Vyskakujici tabulka?!

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 16:59

Ahoj vyskakuje na me po kazdem restartu a vyp/zap pc tahle tabulka:
Prikladam log z mbam a Hjt.Ten log z mbam tak tam mam tyhle 2 veci porad i kdyz je dam odstranit.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:52:51, on 8.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3708013187
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7395 bytes

Reklama

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 17:00

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2758
Windows 5.1.2600 Service Pack 3

8.9.2009 16:52:30
mbam-log-2009-09-08 (16-52-24).txt

Typ skenu: Rychlý sken
Objektu skenováno: 91394
Uplynulý cas: 5 minute(s), 44 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 1
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft winupdate (Backdoor.Bot) -> No action taken.

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
C:\WINDOWS\system32\msupdte.exe (Backdoor.Bot) -> No action taken.

Damned · Příspěvekod **Damned** » 08 zář 2009 18:35

Vypni si Body obnovení.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
*****************************************************************************************************************************************
Spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Zapni si Body obnovení a udělej si Kontrolní bod systému.

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 22:31

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2758
Windows 5.1.2600 Service Pack 3

8.9.2009 22:14:40
mbam-log-2009-09-08 (22-14-40).txt

Typ skenu: Rychlý sken
Objektu skenováno: 91350
Uplynulý cas: 5 minute(s), 30 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
C:\WINDOWS\system32\msupdte.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 22:32

