"Lagování her" prosím o kontrolu

[bereline]

co tam mam vložit .. ?? ten log, nebo ten combofix po te co jsem na nej dal ten soubor TXT ??

[Reklama]

[jaro3]

Vlož log z ComboFixu+ výsledek z Virustotal.

[bereline]

já se ptám ale co mám dát do toho VirusTotal ? jaký soubor ? soubor combofix.exe co mam na plose ??

[jaro3]

Toto na virus total:
C:\win32.sys
postupuj podle návodu z odkazu:
viewtopic.php?f=70&t=5121

[bereline]

VirusTotal souboru win32.sys

AhnLab-V3 2008.9.25.0 2008.09.26 -
AntiVir 7.8.1.34 2008.09.28 -
Authentium 5.1.0.4 2008.09.28 -
Avast 4.8.1195.0 2008.09.27 -
AVG 8.0.0.161 2008.09.28 -
BitDefender 7.2 2008.09.28 -
CAT-QuickHeal 9.50 2008.09.26 -
ClamAV 0.93.1 2008.09.28 -
DrWeb 4.44.0.09170 2008.09.28 -
eSafe 7.0.17.0 2008.09.28 -
eTrust-Vet 31.6.6110 2008.09.26 -
Ewido 4.0 2008.09.28 -
F-Prot 4.4.4.56 2008.09.25 -
F-Secure 8.0.14332.0 2008.09.28 -
Fortinet 3.113.0.0 2008.09.28 -
GData 19 2008.09.28 -
Ikarus T3.1.1.34.0 2008.09.28 -
K7AntiVirus 7.10.473 2008.09.25 -
Kaspersky 7.0.0.125 2008.09.28 -
McAfee 5392 2008.09.25 -
Microsoft 1.3903 2008.09.28 -
NOD32 3478 2008.09.28 -
Norman 5.80.02 2008.09.26 -
Panda 9.0.0.4 2008.09.28 -
PCTools 4.4.2.0 2008.09.26 -
Prevx1 V2 2008.09.28 -
Rising 20.63.62.00 2008.09.28 -
SecureWeb-Gateway 6.7.6 2008.09.28 -
Sophos 4.34.0 2008.09.28 -
Sunbelt 3.1.1668.1 2008.09.24 -
Symantec 10 2008.09.28 -
TheHacker 6.3.0.9.095 2008.09.27 -
TrendMicro 8.700.0.1004 2008.09.26 -
VBA32 3.12.8.6 2008.09.26 -
ViRobot 2008.9.26.1393 2008.09.26 -
VirusBuster 4.5.11.0 2008.09.28 -
Rozšiřující informace
File size: 476 bytes
MD5...: c57a436d813538d348e5d4516830db58
SHA1..: 3c1e3127907fe83796319a3305a6ef0e5a14d178
SHA256: 635f649e9f1cc6c1f29648384d7130fe2a2d4e262b209322489e68e0830f72d4
SHA512: 51b524b0c951e1a430ded1374f5a2a854a4308ddbec0f85664012aef426f79a8
27e6f909f702daed1e5ef8bffb6c7802378e281c329050cab99757afcfe0140d
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -

LOG

ComboFix 08-09-27.03 - RedFisch 2008-09-28 18:27:22.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.571 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\RedFisch\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\RedFisch\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
* Resident AV is active


VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
C:\WINDOWS\003306_.tmp
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\003306_.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-08-28 do 2008-09-28 )))))))))))))))))))))))))))))))
.

