Prosím o kontrolu logu,utíká myš

lucie7272 · Příspěvekod **lucie7272** » 30 bře 2014 22:52

Tak jsem zkusila i jinou myš a taky utika :-(

Reklama

Kim Spotcom · Příspěvekod **Kim Spotcom** » 30 bře 2014 23:48

//Už jednou jsi byl varován, že v HJT nemáš co pohledávat. Druhá žlutá pro tebe. Žbeky

lucie7272 · Příspěvekod **lucie7272** » 31 bře 2014 08:29

co se to tu deje? To bylo na me , že tu nemam co delat??? :-O

Příspěvekod **jaro3** » 31 bře 2014 09:52

Ne na Tebe , na Kim Spotcom..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\HideWin.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Google\Update


Registry::

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\midimap.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

lucie7272 · Příspěvekod **lucie7272** » 31 bře 2014 10:15

ComboFix 14-03-24.01 - Lucka 31.03.2014 10:02:06.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1790.1312 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucka\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\HideWin.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.22.5\GoogleUpdate.exe
c:\program files\Google\Update\1.3.22.5\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.22.5\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.22.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.22.5\goopdate.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_am.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ar.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_bg.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_bn.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ca.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_cs.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_da.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_de.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_el.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_en.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_es.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_et.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_fa.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_fi.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_fil.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_fr.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_gu.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_hi.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_hr.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_hu.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_id.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_is.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_it.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_iw.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ja.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_kn.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ko.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_lt.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_lv.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ml.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_mr.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ms.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_nl.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_no.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_pl.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ro.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ru.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_sk.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_sl.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_sr.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_sv.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_sw.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ta.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_te.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_th.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_tr.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_uk.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_ur.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_vi.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.22.5\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.22.5\psmachine.dll
c:\program files\Google\Update\1.3.22.5\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_33.0.1750.146_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-28 do 2014-03-31 )))))))))))))))))))))))))))))))
.
.
2014-03-28 18:59 . 2014-03-28 18:59 -------- d-----w- c:\windows\ERUNT
2014-03-28 18:51 . 2014-03-28 18:51 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Windows Search
2014-03-28 16:42 . 2014-03-28 16:42 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Malwarebytes
2014-03-28 16:37 . 2014-03-28 16:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-03-28 16:23 . 2014-03-28 18:43 -------- d-----w- C:\AdwCleaner
2014-03-28 12:43 . 2014-03-28 12:43 388096 ----a-r- c:\documents and settings\Lucka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 12:43 . 2014-03-28 12:43 -------- d-----w- c:\program files\Trend Micro
2014-03-23 19:10 . 2014-03-23 19:10 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\eCyber
2014-03-23 07:32 . 2014-03-23 07:32 -------- d-----w- c:\program files\Samsung
2014-03-21 12:57 . 2014-03-22 17:31 -------- d-----w- c:\program files\All Ten Fingers
2014-03-21 12:56 . 2014-03-21 12:57 339456 ----a-w- c:\windows\UIA200.exe
2014-03-20 11:25 . 2014-03-23 07:33 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Samsung
