PROSÍM POMOC - Suspenzor PC

[Leuša]

Prosím tě mám problém s tím SDFix. Nejmenuje se to Run This. bat, ale jen Run This, ale v tom nevidím takový problém jako že tam není nabídka Y. Můžu zadat A,B,C,D,U,E - cokoliv jiného zadám a dám enter tak se mi to zavře. Improvizovala jsem, zadala A, vyjel mi System report, ale je to tak dlouhý, že to jsem nejde ani vložit, tedy si myslím, že to nejspíš nebude ono.
Prosím o radu.
Jsem v tomto dost lama

[Reklama]

[Baron Prášil]

já sem sdfix už dlooouho nedělal.když ho spustíš a na klávesnici stiskneš Y a Enter tak se děje co?
jinak,pošli ten combofix po čištěních.

[Leuša]

právě že když stisknu Y, tak se nestane vůbec nic a když dám pak ještě Enter, tak se mi to ihned zavře.

tady je ten log z ComboFixu:

ComboFix 08-02.01.1 - roman 2008-02-01 23:08:31.8 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.584 [GMT 1:00]
Running from: C:\Documents and Settings\roman\Plocha\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-01 to 2008-02-01 )))))))))))))))))))))))))))))))
.

2008-02-01 22:25 . 2008-02-01 22:29 <DIR> d-------- C:\Program Files\RegCleaner
2008-01-30 10:25 . 2008-01-30 10:25 1,158 --a------ C:\WINDOWS\mozver.dat
2008-01-29 23:09 . 2008-01-29 23:09 <DIR> d-------- C:\Program Files\Sunbelt Software
2008-01-28 20:54 . 2008-01-29 17:00 0 --a------ C:\23990098.$$$
2008-01-28 15:29 . 2008-01-28 15:38 <DIR> d-------- C:\Program Files\avenger
2008-01-28 14:36 . 2008-01-29 16:14 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-01-28 13:46 . 2008-01-28 13:46 0 --a------ C:\WINDOWS\nsreg.dat
2008-01-28 11:14 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-28 11:14 . 2008-01-27 14:37 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-28 11:14 . 2008-01-28 11:14 3,076 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-28 11:01 . 2008-01-31 17:52 26 --a------ C:\WINDOWS\Lic.xxx
2008-01-27 20:02 . 2008-01-27 20:02 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-01-27 09:38 . 2008-01-29 23:18 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-01-27 09:34 . 2008-01-27 09:34 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-27 09:33 . 2008-01-29 16:19 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-01-27 01:55 . 2008-01-27 13:55 132 --a------ C:\WINDOWS\wininit.ini
2008-01-27 01:15 . 2007-02-13 08:09 388,126 --a------ C:\WINDOWS\system32\sqlite3.dll
2008-01-27 01:09 . 2008-01-28 10:14 253,448 --a------ C:\Documents and Settings\roman\Data aplikací\installer_cz[1].exe
2008-01-26 16:14 . 2008-01-26 16:14 <DIR> d-------- C:\Program Files\CCleaner
2008-01-26 14:51 . 2008-01-26 14:51 <DIR> d-------- C:\Program Files\SlySoft.AnyDVD.v6.3.0.3.Multilanguage.WinALL.Regged-VDOWN
2008-01-25 21:07 . 2008-01-25 21:12 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\Nokia Multimedia Player
2008-01-25 21:01 . 2008-01-25 21:01 <DIR> d-------- C:\Documents and Settings\roman\Phone Browser
2008-01-25 21:00 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-01-25 20:59 . 2008-01-25 20:59 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\AdobeAUM
2008-01-25 20:44 . 2008-01-25 20:44 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-01-25 20:44 . 2008-01-25 20:44 <DIR> d-------- C:\Program Files\Nokia
2008-01-25 20:44 . 2008-01-25 20:44 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-01-25 20:44 . 2008-01-25 20:44 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-01-25 20:44 . 2008-01-25 20:44 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\PC Suite
2008-01-25 20:44 . 2008-01-25 20:51 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\Nokia
2008-01-25 20:44 . 2008-01-25 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2008-01-25 20:44 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-01-25 20:44 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-01-25 20:44 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-01-25 20:44 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-01-25 20:42 . 2008-01-25 20:43 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Installations
2008-01-24 15:08 . 2008-01-24 15:09 <DIR> d-------- C:\Program Files\Google
2008-01-22 15:41 . 2008-01-22 16:54 <DIR> d-------- C:\Program Files\DVDFab Platinum 3
2008-01-22 15:41 . 2008-01-26 14:29 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\Vso
2008-01-22 15:41 . 2008-01-22 15:41 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-01-22 15:41 . 2008-01-22 15:41 47,360 --a------ C:\Documents and Settings\roman\Data aplikací\pcouffin.sys
2008-01-18 13:47 . 2008-01-18 13:47 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2008-01-10 18:41 . 2008-01-10 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Elaborate Bytes