ComboFix 09-09-08.01 - MojePC 08.09.2009 22:20.3.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.670 [GMT 2:00]
Spuštěný z: c:\documents and settings\MojePC\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-08-08 do 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-08 14:13 . 2009-09-08 14:13 -------- d-----w- c:\program files\IrfanView
2009-09-07 01:00 . 2009-09-07 01:00 -------- d-----w- c:\program files\MSXML 4.0
2009-09-05 23:06 . 2009-09-05 23:06 88 --sh--r- c:\windows\system32\741D6E332D.sys
2009-09-05 23:06 . 2009-09-07 13:04 3088 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-09-05 23:03 . 2009-09-05 23:04 -------- d-----w- c:\program files\Common Files\Corel
2009-09-05 23:03 . 2009-09-05 23:03 -------- d-----w- c:\program files\Corel
2009-09-05 16:56 . 2009-09-06 17:38 -------- d-----w- C:\FreeRapid-0.83-beta4
2009-09-05 06:55 . 2009-09-05 07:09 -------- d-----w- C:\totalcmd
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\UC.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\RAR.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\PKZIP.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\LHA.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\ARJ.PIF
2009-09-03 21:49 . 2009-09-05 17:01 -------- d-----w- C:\USDownloader-Lite
2009-09-03 16:07 . 2009-09-03 16:09 -------- d-----w- c:\program files\ICQ6.5
2009-09-03 15:00 . 2009-09-03 15:14 -------- d-----w- c:\program files\Full Tilt Poker
2009-09-03 14:02 . 2009-09-03 14:32 -------- d-----w- C:\TRANSLAT
2009-08-29 13:06 . 2009-08-29 13:06 -------- d-----w- c:\documents and settings\MojePC\Saved Games
2009-08-26 14:23 . 2009-08-26 14:23 -------- d-----w- c:\program files\Robster Productions
2009-08-26 11:09 . 2009-08-29 12:49 -------- d-----w- C:\Games
2009-08-25 22:31 . 2009-08-26 14:26 -------- d-----w- c:\program files\PCPitstop
2009-08-21 19:58 . 2009-09-07 13:52 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-21 19:58 . 2009-09-07 14:03 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-21 19:58 . 2009-08-21 19:58 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-21 19:09 . 2009-08-21 19:09 -------- d-----w- C:\Splash
2009-08-21 17:16 . 2009-09-07 14:03 -------- d-----w- c:\program files\Call of Duty
2009-08-21 10:02 . 2009-08-21 10:02 -------- d-----w- c:\program files\SystemRequirementsLab
2009-08-21 10:02 . 2009-08-21 10:02 -------- d-----w- c:\windows\Sun
2009-08-20 09:48 . 2009-08-20 09:49 -------- d-----w- c:\program files\CCleaner
2009-08-18 14:44 . 2009-08-18 14:44 -------- d-----w- c:\program files\Trend Micro
2009-08-18 04:46 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-18 04:46 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-18 04:46 . 2009-08-18 04:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 21:44 . 2009-08-17 21:44 -------- d-----w- c:\documents and settings\MojePC\DoctorWeb
2009-08-17 05:31 . 2009-08-17 06:27 -------- d-----w- c:\program files\EA Sports
2009-08-16 13:15 . 2001-08-17 18:19 3712 -c--a-w- c:\windows\system32\dllcache\ctljystk.sys
2009-08-16 13:15 . 2001-08-17 18:19 3712 ----a-w- c:\windows\system32\drivers\ctljystk.sys
2009-08-16 13:15 . 2008-04-13 18:45 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2009-08-16 13:15 . 2008-04-13 18:45 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2009-08-13 19:53 . 2009-08-13 19:53 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-08-12 09:15 . 2009-08-12 09:15 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-08-12 09:14 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll
2009-08-12 09:14 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-08-12 09:14 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-08-12 09:14 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-08-12 09:14 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-08-12 09:14 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-08-12 09:14 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-08-12 09:14 . 2009-08-12 09:14 -------- d-----w- c:\program files\VSO
2009-08-12 05:49 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-08-12 05:49 . 2009-08-12 05:49 -------- d-----w- c:\windows\Logs
2009-08-12 05:16 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-11 13:41 . 2009-08-11 13:41 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-11 13:15 . 2009-08-11 13:15 -------- d-----w- c:\program files\Common Files\xing shared
2009-08-11 13:15 . 2009-08-11 13:15 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-08-11 13:15 . 2009-08-11 13:15 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-11 13:15 . 2009-08-11 13:15 -------- d-----w- c:\program files\Real
2009-08-11 13:15 . 2009-08-11 13:15 -------- d-----w- c:\program files\Common Files\Real
2009-08-10 14:05 . 2009-08-10 14:05 48 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-08-10 14:03 . 2009-08-10 14:03 -------- d-----w- c:\program files\Common Files\Skype
2009-08-10 14:03 . 2009-08-10 14:44 -------- d-----r- c:\program files\Skype
2009-08-10 10:17 . 2009-09-06 23:02 -------- d-----w- c:\program files\Froggy Castle 2
2009-08-10 10:07 . 2009-09-06 23:01 -------- d-----w- c:\program files\Dracula Twins
2009-08-10 09:58 . 2009-08-10 09:59 -------- d-----w- c:\program files\Bud Redhead
2009-08-10 09:17 . 2009-08-18 14:39 -------- d-----w- c:\program files\GamesBar
