VIRUS ALERT! Pomóóóóc Vyřešeno

[Funstorm007]

Tak jo,az na druhy pokus,poprve to sice neco naslo,smazalo ale pote se PC sam restartoval a zadny log nevytvoril,podruhe probehl v poho a vytvoril log,ZDE:(a jeste,uz se mi zobrazuji disky,chibi jen vsechny programy,tlacitko odhlasit,nejde spravce uloh)

ComboFix 08-10-05.11 - Taťka 2008-10-11 18:07:44.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.724 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Taťka\Plocha\ComboFix.exe

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
/wow section nedokončena

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Taťka\Nabídka Start\Programy\Po spuštění\Deewoo.lnk
C:\Documents and Settings\Taťka\Nabídka Start\Programy\Po spuštění\DW_Start.lnk
C:\WINDOWS\system32\dwwnw64r.exe
C:\WINDOWS\system32\gside.exe
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\system32\PAGiOXyb.ini
C:\WINDOWS\system32\PAGiOXyb.ini2
C:\WINDOWS\system32\rmwnw64l.exe
C:\WINDOWS\system32\rmwnw64n.exe
C:\WINDOWS\system32\winpfz33.sys
C:\WINDOWS\system32\zxdnt3d.cfg

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA
-------\Legacy_TDSSSERV
-------\Service_srosa
-------\Service_TDSSserv


((((((((((((((((((((((((( Soubory vytvořené od 2008-09-11 do 2008-10-11 )))))))))))))))))))))))))))))))
.

