explorer.exe jinak tam mám třeba např...NMIndexstoresvr.exe a to vůbec nevim co to je ...ale stejně dík moc ...jinak třeba firefox mi vypnout jde

Re: problém s pc

Napsal: 11 říj 2008 20:05
od Diallix
Moment.
Mohol by ste mi sem dat presny nazov tych suborov? Pretoze wauclt.exe je malware ktore vo Vasom pc nevidim.

NMIndexstoresvr.exe, je uplna zbytocnost od NERA a tieto veci niekedy robia velku sarapatu, ze velmi zaberaju.
Dajte mi sem presny nazov tych suborov s ktorymi mate problem a potom ich roztriedime.

Re: problém s pc

Napsal: 11 říj 2008 20:12
od nuder
ten wauclt.exe je, ale jen někdy ...například při startu pc ...jinak to po asi 10 minut zmizí..pokud vám to nevadí tak vám sem dávám obrázek těch procesů co mám jinak nevím přesně co po mě chce..ale jinak vám stejně moc děkuji
.
Časové pásmo: UTC+02:00
Stránka 1 z 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/