2008-09-28 15:03 . 2008-09-28 15:03 <DIR> d-------- C:\Documents and Settings\NetworkService\Nabˇdka Start
2008-09-28 15:03 . 2004-08-17 16:49 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-09-28 14:40 . 2008-04-13 22:06 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys
2008-09-28 14:40 . 2008-04-14 00:10 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-09-28 14:20 . 2008-09-28 14:20 <DIR> d-------- C:\e9388ec93fabcec0540e
2008-09-28 12:48 . 2008-09-28 12:48 <DIR> d-------- C:\Documents and Settings\RedFisch\DoctorWeb
2008-09-27 16:10 . 2008-09-27 16:10 <DIR> d-------- C:\WINDOWS\nview
2008-09-27 16:10 . 2008-09-17 09:55 453,152 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-09-27 16:10 . 2008-09-28 15:16 201,461 --a------ C:\WINDOWS\system32\nvapps.xml
2008-09-27 16:10 . 2008-09-17 09:55 18,394 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-09-27 16:09 . 2008-09-16 21:27 453,152 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-09-27 15:26 . 2003-09-08 10:30 2,252,800 --a------ C:\WINDOWS\system\cmicnfg.cpl
2008-09-27 15:26 . 2003-08-29 06:02 1,454,080 --a------ C:\WINDOWS\system\SmWizard.exe
2008-09-27 15:26 . 2002-04-29 09:04 917,504 --a------ C:\WINDOWS\system\cmids3d.dll
2008-09-27 15:26 . 2003-09-15 08:19 752,960 --a------ C:\WINDOWS\system32\drivers\cmuda.sys
2008-09-27 15:26 . 2003-08-20 12:46 233,472 --a------ C:\WINDOWS\system32\cmirmdrv.exe
2008-09-27 15:26 . 2003-09-15 13:06 94,208 --a------ C:\WINDOWS\system32\cmuda.dll
2008-09-27 15:26 . 2003-04-24 07:29 32,768 --a------ C:\WINDOWS\system32\udaprop.dll
2008-09-27 15:26 . 2003-02-18 12:26 28,672 --a------ C:\WINDOWS\system32\cmirmdrv.dll
2008-09-27 15:10 . 2008-09-27 15:10 <DIR> d-------- C:\Program Files\C-Media 3D Audio
2008-09-27 15:10 . 2003-08-05 14:23 266,240 --a------ C:\WINDOWS\CMIUninstall.exe
2008-09-27 15:10 . 2003-07-22 11:15 225,280 --a------ C:\WINDOWS\CmiRmRedundDir.exe
2008-09-27 15:10 . 2002-10-18 15:56 28,672 --a------ C:\WINDOWS\CMIRmDriver.dll
2008-09-27 15:10 . 2008-09-28 13:15 231 --a------ C:\WINDOWS\system\CmiCnfg.ini
2008-09-27 15:10 . 2008-09-27 15:10 0 --a------ C:\WINDOWS\Wininit.ini
2008-09-27 15:07 . 2000-10-25 14:27 3,000 -ra------ C:\WINDOWS\system32\SetupNT.sys
2008-09-27 15:07 . 2008-09-28 13:06 3 --a------ C:\WINDOWS\system32\BSETUP.TMP
2008-09-26 22:43 . 2007-01-01 20:03 40,960 -ra------ C:\WINDOWS\system32\psfind.dll
2008-09-26 22:37 . 2008-09-26 22:53 <DIR> d-------- C:\Program Files\THQ
2008-09-25 20:10 . 2007-10-29 10:51 <DIR> d--h----- C:\Documents and Settings\Ondra\ćablony
2008-09-25 20:10 . 2008-02-07 17:55 <DIR> d-------- C:\Documents and Settings\Ondra\Plocha
2008-09-25 20:10 . 2007-10-29 11:45 <DIR> d--h----- C:\Documents and Settings\Ondra\Okolnˇ tisk rny
2008-09-25 20:10 . 2007-10-29 11:45 <DIR> d--h----- C:\Documents and Settings\Ondra\Okolnˇ sˇś
2008-09-25 20:10 . 2007-10-29 11:45 <DIR> d-------- C:\Documents and Settings\Ondra\Oblˇben‚ polo§ky
2008-09-25 20:10 . 2007-10-29 11:45 <DIR> dr------- C:\Documents and Settings\Ondra\Nabˇdka Start
2008-09-25 20:10 . 2007-10-29 11:45 <DIR> d-------- C:\Documents and Settings\Ondra\Dokumenty
2008-09-25 20:10 . <DIR> C:\Documents and Settings\Ondra\Data aplikací\Microsoft
2008-09-25 20:10 . 2007-10-29 11:45 <DIR> dr-h----- C:\Documents and Settings\Ondra\Data aplikacˇ
2008-09-25 20:10 . 2008-09-25 20:10 <DIR> d-------- C:\Documents and Settings\Ondra
2008-09-25 20:02 . 2008-09-01 12:17 87,352 --a------ C:\WINDOWS\system32\LMIinit.dll
2008-09-25 20:02 . 2008-09-01 12:18 83,288 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll
2008-09-25 20:02 . 2008-07-24 18:46 47,640 --a------ C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
2008-09-25 20:02 . 2008-09-01 12:17 28,984 --a------ C:\WINDOWS\system32\LMIport.dll
2008-09-25 20:02 . 2008-09-25 20:02 1,024 --a------ C:\.rnd
2008-09-25 20:01 . 2008-09-28 10:12 <DIR> d-------- C:\Program Files\LogMeIn
2008-09-16 19:22 . 2008-04-11 21:06 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-09-16 19:22 . 2008-05-01 16:37 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-09-11 17:12 . 2008-09-11 17:12 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-09-11 17:12 . 2008-09-11 17:12 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-09-11 17:12 . 2008-09-11 17:12 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-09-10 19:37 . 2008-09-10 19:37 <DIR> d-------- C:\Documents and Settings\RedFisch\Phone Browser
2008-09-10 09:41 . 2008-09-10 09:41 81,920 --a------ C:\WINDOWS\system32\frapsvid.dll
2008-09-08 14:27 . 2008-09-08 14:27 <DIR> d-------- C:\Westwood