2008-01-10 18:18 . 2008-01-10 18:18 <DIR> d-------- C:\Program Files\Elaborate Bytes
2008-01-10 18:17 . 2008-01-10 18:17 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SlySoft
2008-01-10 18:16 . 2008-01-26 15:57 <DIR> d-------- C:\Program Files\SlySoft
2008-01-10 18:16 . 2008-01-26 16:00 48 ---hs---- C:\WINDOWS\S9236D345.tmp
2008-01-10 13:48 . 2008-01-22 18:58 <DIR> d-------- C:\Program Files\CyberLink
2008-01-10 09:59 . 2008-01-10 10:03 <DIR> d-------- C:\Program Files\Winamp
2008-01-10 09:59 . 2008-01-10 10:05 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\Winamp
2008-01-09 10:25 . 2008-01-25 16:15 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\ICQ Toolbar
2008-01-09 10:23 . 2008-01-28 19:53 <DIR> d-------- C:\Program Files\ICQToolbar
2008-01-09 10:23 . 2008-01-09 16:21 <DIR> d-------- C:\Program Files\ICQ6
2008-01-09 10:23 . 2008-01-09 16:22 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\ICQ
2008-01-09 10:20 . 2008-02-01 21:57 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\skypePM
2008-01-09 10:20 . 2008-01-09 10:20 32 --a------ C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2008-01-09 10:18 . 2008-01-09 10:18 <DIR> d-------- C:\Program Files\Skype
2008-01-09 10:18 . 2008-01-09 10:18 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-01-09 10:18 . 2008-02-01 23:03 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\Skype
2008-01-09 10:18 . 2008-01-09 10:18 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Skype
2008-01-08 17:07 . 2008-01-08 17:07 <DIR> d-------- C:\Program Files\Common Files\AVSMedia
2008-01-08 17:07 . 2008-01-10 14:32 <DIR> d-------- C:\Program Files\AVSMedia
2008-01-08 16:44 . 2008-01-08 23:37 <DIR> d-------- C:\WINDOWS\system32\languages
2008-01-08 16:38 . 2008-01-10 13:27 50 --a------ C:\WINDOWS\cdplayer.ini
2008-01-08 16:37 . 2008-01-08 16:37 <DIR> d-------- C:\Program Files\Real
2008-01-08 16:37 . 2008-01-08 16:37 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-01-08 16:37 . 2008-01-08 16:37 <DIR> d-------- C:\Program Files\Common Files\Real
2008-01-08 14:52 . 2008-01-10 13:39 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2008-01-08 14:52 . 2008-01-10 13:36 737,280 --a------ C:\WINDOWS\iun6002.exe
2008-01-08 09:48 . 2008-01-08 09:48 <DIR> d-------- C:\Documents and Settings\roman\UserData
2008-01-08 06:23 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-07 21:51 . 2008-01-09 17:17 <DIR> d-------- C:\WINDOWS\$hf_mig$
2008-01-07 19:28 . 2008-01-07 19:28 <DIR> d-------- C:\Program Files\Alwil Software
2008-01-07 19:28 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-01-07 19:28 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-07 19:28 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-07 19:28 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-07 19:28 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-07 19:28 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-07 19:28 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-07 19:28 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-07 19:28 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-07 19:16 . 2008-01-29 22:22 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-01-07 16:01 . 2006-10-18 01:31 363,008 -ra------ C:\WINDOWS\system32\idecoiins.dll
2008-01-07 16:01 . 2006-10-18 01:31 363,008 -ra------ C:\WINDOWS\system32\idecoi.dll
2008-01-07 16:01 . 2006-10-05 01:35 356,352 --------- C:\WINDOWS\system32\nvuide.exe
2008-01-07 16:01 . 2006-10-18 01:31 105,472 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2008-01-07 16:01 . 2006-10-05 01:35 35,840 -ra------ C:\WINDOWS\system32\NVCOI.DLL
2008-01-07 16:01 . 2006-09-11 00:14 1,570 --------- C:\WINDOWS\system32\nvide.nvu
2008-01-07 16:00 . 2008-01-07 16:00 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\InstallShield
2008-01-07 15:59 . 2008-01-25 20:44 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-01-07 15:59 . 2008-01-07 15:59 <DIR> d-------- C:\Program Files\DIFX
2008-01-07 15:59 . 2006-07-01 22:42 43,008 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2008-01-07 15:58 . 2008-01-07 18:22 14,731 --a------ C:\WINDOWS\Ascd_log.ini
2008-01-07 14:31 . 2005-11-01 04:34 78,720 -ra------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2008-01-07 11:48 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-01-06 21:55 . 2008-01-06 21:55 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-01-06 21:55 . 2008-01-06 21:55 <DIR> d-------- C:\Documents and Settings\roman\Data aplikací\AdobeUM