2014-03-20 11:25 . 2006-05-03 21:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2014-03-20 11:25 . 2003-02-21 17:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2014-03-20 11:24 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2014-03-20 11:24 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2014-03-20 11:24 . 2007-07-03 15:58 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2014-03-20 11:24 . 2007-07-03 15:57 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2014-03-20 11:24 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2014-03-20 11:24 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2014-03-20 11:24 . 2007-07-03 15:54 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2014-03-20 11:24 . 2014-03-20 11:24 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2014-03-20 11:24 . 2006-07-24 15:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2014-03-14 13:33 . 2007-03-05 06:32 201216 ----a-w- c:\windows\system32\mediarcpt.dll
2014-03-14 13:33 . 2014-03-20 09:04 -------- d-----w- c:\program files\Recepty doma
2014-03-11 19:23 . 2014-03-11 19:23 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2014-03-11 19:02 . 2014-02-24 11:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2014-03-11 19:02 . 2014-02-24 11:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2014-03-11 19:02 . 2014-02-24 11:35 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2014-03-11 19:02 . 2014-02-24 11:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2014-03-11 19:02 . 2014-02-24 11:35 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2014-03-11 19:02 . 2014-02-24 11:35 2006016 -c----w- c:\windows\system32\dllcache\iertutil.dll
2014-03-11 19:02 . 2014-02-24 11:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2014-03-11 19:02 . 2014-02-24 11:35 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll
2014-03-11 19:00 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-11 19:00 . 2014-02-26 23:28 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-11 18:47 . 2014-03-11 18:48 -------- d-----w- c:\windows\system32\URTTemp
2014-03-11 18:40 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-03-11 18:40 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-03-11 18:40 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-03-11 18:40 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-03-11 18:40 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2014-03-11 18:39 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-03-11 18:39 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-03-11 18:39 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-03-11 18:39 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-03-11 18:37 . 2013-02-27 00:21 223232 -c----w- c:\windows\system32\dllcache\wksprt.exe
2014-03-11 18:37 . 2013-02-27 00:21 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2014-03-11 18:37 . 2013-02-27 05:31 2691072 -c----w- c:\windows\system32\dllcache\mstscax.dll
2014-03-11 18:36 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-03-10 21:23 . 2014-03-10 21:23 -------- d-----w- c:\program files\IVT Corporation
2014-03-10 20:53 . 2014-03-10 20:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Bluetooth
2014-03-10 06:32 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2014-03-10 06:32 . 2014-03-10 06:32 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-03-10 06:31 . 2014-03-10 06:31 -------- d-----w- c:\program files\Free Viewer
2014-03-10 06:16 . 2014-03-10 06:16 -------- d-----w- c:\program files\CIT.cz
2014-03-10 06:16 . 2000-01-04 04:39 212992 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2014-03-03 20:27 . 2010-05-13 17:34 14232 ----a-w- c:\windows\system32\sh4native.exe
2014-03-03 19:41 . 2014-03-03 19:41 -------- d-----w- c:\program files\Enigma Software Group
2014-03-03 19:41 . 2014-03-03 19:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2014-03-02 15:56 . 2014-03-06 08:36 -------- d-----w- C:\Shoty
2014-03-02 15:55 . 2014-03-02 15:56 -------- d-----w- c:\program files\ScreenShots
2014-03-01 18:10 . 2014-03-01 18:10 -------- d-----w- c:\program files\Common Files\Adobe
2014-03-01 09:34 . 2014-03-01 11:49 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Zoner
2014-03-01 09:34 . 2014-03-01 11:42 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\Zoner
2014-03-01 09:33 . 2014-03-01 09:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Zoner
2014-03-01 09:33 . 2014-03-01 11:41 -------- d-----w- c:\program files\Zoner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 18:06 . 2014-02-26 17:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 18:06 . 2014-02-26 17:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-02 08:18 . 2008-04-14 11:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2014-02-26 18:04 . 2014-02-26 18:04 57939 ----a-w- C:\Uninstal.exe
2014-02-26 17:15 . 2014-02-26 17:15 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-02-26 17:15 . 2014-02-26 17:15 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-26 17:15 . 2014-02-26 17:15 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-02-26 17:15 . 2014-02-26 17:15 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-26 17:15 . 2014-02-26 17:15 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-02-26 17:15 . 2014-02-26 17:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-26 17:15 . 2014-02-26 17:15 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-26 17:15 . 2014-02-26 17:15 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-26 17:15 . 2014-02-26 17:15 43152 ----a-w- c:\windows\avastSS.scr
2014-02-26 16:34 . 2014-02-26 16:34 315392 ----a-w- c:\windows\HideWin.exe
2014-02-24 11:35 . 2010-01-14 15:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-24 11:35 . 2010-01-14 15:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:35 . 2010-01-14 14:59 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54 . 2010-01-14 15:00 385024 ----a-w- c:\windows\system32\html.iec
2014-02-13 12:46 . 2014-02-13 12:46 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2014-02-07 06:36 . 2010-01-14 15:02 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55 . 2010-01-14 15:01 563712 ----a-w- c:\windows\system32\qedit.dll