2009-08-10 09:16 . 2009-08-10 09:16 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-08-10 09:16 . 2009-08-10 09:22 -------- d-----w- c:\program files\Oberon Media
2009-08-10 09:02 . 2009-08-10 09:02 -------- d-----w- c:\program files\Hidden Wonders of the Depths 2
2009-08-10 09:02 . 2009-08-10 09:02 -------- d-----w- c:\windows\Hidden Wonders of the Depths 2
2009-08-10 09:01 . 2009-08-10 09:01 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-08 20:19 . 2006-03-02 12:00 92006 ----a-w- c:\windows\system32\perfc005.dat
2009-09-08 20:19 . 2006-03-02 12:00 461402 ----a-w- c:\windows\system32\perfh005.dat
2009-09-08 15:37 . 2009-08-06 18:37 -------- d-----w- c:\program files\PokerStars
2009-09-05 17:12 . 2009-07-29 20:06 -------- d-----w- c:\program files\GIMP-2.0
2009-09-03 16:08 . 2009-02-04 00:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-01 16:58 . 2009-07-29 04:41 -------- d-----w- c:\program files\JDownloader 0.6.193
2009-08-21 17:11 . 2009-02-04 00:21 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-19 16:43 . 2009-07-28 17:58 -------- d-----w- c:\program files\IObit
2009-08-06 05:03 . 2009-08-05 18:06 -------- d-----w- c:\program files\Avanquest update
2009-08-05 18:04 . 2009-08-05 18:04 -------- d-----w- c:\program files\Sony Ericsson
2009-08-05 09:01 . 2006-03-02 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 21:43 . 2009-08-04 21:43 -------- d-----w- c:\program files\VGA USB Camera
2009-08-04 20:18 . 2009-08-04 20:17 -------- d-----w- c:\program files\Windows Live
2009-08-04 20:17 . 2009-08-04 20:17 -------- d-----w- c:\program files\Microsoft
2009-08-04 20:17 . 2009-08-04 20:17 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-04 20:13 . 2009-08-04 20:13 -------- d-----w- c:\program files\Common Files\Windows Live
2009-08-04 14:08 . 2009-08-04 13:53 -------- d-----w- c:\program files\Windows Desktop Search
2009-08-04 13:51 . 2009-08-04 13:51 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-03 09:35 . 2009-08-03 09:34 -------- d-----w- c:\program files\4 Elements
2009-08-03 09:12 . 2009-07-30 05:57 -------- d-----w- c:\program files\Ricochet Infinity
2009-08-02 08:55 . 2009-08-01 07:31 -------- d-----w- c:\program files\Counter-Strike Source
2009-07-30 14:04 . 2009-07-30 14:04 -------- d-----w- c:\program files\Microsoft Works
2009-07-30 14:03 . 2009-07-29 19:50 -------- d-----w- c:\program files\MSBuild
2009-07-30 14:01 . 2009-07-30 14:01 -------- d-----w- c:\program files\Microsoft.NET
2009-07-30 13:59 . 2009-07-30 13:58 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-07-30 05:57 . 2009-07-30 05:57 -------- d-----w- c:\program files\ReflexiveArcade
2009-07-29 20:02 . 2009-07-29 20:02 -------- d-----w- c:\program files\Common Files\GTK
2009-07-29 20:01 . 2009-07-29 20:01 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-07-29 19:50 . 2009-07-29 19:50 -------- d-----w- c:\program files\Reference Assemblies
2009-07-29 18:08 . 2009-07-29 18:08 -------- d-----w- c:\program files\Lavalys
2009-07-29 10:12 . 2009-07-29 10:12 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-07-29 10:12 . 2009-07-29 10:12 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-07-29 10:08 . 2009-07-29 10:08 -------- d-----w- c:\program files\PlayLogic
2009-07-29 04:46 . 2009-07-29 04:46 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-29 04:46 . 2009-07-29 04:46 -------- d-----w- c:\program files\Java
2009-07-27 20:04 . 2009-07-27 20:04 -------- d-----w- c:\program files\ESET
2009-07-27 14:37 . 2009-07-27 14:37 0 ----a-w- c:\windows\nsreg.dat
2009-07-17 19:04 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2006-03-02 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:59 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 08:27 . 2006-03-02 12:00 729088 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:27 . 2006-03-02 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:27 . 2006-03-02 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:27 . 2006-03-02 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:27 . 2006-03-02 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:27 . 2006-03-02 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2006-03-02 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 10:45 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:45 . 2006-03-02 12:00 81408 ----a-w- c:\windows\system32\tlntsess.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Call of Duty\\CoDMP.exe"=
"c:\\Program Files\\Call of Duty\\CoDUOMP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\IObit\\Advanced SystemCare 3\\AWC.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Counter-Strike Source\\srcds.exe"=
"c:\\Program Files\\PokerStars\\PokerStarsUpdate.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [1.7.2008 9:04 34312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [21.12.2007 8:21 468224]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-09-08 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-09-05 09:32]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\MojePC\Data aplikací\Mozilla\Firefox\Profiles\d5mpk7tl.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 22:26
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1480)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-09-08 22:29
ComboFix-quarantined-files.txt 2009-09-08 20:29