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-30 12:32 196,608 ----a-w C:\WINDOWS\system32\drivers\nStandard.bin
2008-01-27 19:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-27 19:02 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-07 15:14 --------- d-----w C:\Documents and Settings\roman\Data aplikací\MSN6
2008-01-06 17:29 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\MSN6
2008-01-06 17:16 --------- d-----w C:\Documents and Settings\roman\Data aplikací\Ahead
2008-01-06 17:15 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-06 17:15 --------- d-----w C:\Program Files\Ahead
2008-01-06 17:13 104 ----a-w C:\Program Files\Internet.lnk
2008-01-06 17:04 --------- d-----w C:\Program Files\Realtek
2008-01-06 16:49 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-01-06 16:47 --------- d-----w C:\Program Files\My Company Name
2008-01-06 16:45 --------- d-----w C:\Program Files\ASUS
2008-01-06 16:41 --------- d--h--w C:\Program Files\Uninstall Information
2008-01-06 16:38 --------- d-----w C:\Program Files\microsoft frontpage
2007-11-07 09:29 720,896 ----a-w C:\WINDOWS\system32\lsasrv.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-07 15:08 21686568]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-25 15:58 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-04-12 16:44 8429568]
"nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-04-12 16:44 81920]
"GamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 09:42 380928]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 08:03 16125440 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-08 16:37 185896]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16 37376]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46 57344]
"NI.UGDCCZ_0001_N122M1712"="C:\documents and settings\roman\data aplikací\installer_cz[1].exe" [2008-01-28 10:14 253448]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04 83360]

R1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 13:34]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 13:34]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-27 09:34]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2006-09-29 10:06]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 23:11:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-01 23:13:12
.
2008-01-11 12:20:11 --- E O F ---

[Baron Prášil]

"naskočil rámeček s instalací Suspenzora PC"
to je teda jedinej projev?udělej hijackthis potom co to na tebe bafne.

a projeď to tímto nástrojem http://www.viry.cz/forum/viewtopic.php?t=51359

[Leuša]

Tím programem jsem to prohnala a tady je ten log z Hijackthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:17, on 2.2.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NI.UGDCCZ_0001_N122M1712] "C:\documents and settings\roman\data aplikací\installer_cz[1].exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Unknown owner - C:\Program Files\WinClamAVShield\sp_clamsrv.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8106 bytes

[Baron Prášil]

nech toto
C:\documents and settings\roman\data aplikací\installer_cz[1].exe
zkontrolovat tady
http://www.virustotal.com/flash/index_en.html
nepoužívej "Procházet" ale vlož do okna celou cestu,tučně označenou,k souboru metodou Ctrl+C > Ctrl+V
(podrobný návod tady http://www.pc-help.cz/viewtopic.php?t=5121 )

pošli výsledky

[Leuša]

Prosím tě, jak u toho Virus Total poznám, že to doběhlo? Musím tam na něco ještě kliknout, nebo to okýnko Current status: Finished naskočí úplně samo??
Díky za info, nevíš jak dlouho taková věc trvá?

[fredik]

Tady máš návod na VirusTotall

[Leuša]

Ahoj tak jsem to zkoušela dokonce 2x a pokaždé mi Virustotal napsal:

Soubor installer_cz_1_.exe_ přijatý 2008.02.01 20:55:21 (CET)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO
Váš soubor není platný, nebo neexistuje.

Je to možný? Neudělala jsem někde chybu? Co teď?

[Baron Prášil]

Stáhni si Suspicious File Packer
Rozbal ho a spusť ho (soubor sfp.exe)
Do okna které se ti zobrazí zkopíruj a vlož tento tučně označený text:
C:\documents and settings\roman\data aplikací\installer_cz[1].exe
pak klikni na tlačítko Continue
Program se ti přepne do druhého okna Step2: Create archive
Zavři program.
Na ploše se ti vytvoří soubor requested-files[2007-07-30_HH_MM].cab (místo 2007-07-30 budeš mít aktuální datum a kde HH - hodina a MM minuty)
Ten pak zkus vložit ke svému příspěvku jako přílohu.

když to nebude brát příponu .cab,tak jí klidně přepiš na .zip a když to ani tak nepude,
tak ti na sz pošlu mejl,kam ho pošleš

[Leuša]

ta příloha poslat nejde. Ani když to přepíšu na zip.
Píše mi to: Tried to upload empty file (netuším co to znamená)

[Baron Prášil]

že zkoušíš poslat prázdnej soubor.

takže fixni
O4 - HKLM\..\Run: [NI.UGDCCZ_0001_N122M1712] "C:\documents and settings\roman\data aplikací\installer_cz[1].exe"

restartuj a pošli čerstvoučký,pěkně vypečený,log z hijackthis