2014-01-04 03:12 . 2010-01-14 15:02 420864 ----a-w- c:\windows\system32\vbscript.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 11:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 11:00 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 11:00 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[7] 2010-01-14 . 4212BABCC4408B052193DABAD9A691AB . 509440 . . [5.1.2600.5788] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2010-01-14 . 36729DA8037FF58F8FFAA39A58382612 . 548864 . . [5.1.2600.5788] . . c:\windows\system32\winlogon.exe
[-] 2010-01-14 . 36729DA8037FF58F8FFAA39A58382612 . 548864 . . [5.1.2600.5788] . . c:\windows\system32\dllcache\winlogon.exe
.
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2010-01-14 . 066FE6E93EBD781CF4FF9478D1C96C79 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2014-02-24 . 83398F56F4B4946B247763D700A244E8 . 6022144 . . [8.00.6001.23569] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-01-14 . 9D314090668BBE26E0BE5BBF9C6068BD . 6105600 . . [8.00.6001.22945] . . c:\windows\ie8updates\KB2925418-IE8\mshtml.dll
[7] 2010-01-14 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2010-01-14 . 9D314090668BBE26E0BE5BBF9C6068BD . 6105600 . . [8.00.6001.22945] . . c:\windows\system32\mshtml.dll
.
[7] 2010-01-14 . A88D1807EF5370F4313C58D137D6F7B4 . 578560 . . [5.1.2600.5577] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2010-01-14 . 396A99C7B9CD4BF150F63EAB2ADF58DA . 578560 . . [5.1.2600.5577] . . c:\windows\system32\user32.dll
[-] 2010-01-14 . 396A99C7B9CD4BF150F63EAB2ADF58DA . 578560 . . [5.1.2600.5577] . . c:\windows\system32\dllcache\user32.dll
.
[7] 2014-02-24 . 57A4C70E6652DCCD0ADC94364718B891 . 920064 . . [8.00.6001.23569] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-01-14 . 19504459C7CDB8DB06B338FC8B5967BD . 983040 . . [8.00.6001.22945] . . c:\windows\ie8updates\KB2925418-IE8\wininet.dll
[7] 2010-01-14 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2010-01-14 . 19504459C7CDB8DB06B338FC8B5967BD . 983040 . . [8.00.6001.22945] . . c:\windows\system32\wininet.dll
.
[-] 2010-01-14 . DD0A17917ACBB8CA8A2AB260CBDBFF62 . 1541120 . . [6.00.2900.5634] . . c:\windows\explorer.exe
[7] 2010-01-14 . 8AB626E4E4B289646E11311E66FB0B88 . 1034240 . . [6.00.2900.5634] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2010-01-14 . DD0A17917ACBB8CA8A2AB260CBDBFF62 . 1541120 . . [6.00.2900.5634] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[7] 2013-08-05 . C7B8A9BCD06540591B70B0D459039D83 . 1289216 . . [5.1.2600.6435] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\$NtUninstallKB2876217$\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2010-01-14 . 924A03096E662D7B413CF46706B809AC . 1288192 . . [5.1.2600.5692] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\system32\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-10-09 . FF876311F58C86EC3E1A24F585949C25 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[7] 2010-01-14 . 5FB6576F86C47C3CD3CE86E6F6D4EFE9 . 345088 . . [5.1.2600.5589] . . c:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2010-01-14 . 86758EFFC9BA0CDC9802EBC30369F89D . 369152 . . [5.1.2600.5589] . . c:\windows\system32\hnetcfg.dll
[-] 2010-01-14 . 86758EFFC9BA0CDC9802EBC30369F89D . 369152 . . [5.1.2600.5589] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[7] 2010-01-14 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\NiwradSoft Shell Pack\Backup\IEXPLORE.EXE
[-] 2010-01-14 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-26 17:15 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-26 3767096]
"chrome.exe"="c:\program files\Google\Chrome\Application\chrome.exe" [2014-03-15 859976]
"Core Temp.exe"="c:\documents and settings\Lucka\Plocha\Core Temp.exe" [2013-03-01 763856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-26 3767096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-01-14 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sh4native Sh4Removal
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [26.2.2014 19:15 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [26.2.2014 19:15 180248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 21:45 20744]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 17:01 29056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [26.2.2014 19:15 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [26.2.2014 19:15 410784]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [26.2.2014 20:12 913752]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [26.2.2014 19:15 67824]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [27.2.2009 17:40 143467]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [26.2.2014 22:25 103040]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 13:44 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 15:58 26248]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 16:00 48472]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [26.2.2014 22:29 43816]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [14.1.2010 17:04 9472]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - ALSysIO
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:33 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26 18:06]
.
2014-03-31 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-26 17:15]
.
2014-03-11 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
.
2014-03-31 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-31 10:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1076)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(3228)
c:\windows\system32\COMRes.dll
c:\windows\system32\msi.dll
c:\windows\System32\cscui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2014-03-31 10:13:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-03-31 08:13
ComboFix2.txt 2014-03-30 15:00
.
Před spuštěním: Volných bajtů: 290 649 903 104
Po spuštění: Volných bajtů: 290 402 766 848
.
- - End Of File - - 11178BCED8456568E5A5EA926BB16235
413FC2A0C716421B3158746D63736515