2008-09-06 10:49 . <DIR> C:\Documents and Settings\RedFisch\Data aplikací\Nokia
2008-09-06 10:48 . 2008-09-06 10:48 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-09-06 10:48 . 2008-09-06 10:48 <DIR> d-------- C:\Program Files\DIFX
2008-09-06 10:48 . 2008-09-06 10:48 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-09-06 10:48 . 2008-09-06 10:48 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-09-06 10:48 . <DIR> C:\Documents and Settings\RedFisch\Data aplikací\PC Suite
2008-09-06 10:48 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-09-06 10:48 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-09-06 10:48 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-09-06 10:48 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-09-06 10:48 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-09-06 10:47 . 2008-09-06 10:48 <DIR> d-------- C:\Program Files\Nokia
2008-09-06 10:47 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-09-01 12:17 . 2008-09-01 12:17 23,736 --a------ C:\WINDOWS\system32\lmimirr.dll
2008-09-01 12:17 . 2008-09-01 12:17 10,040 --a------ C:\WINDOWS\system32\lmimirr2.dll
2008-08-30 18:15 . 2006-02-04 03:50 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-08-30 18:15 . 2006-02-04 03:50 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-08-30 17:58 . <DIR> C:\Documents and Settings\RedFisch\Data aplikací\InstallShield
2008-08-30 15:42 . 2008-08-30 15:42 <DIR> d-------- C:\Program Files\Teamspeak2_RC2
2008-08-29 13:53 . 2008-08-29 13:53 <DIR> d-------- C:\Program Files\Counter-Strike 1.6 Patch Version 26
2008-08-29 13:40 . 2008-09-24 18:07 476 --a------ C:\win32.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-28 16:23 --------- d-----w C:\Program Files\HLSW
2008-09-28 15:15 --------- d-----w C:\Program Files\PowerArchiver
2008-09-28 14:47 --------- d-----w C:\Documents and Settings\RedFisch\Data aplikací\Free Download Manager
2008-09-28 13:14 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-27 13:43 --------- d-----w C:\Documents and Settings\RedFisch\Data aplikací\Skype
2008-09-27 13:16 --------- d-----w C:\Documents and Settings\RedFisch\Data aplikací\MegauploadToolbar
2008-09-26 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 20:37 --------- d-----w C:\Program Files\EA Games
2008-09-25 18:10 --------- d-----w C:\Documents and Settings\RedFisch\Data aplikací\Hamachi
2008-09-24 16:11 --------- d-----w C:\Program Files\Hamachi
2008-09-24 15:41 17,480 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2008-09-20 11:10 --------- d-----w C:\Program Files\Quake III Arena
2008-09-14 12:46 --------- d-----w C:\Program Files\Trillian
2008-09-14 07:18 --------- d-----w C:\Program Files\ESET
2008-08-29 15:52 --------- d-----w C:\Documents and Settings\RedFisch\Data aplikací\teamspeak2
2008-08-26 09:31 --------- d-----w C:\Program Files\Outbreak
2008-08-26 09:06 53,248 ----a-w C:\WINDOWS\unrar.dll
2008-08-24 14:37 --------- d-----w C:\Documents and Settings\RedFisch\Data aplikací\XnView
2008-08-21 09:30 167,936 ----a-w C:\WINDOWS\vc.scr
2008-08-21 09:30 166,912 ----a-w C:\WINDOWS\novc.exe
2008-08-21 09:30 --------- d-----w C:\Program Files\Virtual Creatures
2008-08-21 09:09 14,320 ----a-w C:\WINDOWS\MOPYFISH.SCR
2008-08-21 09:09 10,944 ----a-w C:\WINDOWS\BYEFISH.EXE
2008-08-16 19:04 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2008-08-16 16:14 --------- d-----w C:\Program Files\ICQLite
2008-08-16 12:55 --------- d-----w C:\Program Files\Cool CENZURA
2008-08-13 08:57 --------- d-----w C:\Program Files\Java
2008-08-13 08:57 --------- d-----w C:\Program Files\Common Files\Java
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-10 14:42 51,200 ----a-w C:\WINDOWS\inf.exe
2008-07-07 20:29 253,952 ----a-w C:\WINDOWS\system32\es.dll
2007-12-08 15:04 22,328 ----a-w C:\Documents and Settings\RedFisch\Data aplikací\PnkBstrK.sys
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"Steam"="C:\PROGRA~1\Valve\Steam\Steam.exe" [2008-06-12 1271032]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"nodenable"="C:\Program Files\eset\nodenable.exe" [2008-08-22 359639]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NodLogin"="C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe" [2008-07-29 358448]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-09-11 949376]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"CM-SmWizard"="C:\WINDOWS\System\SmWizard.exe" [2003-08-29 1454080]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-09-17 86016]
"nwiz"="nwiz.exe" [2008-09-17 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