2008-10-11 00:32 . 2008-10-11 00:32 153,434 --a------ C:\WINDOWS\system32\g59.exe
2008-10-10 23:13 . 2008-10-10 23:13 548,924 --a------ C:\WINDOWS\system32\mcntktdl.exe
2008-10-10 23:11 . 2008-10-10 23:11 61,440 --a------ C:\WINDOWS\system32\drivers\msulr.sys
2008-10-09 18:30 . 2008-10-09 18:37 <DIR> d-------- C:\SDFix
2008-10-08 11:43 . 2008-10-08 11:43 479,232 --a------ C:\WINDOWS\system32\ezkrdscacssisy.dll
2008-10-07 20:28 . 2008-10-07 20:28 <DIR> d-------- C:\Documents and Settings\Taťka\Phone Browser
2008-10-07 20:28 . 2008-10-07 20:28 <DIR> d-------- C:\Documents and Settings\Taťka\Phone Browser
2008-10-07 17:11 . 2008-10-07 17:11 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\Malwarebytes
2008-10-07 17:10 . 2008-10-07 17:11 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-07 17:10 . 2008-10-07 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-10-07 17:10 . 2008-09-10 00:10 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-07 17:10 . 2008-09-10 00:09 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-07 17:07 . 2008-10-07 17:07 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\BSplayer
2008-10-06 21:17 . 2008-10-06 21:17 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\TuneUp Software
2008-10-06 20:09 . 2008-10-06 20:09 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2008-10-06 20:08 . 2008-10-06 20:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-10-06 20:08 . 2008-10-06 20:13 <DIR> d-------- C:\Program Files\CCleaner
2008-10-06 19:43 . 2008-10-06 19:43 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\ICQ
2008-10-05 19:58 . 2008-10-11 00:32 79,077 --a------ C:\WINDOWS\system32\gbqnmkyqxmlyoqw.exe
2008-10-05 19:57 . 2008-10-05 19:57 153,512 --a------ C:\WINDOWS\system32\g71.exe
2008-10-05 18:37 . 2008-10-05 18:37 <DIR> d-------- C:\Program Files\Lavasoft
2008-10-05 18:37 . 2008-10-05 18:38 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-10-05 18:32 . 2008-10-05 18:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-05 17:52 . 2008-10-05 17:52 <DIR> d-------- C:\Program Files\BitTorrent Fastest Tool
2008-10-05 17:51 . 2008-10-10 23:19 90,891 --a------ C:\WINDOWS\system32\ezkrdscacssisy.dll-uninst.exe
2008-10-05 17:50 . 2008-10-05 19:51 <DIR> d-------- C:\Program Files\Web Hottest Videos Personal Player
2008-10-05 17:50 . 2008-10-05 17:50 <DIR> d-------- C:\Program Files\Conduit
2008-10-05 17:50 . 2008-10-05 17:54 <DIR> d-------- C:\Program Files\Come2PlayK2P
2008-10-05 16:06 . 2008-10-05 16:06 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\SUPERAntiSpyware.com
2008-10-04 12:01 . 2007-03-01 19:54 21,056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-10-04 11:54 . 2008-10-04 11:54 164 --a------ C:\install.dat
2008-10-03 16:05 . 2008-10-03 16:05 156,672 --a------ C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll
2008-10-01 20:39 . 2008-10-01 20:39 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-10-01 20:38 . 2008-10-01 20:39 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-01 20:09 . 2008-10-01 20:09 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\AntiMalwareGuard
2008-10-01 18:27 . 2008-09-02 17:25 4,096 --a------ C:\WINDOWS\system32\bootrem.exe
2008-10-01 18:26 . 2008-10-01 18:26 <DIR> d-------- C:\My Downloads
2008-10-01 13:59 . 2008-10-01 13:59 <DIR> d-------- C:\Program Files\THQ
2008-09-30 17:24 . 2008-09-30 17:25 <DIR> d-------- C:\Documents and Settings\Eliška\Data aplikací\Zoner
2008-09-27 23:28 . 2008-09-27 23:28 <DIR> d-------- C:\Program Files\editix2008
2008-09-22 20:54 . 2008-09-22 20:54 <DIR> d-------- C:\WINDOWS\system32\cs
2008-09-22 20:54 . 2008-09-22 20:54 <DIR> d-------- C:\WINDOWS\system32\bits
2008-09-22 20:54 . 2008-09-22 20:54 <DIR> d-------- C:\WINDOWS\l2schemas
2008-09-22 20:52 . 2008-09-22 20:54 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-22 20:44 . 2008-09-22 20:44 <DIR> d-------- C:\WINDOWS\EHome
2008-09-22 20:36 . 2008-09-22 20:38 <DIR> d--h----- C:\Program Files\Zero G Registry
2008-09-22 20:36 . 2008-09-22 20:36 <DIR> d-------- C:\Program Files\Series_60_Theme_Studio
2008-09-22 14:52 . 2008-09-22 14:53 <DIR> d-------- C:\Program Files\SISSigner
2008-09-21 17:34 . 2004-01-14 03:10 163,840 --a------ C:\WINDOWS\BJPSUNST.EXE
2008-09-21 17:33 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-09-21 17:32 . 2008-09-21 17:32 <DIR> d-------- C:\WINDOWS\StartHtmico
2008-09-21 17:31 . 2008-09-21 17:31 <DIR> d--h----- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2008-09-21 17:31 . 2005-04-15 07:00 140,288 --a------ C:\WINDOWS\system32\CNMLM78.DLL
2008-09-21 17:31 . 2005-03-08 20:17 90,112 -ra------ C:\WINDOWS\system32\CNMCP78.exe
2008-09-21 17:31 . 2005-04-15 07:00 8,704 --a------ C:\WINDOWS\system32\CNMVS78.DLL
2008-09-21 17:30 . 2008-09-21 17:34 <DIR> d-------- C:\Program Files\Canon
2008-09-21 17:22 . 2008-04-13 20:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-09-18 19:39 . 2008-09-18 19:39 <DIR> d-------- C:\Documents and Settings\Eliška\Data aplikací\Samsung
2008-09-18 19:32 . 2008-09-18 19:32 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-09-18 19:32 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2008-09-18 19:32 . 2007-05-02 11:12 109,704 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2008-09-18 19:32 . 2007-05-02 11:12 83,592 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2008-09-18 19:32 . 2007-05-02 11:12 15,112 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2008-09-18 19:32 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2008-09-18 19:32 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2008-09-18 19:32 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2008-09-18 19:32 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2008-09-18 19:31 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-09-18 19:30 . 2008-09-18 19:30 <DIR> d-------- C:\Program Files\Samsung