lucie7272 · Příspěvekod **lucie7272** » 31 bře 2014 10:17

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:17:21, on 31.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKCU\..\Run: [chrome.exe] C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Core Temp.exe] C:\Documents and Settings\Lucka\Plocha\Core Temp.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory Card Service (O2Flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

--
End of file - 5761 bytes

lucie7272 · Příspěvekod **lucie7272** » 31 bře 2014 10:31

https://www.virustotal.com/cs/file/e9ab ... 396254446/

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-31 10:31:29
-----------------------------
10:31:29.375 OS Version: Windows 5.1.2600 Service Pack 3
10:31:29.375 Number of processors: 2 586 0x301
10:31:29.375 ComputerName: PC-C16C7E50B55E UserName: Lucka
10:31:30.375 Initialize success
10:31:33.312 AVAST engine defs: 14033100
10:31:54.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:31:54.796 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
10:31:54.953 Disk 0 MBR read successfully
10:31:54.968 Disk 0 MBR scan
10:31:54.968 Disk 0 Windows XP default MBR code
10:31:54.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63
10:31:54.984 Disk 0 scanning sectors +625121280
10:31:55.046 Disk 0 scanning C:\WINDOWS\system32\drivers
10:32:02.703 Service scanning
10:32:16.406 Modules scanning
10:32:20.937 Disk 0 trace - called modules:
10:32:20.968 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:32:20.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89beeab8]
10:32:20.984 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000088[0x89c2e3b8]
10:32:20.984 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89c28d98]
10:32:21.828 AVAST engine scan C:\WINDOWS
10:32:26.484 AVAST engine scan C:\WINDOWS\system32
10:34:42.078 AVAST engine scan C:\WINDOWS\system32\drivers
10:35:00.765 AVAST engine scan C:\Documents and Settings\Lucka
10:36:24.875 AVAST engine scan C:\Documents and Settings\All Users
10:36:57.796 Scan finished successfully
10:37:15.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lucka\Plocha\MBR.dat"
10:37:15.750 The log file has been saved successfully to "C:\Documents and Settings\Lucka\Plocha\aswMBR.txt"

U toho WhoCrashed se mi zobrazi jakesi okno a na nic nereaguje a ani nejde analyzovat proste nic jen zavřit.

Udělala jsem screenshot,toho co se mi objevuje za to okno ,ale nejsem schopna sem tu fotku vlozit :-(

Příspěvekod **memphisto** » 31 bře 2014 18:11

Zkus ve správci zařízení odebrat ovladačew pro USB a restartovat a nechat je z netu znovu načíst

Klik pravým na Počítač v liště START a vybrat Spravovat - Správce zařízení - Řadiče USB a všechny je odinstalovat a pak restartovat a nainstalovat nové ovladače k chipsetu desky

lucie7272 · Příspěvekod **lucie7272** » 31 bře 2014 18:30

Tak provedeno :-)

a asi počkám tedy do zítra jak se myška jedna bude chovat, když to bude ok dám určite vedet, zatim tedy moc děkuju.Jeste jsem te chtela poprosit jak a zda vubec se dá odstranit ta hlaska při startu od toho spyhuntera. Už jsem to dávno odinstalovala, ale stale při startu mi naskočí modra obrazovka a tam Enigma Softwer Group a pod tim dalsi nejaké dva rádky co k tomu patří. Jako nijak to nezpomaluje, jen me to tam strašne rozčiluje a hlavne nevim jestli to v pc neco dela nebo co to je.