C:\Documents and Settings\RedFisch\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Disk Cleaner.lnk - C:\Program Files\Disk Cleaner\dclean.exe [2005-11-20 209920]
Mopy Points Collector.lnk - C:\MOPYFISH\GETPOINT.EXE [2008-08-21 39612]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-09-01 12:17 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"VIDC.ACDV"= ACDV.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Valve\\Steam\\Steam.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\martas007\\counter-strike\\hl.exe"=
"D:\\BitComet(torrent)\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\martas007\\condition zero deleted scenes\\hl.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\martas007\\condition zero\\hl.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\Empire Interactive\\FlatOut 2\\flatout2.exe"=
"C:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat"=
"C:\\Program Files\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Xfire\\Xfire.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"D:\\Miranda IM\\Miranda IM\\miranda32.exe"=
"C:\\Program Files\\Trillian\\trillian.exe"=
"C:\\Program Files\\MC2\\Sniper Elite\\SniperElite.exe"=
"C:\\WINDOWS\\system32\\java.exe"=
"C:\\Program Files\\VirtualDJ\\virtualdj.exe"=
"C:\\Program Files\\HLSW\\hlsw.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Hamachi\\hamachi.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII\\Win32\\RpcDataSrv.exe"=
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII\\RpcSandraSrv.exe"=
"C:\\Program Files\\TmNationsForever\\TmForever.exe"=
"C:\\Program Files\\Free Download Manager\\fdm.exe"=
"C:\\Program Files\\MultiProxy\\MProxy.exe"=
"D:\\CS 1.6v19\\Counter-Strike 1.6\\cstrike.exe"=
"D:\\CS 1.6v19 zaloha\\Counter-Strike 1.6\\cstrike.exe"=
"E:\\bulanci.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21845:TCP"= 21845:TCP:BitComet 21845 TCP
"21845:UDP"= 21845:UDP:BitComet 21845 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-11-20 9216]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-07-24 47640]
R3 GMFilter Filter;GMFilter Filter;C:\WINDOWS\system32\Drivers\GMFilter.sys [2005-06-10 25088]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-14 69120]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-07-24 12856]
S3 AMDMSRIO;AMDMSRIO;C:\DOCUME~1\RedFisch\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys [ ]
S3 leafnets;Leaf Networks Adapter;C:\WINDOWS\system32\DRIVERS\leafnets.sys [2007-05-03 55296]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-21 13824]
S3 tap0901_2gm;VPN Anonymizer Adapter;C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 WPRO_40_1123;WinPcap Packet Driver (WPRO_40_1123);C:\WINDOWS\system32\drivers\WPRO_40_1123.sys [ ]
S3 ZD1211BU(TP-LINK);TL-WN322G/WN322G+ Wireless USB Adapter Driver(TP-LINK);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Obsah adresáře 'Naplánované úlohy'
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-28 18:29:15
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]
"ImagePath"="\"C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