2008-09-18 18:38 . 2008-09-18 18:38 <DIR> d-------- C:\WINDOWS\system32\Samsung
2008-09-18 18:38 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-09-18 18:37 . 2008-09-18 18:37 <DIR> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs
2008-09-18 18:37 . 2005-11-29 16:17 2,067,140 --a------ C:\WINDOWS\system32\avcodec.dll
2008-09-18 18:37 . 2005-12-16 18:30 679,936 --a------ C:\WINDOWS\system32\fun_mp4_enc.dll
2008-09-18 18:37 . 2005-12-16 15:50 634,880 --a------ C:\WINDOWS\system32\FunDecFilter.ax
2008-09-18 18:37 . 2005-12-15 16:48 528,384 --a------ C:\WINDOWS\system32\FunEncFilter.ax
2008-09-18 18:37 . 2005-12-15 16:53 69,632 --a------ C:\WINDOWS\system32\FunEQFilter.ax
2008-09-18 18:37 . 2005-12-15 16:50 61,440 --a------ C:\WINDOWS\system32\mp4_vcodec.dll
2008-09-18 18:37 . 2005-12-15 16:53 57,344 --a------ C:\WINDOWS\system32\FunVideoAdjustFilter.ax
2008-09-18 18:37 . 2005-12-15 16:52 53,248 --a------ C:\WINDOWS\system32\FunVideoResizeFilter.ax
2008-09-18 18:37 . 2005-12-15 16:54 53,248 --a------ C:\WINDOWS\system32\FunImgFilter.ax
2008-09-17 16:56 . 2008-09-17 16:56 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-09-17 16:55 . 2008-09-17 16:55 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-09-17 16:55 . 2008-09-17 16:56 <DIR> d-------- C:\Program Files\Macromedia
2008-09-17 16:55 . 2008-09-17 16:58 <DIR> d-------- C:\Program Files\Common Files\Macromedia
2008-09-17 15:18 . 2008-09-17 15:18 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2008-09-16 19:11 . 2004-08-17 15:43 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-09-13 20:51 . 2008-10-01 08:59 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-09-13 10:56 . 2008-10-10 19:56 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-13 10:56 . 2008-10-10 19:56 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-11 16:01 --------- d-----w C:\Program Files\Spyware Terminator
2008-10-10 17:45 --------- d-----w C:\Program Files\eMule
2008-10-10 15:56 --------- d-----w C:\Documents and Settings\Taťka\Data aplikací\Spyware Terminator
2008-10-09 17:33 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-10-05 16:37 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-10-02 18:38 90,112 ----a-w C:\WINDOWS\DUMP4ac4.tmp
2008-10-02 18:37 98,304 ----a-w C:\WINDOWS\DUMP3875.tmp
2008-10-01 13:51 87,552 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-10-01 09:37 --------- d-----w C:\Documents and Settings\Taťka\Data aplikací\OpenOffice.org2
2008-09-29 13:54 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\Spyware Terminator
2008-09-28 13:23 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-09-28 13:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-28 12:09 --------- d-----w C:\Program Files\SMS posílač Treca
2008-09-27 12:10 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\OpenOffice.org2
2008-09-27 09:20 --------- d-----w C:\Program Files\ICQ6
2008-09-22 19:00 2,684 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
2008-09-19 10:26 82,944 ----a-w C:\WINDOWS\system32\o4Patch.exe
2008-09-19 10:26 82,944 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
2008-09-17 17:21 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2008-09-17 14:56 --------- d-----w C:\Program Files\Opera
2008-09-08 21:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-08 15:44 --------- d-----w C:\Program Files\Nero
2008-09-08 15:44 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-07 16:10 --------- d-----w C:\Program Files\DAP
2008-09-07 16:10 --------- d-----w C:\Program Files\BitComet
2008-09-07 16:10 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2008-09-07 16:09 --------- d-----w C:\Program Files\BS.Player ControlBar
2008-09-06 17:44 --------- d-----w C:\Program Files\Webteh
2008-09-06 12:39 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-06 12:39 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-08-31 09:52 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-08-29 16:18 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2008-08-29 10:42 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2008-08-29 09:58 --------- d-----w C:\Program Files\Free Download Manager
2008-08-29 09:57 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\FreeDownloadManager.ORG
2008-08-28 18:36 --------- d-----w C:\Program Files\Star Downloader
2008-08-28 14:37 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\ICQ
2008-08-26 21:20 --------- d-----w C:\Program Files\Wordmaster XP
2008-08-23 11:14 --------- d-----w C:\Program Files\Lonely Cat Games
2008-08-23 10:26 --------- d-----w C:\Program Files\Any Video Converter
2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-08-14 18:44 --------- d-----w C:\Program Files\YouTubeRobot
2008-08-11 09:46 --------- d-----w C:\Program Files\MSXML 4.0
2008-08-06 19:41 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-08-04 20:50 47,251 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-08-04 20:50 2,145 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-08-04 17:27 8,972 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1adcdfd4-d18f-d5de-64c7-60d2557b57a8}]
2008-10-03 16:05 156672 --a------ C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1c4dcf93-aa29-beb4-7c96-0ac2686d02a6}]
2008-10-08 11:43 479232 --a------ C:\WINDOWS\system32\ezkrdscacssisy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]
2008-08-20 23:03 1780248 --a------ C:\Program Files\Come2PlayK2P\tbCome.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]
"{b8a5b62c-517f-42a5-85ae-29b5497fb15f}"= "C:\Program Files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B8A5B62C-517F-42A5-85AE-29B5497FB15F}"= "C:\Program Files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]