Příspěvekod **jaro3** » 01 dub 2014 09:42

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\HideWin.exe

Folder::
c:\windows\system32\URTTemp

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

lucie7272 · Příspěvekod **lucie7272** » 01 dub 2014 10:36

Snad je to ono :-)

--------------------------------------------------------------------------------
Welcome to WhoCrashed (HOME EDITION) v 5.01
--------------------------------------------------------------------------------

This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.

Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.

This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.

To obtain technical support visit www.resplendence.com/support

Click here to check if you have the latest version or if an update is available.

Just click the Analyze button for a comprehensible report ...

--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------

This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which allows you to perform more thorough and detailed analysis. It also offers a range of additional features such as remote analysis on remote directories and remote computers on the network.

Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.

--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------

computer name: PC-C16C7E50B55E
windows version: Windows XP Service Pack 3, 5.1, build: 2600
windows dir: C:\WINDOWS
Hardware: Extensa 5430, Acer
CPU: AuthenticAMD AMD Athlon(tm) X2 Dual-Core QL-60 AMD586, level: 17
2 logical processors, active mask: 3
RAM: 1877250048 total
VM: 2147352576, free: 2039640064

--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

No valid crash dumps have been found on your computer

--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

=================================================================================================================================
ComboFix 14-03-24.01 - Lucka 01.04.2014 9:55.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1790.1296 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucka\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\HideWin.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-01 do 2014-04-01 )))))))))))))))))))))))))))))))
.
.
2014-03-31 10:29 . 2014-03-31 10:29 -------- d-----w- c:\program files\WhoCrashed
2014-03-28 18:59 . 2014-03-28 18:59 -------- d-----w- c:\windows\ERUNT
2014-03-28 18:51 . 2014-03-28 18:51 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Windows Search
2014-03-28 16:42 . 2014-03-28 16:42 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Malwarebytes
2014-03-28 16:37 . 2014-03-28 16:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-03-28 16:23 . 2014-03-28 18:43 -------- d-----w- C:\AdwCleaner
2014-03-28 12:43 . 2014-03-28 12:43 388096 ----a-r- c:\documents and settings\Lucka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 12:43 . 2014-03-28 12:43 -------- d-----w- c:\program files\Trend Micro
2014-03-23 19:10 . 2014-03-23 19:10 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\eCyber
2014-03-23 07:32 . 2014-03-23 07:32 -------- d-----w- c:\program files\Samsung
2014-03-21 12:57 . 2014-03-22 17:31 -------- d-----w- c:\program files\All Ten Fingers
2014-03-21 12:56 . 2014-03-21 12:57 339456 ----a-w- c:\windows\UIA200.exe
2014-03-20 11:25 . 2014-03-23 07:33 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Samsung
2014-03-20 11:25 . 2006-05-03 21:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2014-03-20 11:25 . 2003-02-21 17:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2014-03-20 11:24 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2014-03-20 11:24 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2014-03-20 11:24 . 2007-07-03 15:58 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2014-03-20 11:24 . 2007-07-03 15:57 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2014-03-20 11:24 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2014-03-20 11:24 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2014-03-20 11:24 . 2007-07-03 15:54 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2014-03-20 11:24 . 2014-03-20 11:24 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2014-03-20 11:24 . 2006-07-24 15:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2014-03-14 13:33 . 2007-03-05 06:32 201216 ----a-w- c:\windows\system32\mediarcpt.dll
2014-03-14 13:33 . 2014-03-20 09:04 -------- d-----w- c:\program files\Recepty doma
2014-03-11 19:23 . 2014-03-11 19:23 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2014-03-11 19:02 . 2014-02-24 11:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2014-03-11 19:02 . 2014-02-24 11:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2014-03-11 19:02 . 2014-02-24 11:35 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2014-03-11 19:02 . 2014-02-24 11:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2014-03-11 19:02 . 2014-02-24 11:35 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2014-03-11 19:02 . 2014-02-24 11:35 2006016 -c----w- c:\windows\system32\dllcache\iertutil.dll