PROCES: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Celkový čas: 2008-09-28 18:30:04
ComboFix-quarantined-files.txt 2008-09-28 16:30:00
ComboFix2.txt 2008-09-28 14:51:36

Před spuštěním: Volněch bajt…: 16˙819˙011˙584
Po spuštění: Volněch bajt…: 16,807,100,416

247 --- E O F --- 2008-09-16 18:43:31

[jaro3]

Jak vypadá comp? Pošli ještě log z HJT.

[bereline]

comp pořád stejně asi ... měl bych ale asi zkusit tu hru co ??
tady je log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:19, on 28.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
D:\Miranda IM\Miranda IM\miranda32.exe
C:\Program Files\Valve\Steam\steam.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\HiJackThis\HiJackTHIS\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 82.208.58.96 l2authd.lineage2.com
O1 - Hosts: 82.208.58.96 l2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet(torrent)\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Steam] "C:\PROGRA~1\Valve\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [nodenable] C:\Program Files\eset\nodenable.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Disk Cleaner.lnk = C:\Program Files\Disk Cleaner\dclean.exe
O4 - Startup: Mopy Points Collector.lnk = C:\MOPYFISH\GETPOINT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://D:\BitComet(torrent)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://D:\BitComet(torrent)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://D:\BitComet(torrent)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\BitComet(torrent)\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9820 bytes

[jaro3]

V logu nic závažného, můžeš fixnout toto v HJT:

Kód: Vybrat vše

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)


Můžeš zkusit hry, myslím , že tam nic nemáš, CF by je odkryl.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

[bereline]

fajn, jdu to zkusit ... prozatím díky

[bereline]

Takže je to pořád stejné ... dokonce se to sem tam sekne .. i když mám pc na minimální požadavký cca před půl rokem jsem žádný problém neměl ... všechny detaily mám na Low ... jako by procák byl využit 0% a najednou pár seknud 100% pak zas méně ... tedy přemýšlím o reinstalu windows+formát a snad bude klid

[jaro3]

No jo v hrách moc neporadím, co DirectX? Start-spustit-dxdiag-a zkusit to nastavit.Zkus to projet CCleanerem(čistit registry a opravit problémy). a hlavně zkontrolovat HDD na chyby+defragmentaci.

[bereline]

defragmentaci jsem udělal jako první ... jinak bych ještě řekl dělá to jen v náročnějších hrách .. Sniper Elite první hra u které to začalo dělat no a teď Titan Quest jinak třeba u Counter-Strike 1.6 nic uplně v pohodě