[HKEY_CLASSES_ROOT\clsid\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-22 5898240]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-04-22 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"mobiswing"="C:\PROGRA~1\WEBHOT~1\webp.exe" [2008-04-30 53248]
"vsldbhqvjmhlyyztw"="C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll" [2008-10-03 156672]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-04 1817600]
"nwiz"="nwiz.exe" [2005-04-22 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

C:\Documents and Settings\Taśka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Personal Player.lnk - C:\Program Files\Web Hottest Videos Personal Player\Adware-SE profesional Web hottest videos personal player.exe [2008-10-05 442368]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\byXOiGAP

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" -startup
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"D:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Free Download Manager\\fdm.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"D:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"D:\\Program Files\\Valve\\hl.exe"=
"D:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"=
"D:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8623:TCP"= 8623:TCP:BitComet 8623 TCP
"8623:UDP"= 8623:UDP:BitComet 8623 UDP

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-08-04 141312]
R2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 DstAud;DstAud;C:\WINDOWS\system32\DRIVERS\DstAud.sys [2001-12-05 8901]
R3 DstVid;DstVid;C:\WINDOWS\system32\DRIVERS\DstVid.sys [2001-12-05 11237]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-13 69120]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [ ]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - PROCEXP90
.
Obsah adresáře 'Naplánované úlohy'

2008-10-03 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe [2006-10-22 14:17]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-{37-70-01-15-DW} - c:\windows\system32\rmwnw64n.exe


.
------- Doplňkový sken -------
.
FireFox -: Profile - C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\m8nar2vy.default\
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npstar.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-11 18:08:11
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet010\Services\TDSSserv]
"imagepath"="\systemroot\system32\drivers\TDSSserv.sys"
.
Celkový čas: 2008-10-11 18:12:16
ComboFix-quarantined-files.txt 2008-10-11 16:12:14

Před spuštěním: 5,328,846,848
Po spuštění: 5,304,004,608

282 --- E O F --- 2008-09-23 16:42:32

[Reklama]

[Funstorm007]

Jo a jeste neco,musim spoustet PC pres "posledni znamou funkcni konfiguraci",protoze normalne se mi pred spustenim Windows ukaze:
Systém Windows nelze spustit.Uvedený soubor je poškozen nebo nebyl nalezen:
<Windows root>/system32/hal.dll.
Nainstalujte znovu uvedený soubor.