2014-03-11 19:02 . 2014-02-24 11:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2014-03-11 19:02 . 2014-02-24 11:35 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll
2014-03-11 19:00 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-11 19:00 . 2014-02-26 23:28 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-11 18:40 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-03-11 18:40 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-03-11 18:40 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-03-11 18:40 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-03-11 18:40 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2014-03-11 18:39 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-03-11 18:39 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-03-11 18:39 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-03-11 18:39 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-03-11 18:37 . 2013-02-27 00:21 223232 -c----w- c:\windows\system32\dllcache\wksprt.exe
2014-03-11 18:37 . 2013-02-27 00:21 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2014-03-11 18:37 . 2013-02-27 05:31 2691072 -c----w- c:\windows\system32\dllcache\mstscax.dll
2014-03-11 18:36 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-03-10 21:23 . 2014-03-10 21:23 -------- d-----w- c:\program files\IVT Corporation
2014-03-10 20:53 . 2014-03-10 20:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Bluetooth
2014-03-10 06:32 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2014-03-10 06:32 . 2014-03-10 06:32 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-03-10 06:31 . 2014-03-10 06:31 -------- d-----w- c:\program files\Free Viewer
2014-03-10 06:16 . 2014-03-10 06:16 -------- d-----w- c:\program files\CIT.cz
2014-03-10 06:16 . 2000-01-04 04:39 212992 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2014-03-03 20:27 . 2010-05-13 17:34 14232 ----a-w- c:\windows\system32\sh4native.exe
2014-03-03 19:41 . 2014-03-03 19:41 -------- d-----w- c:\program files\Enigma Software Group
2014-03-03 19:41 . 2014-03-03 19:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2014-03-02 15:56 . 2014-03-31 09:18 -------- d-----w- C:\Shoty
2014-03-02 15:55 . 2014-03-02 15:56 -------- d-----w- c:\program files\ScreenShots
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 18:06 . 2014-02-26 17:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 18:06 . 2014-02-26 17:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-02 08:18 . 2008-04-14 11:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2014-02-26 18:04 . 2014-02-26 18:04 57939 ----a-w- C:\Uninstal.exe
2014-02-26 17:15 . 2014-02-26 17:15 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-02-26 17:15 . 2014-02-26 17:15 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-26 17:15 . 2014-02-26 17:15 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-02-26 17:15 . 2014-02-26 17:15 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-26 17:15 . 2014-02-26 17:15 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-02-26 17:15 . 2014-02-26 17:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-26 17:15 . 2014-02-26 17:15 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-26 17:15 . 2014-02-26 17:15 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-26 17:15 . 2014-02-26 17:15 43152 ----a-w- c:\windows\avastSS.scr
2014-02-26 16:34 . 2014-02-26 16:34 315392 ----a-w- c:\windows\HideWin.exe
2014-02-24 11:35 . 2010-01-14 15:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-24 11:35 . 2010-01-14 15:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:35 . 2010-01-14 14:59 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54 . 2010-01-14 15:00 385024 ----a-w- c:\windows\system32\html.iec
2014-02-13 12:46 . 2014-02-13 12:46 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2014-02-07 06:36 . 2010-01-14 15:02 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55 . 2010-01-14 15:01 563712 ----a-w- c:\windows\system32\qedit.dll
2014-01-04 03:12 . 2010-01-14 15:02 420864 ----a-w- c:\windows\system32\vbscript.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 11:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 11:00 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 11:00 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[7] 2010-01-14 . 4212BABCC4408B052193DABAD9A691AB . 509440 . . [5.1.2600.5788] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2010-01-14 . 36729DA8037FF58F8FFAA39A58382612 . 548864 . . [5.1.2600.5788] . . c:\windows\system32\winlogon.exe
[-] 2010-01-14 . 36729DA8037FF58F8FFAA39A58382612 . 548864 . . [5.1.2600.5788] . . c:\windows\system32\dllcache\winlogon.exe
.
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2010-01-14 . 066FE6E93EBD781CF4FF9478D1C96C79 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2014-02-24 . 83398F56F4B4946B247763D700A244E8 . 6022144 . . [8.00.6001.23569] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-01-14 . 9D314090668BBE26E0BE5BBF9C6068BD . 6105600 . . [8.00.6001.22945] . . c:\windows\ie8updates\KB2925418-IE8\mshtml.dll
[7] 2010-01-14 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2010-01-14 . 9D314090668BBE26E0BE5BBF9C6068BD . 6105600 . . [8.00.6001.22945] . . c:\windows\system32\mshtml.dll