Co s tím???

[jaro3]

No to je pěkně v pytli.. Zkusím se poradit....Tady jsem něco našel:
http://www.kellys-korner-xp.com/xp_haldll_missing.htm
http://internet.vprdeli.com/view.php?ci ... 2008020701
Požádám o pomoc, i když nevím v tom logu CF je toho tolik ještě špatného...

[Diallix]

Funstorm007, zaskocim za jaro3

Vsetko zavisi od Vas a od toho ako urobite moje rady. Budem to pisat co najzrozumitelnejsie.

Teraz potrebujem od Vas, aby ste mi napisal nazov vasej jednotky CD (mechaniky)

Hlavnu HD jednotku kde je nahraty system mate c:\ a teraz potrebujem nazov jednotky kde mate CD-ROOM. Moze to byt napriklad E:\ , F:\

Ked mi to napisete, pojdeme dalej.

[Funstorm007]

mechanika je E: ;pevny disk C: a D:(na C: jsou windows)

Je to vse???

[Diallix]

Ano. Teraz poprosim o 2 minutky strpenia!

[Diallix]

Vlozte do mechaniky CD od windowsu a nabootujte. Ak nemate zvolene bootovanie, tak chodte do biosu a bot sekciou boot alebo bood device, zvolte CD mechaniku na 1 miesto. Nasledne ESC >> SAVE SETTINGS AND EXIT

Nasledne nabootujte z cd s win. Hned na zaciatku instalacie Vas vyzve, aby ste klikli lubovolnu klavesu a zacne nacitavanie driverov. Po nacitavani ste v hlavom menu. Kliknite na tlacidlo R pre konzolu zotavenia.
Nasledne pocklajte.
Objavi sa vam napriklad 1: C:\WINDOWS . Vy zvolte 1 , nakolko volite systemovy disk a zmacknite ENTER

Ak bude po Vas chciet heslo admina, tak nastavte heslo ktore mate. Ak nemate ziadne heslo a predsa ho bude od Vas pytat, nedavajte nic a kliknite na ENTER .

Nasledne ste v prikazovom riadku do ktoreho napiste toto :

expand E:\i386\hal.dl_ c:\Windows\system32\hal.dll

>> Ak by nesiel prikaz expand, mozte pouzit aj prikaz copy

Tu mate aj presny popis : http://support.microsoft.com/kb/314477

Ked to urobite, tak zadajte EXIT

Nasledne napiste, ci Vam ide system spustit. Potom prejdeme na dalsi navod.

[Funstorm007]

A jak mam do konzole napsat dvojtecku,mezeru,lomeno???

[Diallix]

Znak _ = shift + klavesa kde je % ,=,- druha klavesa od backspeasu
Znak : = shift + ,, ô(alebo ceske u) druha klavesa od enteru
Znak \ = klavesa na ktorej je znka \, |

Skuste to na klavesy vyhladat. Urcite to zvladnete.

[Funstorm007]

Ani jedno nejde,zkousel jsem vsechno... jde jen -;.;_

[Diallix]

Musite to este poskusat s klavesou shift...
Popripade, ked date tu klavesu R, tak sa vas pyta, ci chcete zmenit jazyk a dole zacina odpocitavanie. Podla klavesy zmente jazyk na cesky alebo skovensky.

[Funstorm007]

dam R a napise to ze existuje slozka windows a dole je vybrat jinou,kliknu a mam tam tu konzoli.Nic vic