.
[7] 2010-01-14 . A88D1807EF5370F4313C58D137D6F7B4 . 578560 . . [5.1.2600.5577] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2010-01-14 . 396A99C7B9CD4BF150F63EAB2ADF58DA . 578560 . . [5.1.2600.5577] . . c:\windows\system32\user32.dll
[-] 2010-01-14 . 396A99C7B9CD4BF150F63EAB2ADF58DA . 578560 . . [5.1.2600.5577] . . c:\windows\system32\dllcache\user32.dll
.
[7] 2014-02-24 . 57A4C70E6652DCCD0ADC94364718B891 . 920064 . . [8.00.6001.23569] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-01-14 . 19504459C7CDB8DB06B338FC8B5967BD . 983040 . . [8.00.6001.22945] . . c:\windows\ie8updates\KB2925418-IE8\wininet.dll
[7] 2010-01-14 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2010-01-14 . 19504459C7CDB8DB06B338FC8B5967BD . 983040 . . [8.00.6001.22945] . . c:\windows\system32\wininet.dll
.
[-] 2010-01-14 . DD0A17917ACBB8CA8A2AB260CBDBFF62 . 1541120 . . [6.00.2900.5634] . . c:\windows\explorer.exe
[7] 2010-01-14 . 8AB626E4E4B289646E11311E66FB0B88 . 1034240 . . [6.00.2900.5634] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2010-01-14 . DD0A17917ACBB8CA8A2AB260CBDBFF62 . 1541120 . . [6.00.2900.5634] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[7] 2013-08-05 . C7B8A9BCD06540591B70B0D459039D83 . 1289216 . . [5.1.2600.6435] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\$NtUninstallKB2876217$\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2010-01-14 . 924A03096E662D7B413CF46706B809AC . 1288192 . . [5.1.2600.5692] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\system32\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-10-09 . FF876311F58C86EC3E1A24F585949C25 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[7] 2010-01-14 . 5FB6576F86C47C3CD3CE86E6F6D4EFE9 . 345088 . . [5.1.2600.5589] . . c:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2010-01-14 . 86758EFFC9BA0CDC9802EBC30369F89D . 369152 . . [5.1.2600.5589] . . c:\windows\system32\hnetcfg.dll
[-] 2010-01-14 . 86758EFFC9BA0CDC9802EBC30369F89D . 369152 . . [5.1.2600.5589] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[7] 2010-01-14 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\NiwradSoft Shell Pack\Backup\IEXPLORE.EXE
[-] 2010-01-14 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-26 17:15 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-26 3767096]
"chrome.exe"="c:\program files\Google\Chrome\Application\chrome.exe" [2014-03-15 859976]
"Core Temp.exe"="c:\documents and settings\Lucka\Plocha\Core Temp.exe" [2013-03-01 763856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-26 3767096]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-01-14 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sh4native Sh4Removal
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [26.2.2014 19:15 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [26.2.2014 19:15 180248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 21:45 20744]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 17:01 29056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [26.2.2014 19:15 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [26.2.2014 19:15 410784]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [26.2.2014 20:12 913752]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [26.2.2014 19:15 67824]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [27.2.2009 17:40 143467]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [26.2.2014 22:25 103040]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 13:44 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 15:58 26248]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 16:00 48472]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [26.2.2014 22:29 43816]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [14.1.2010 17:04 9472]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - ALSysIO
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:33 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26 18:06]
.
2014-04-01 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-26 17:15]
.
2014-03-11 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
.
2014-04-01 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-01 10:03
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1076)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(3412)
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\msi.dll
c:\windows\System32\cscui.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Logitech\MouseWare\system\em_exec.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2014-04-01 10:06:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-01 08:06
ComboFix2.txt 2014-03-31 08:13
ComboFix3.txt 2014-03-30 15:00
.
Před spuštěním: Volných bajtů: 290 283 728 896
Po spuštění: Volných bajtů: 290 143 682 560
.
- - End Of File - - A9C5ABCD686DBF9987C92271BB1E3D41
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 01 dub 2014 14:54

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Určitě si měla BSOD (modrá obrazovka smrti)?

Co problémy?

Prosím o kontrolu logu,utíká myš Vyřešeno

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Kdo je online