Před spuštěním: Volných bajtů: 12 570 443 776
Po spuštění: Volných bajtů: 12 560 678 912

234 --- E O F --- 2009-09-07 01:00

Damned · Příspěvekod **Damned** » 08 zář 2009 22:40

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\741D6E332D.sys
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\ezsidmv.dat

Driver::
741D6E332D
KGyGaAvL

Rootkit::
c:\windows\system32\741D6E332D.sys
c:\windows\system32\KGyGaAvL.sys

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 23:02

ComboFix 09-09-08.01 - MojePC 08.09.2009 22:49.4.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.643 [GMT 2:00]
Spuštěný z: c:\documents and settings\MojePC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\MojePC\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FILE ::
"c:\windows\system32\741D6E332D.sys"
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\KGyGaAvL.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\741D6E332D.sys
c:\windows\system32\ezsidmv.dat
c:\windows\system32\KGyGaAvL.sys

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-08 do 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-08 14:13 . 2009-09-08 14:13 -------- d-----w- c:\program files\IrfanView
2009-09-07 01:00 . 2009-09-07 01:00 -------- d-----w- c:\program files\MSXML 4.0
2009-09-05 23:03 . 2009-09-05 23:04 -------- d-----w- c:\program files\Common Files\Corel
2009-09-05 23:03 . 2009-09-05 23:03 -------- d-----w- c:\program files\Corel
2009-09-05 16:56 . 2009-09-06 17:38 -------- d-----w- C:\FreeRapid-0.83-beta4
2009-09-05 06:55 . 2009-09-05 07:09 -------- d-----w- C:\totalcmd
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\UC.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\RAR.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\PKZIP.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\LHA.PIF
2009-09-05 06:55 . 2009-08-27 05:50 545 ----a-w- c:\windows\ARJ.PIF
2009-09-03 21:49 . 2009-09-05 17:01 -------- d-----w- C:\USDownloader-Lite
2009-09-03 16:07 . 2009-09-03 16:09 -------- d-----w- c:\program files\ICQ6.5
2009-09-03 15:00 . 2009-09-03 15:14 -------- d-----w- c:\program files\Full Tilt Poker
2009-09-03 14:02 . 2009-09-03 14:32 -------- d-----w- C:\TRANSLAT
2009-08-29 13:06 . 2009-08-29 13:06 -------- d-----w- c:\documents and settings\MojePC\Saved Games
2009-08-26 14:23 . 2009-08-26 14:23 -------- d-----w- c:\program files\Robster Productions
2009-08-26 11:09 . 2009-08-29 12:49 -------- d-----w- C:\Games
2009-08-25 22:31 . 2009-08-26 14:26 -------- d-----w- c:\program files\PCPitstop
2009-08-21 19:58 . 2009-09-07 13:52 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-21 19:58 . 2009-09-07 14:03 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-21 19:58 . 2009-08-21 19:58 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-21 19:09 . 2009-08-21 19:09 -------- d-----w- C:\Splash
2009-08-21 17:16 . 2009-09-07 14:03 -------- d-----w- c:\program files\Call of Duty
2009-08-21 10:02 . 2009-08-21 10:02 -------- d-----w- c:\program files\SystemRequirementsLab
2009-08-21 10:02 . 2009-08-21 10:02 -------- d-----w- c:\windows\Sun
2009-08-20 09:48 . 2009-08-20 09:49 -------- d-----w- c:\program files\CCleaner
2009-08-18 14:44 . 2009-08-18 14:44 -------- d-----w- c:\program files\Trend Micro
2009-08-18 04:46 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-18 04:46 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-18 04:46 . 2009-08-18 04:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 21:44 . 2009-08-17 21:44 -------- d-----w- c:\documents and settings\MojePC\DoctorWeb
2009-08-17 05:31 . 2009-08-17 06:27 -------- d-----w- c:\program files\EA Sports
2009-08-16 13:15 . 2001-08-17 18:19 3712 -c--a-w- c:\windows\system32\dllcache\ctljystk.sys
2009-08-16 13:15 . 2001-08-17 18:19 3712 ----a-w- c:\windows\system32\drivers\ctljystk.sys
2009-08-16 13:15 . 2008-04-13 18:45 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2009-08-16 13:15 . 2008-04-13 18:45 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2009-08-13 19:53 . 2009-08-13 19:53 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-08-12 09:15 . 2009-08-12 09:15 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-08-12 09:14 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll
2009-08-12 09:14 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-08-12 09:14 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-08-12 09:14 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-08-12 09:14 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-08-12 09:14 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-08-12 09:14 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-08-12 09:14 . 2009-08-12 09:14 -------- d-----w- c:\program files\VSO
2009-08-12 05:49 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-08-12 05:49 . 2009-08-12 05:49 -------- d-----w- c:\windows\Logs
2009-08-12 05:16 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-11 13:41 . 2009-08-11 13:41 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-11 13:15 . 2009-08-11 13:15 -------- d-----w- c:\program files\Common Files\xing shared
2009-08-11 13:15 . 2009-08-11 13:15 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-08-11 13:15 . 2009-08-11 13:15 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-11 13:15 . 2009-08-11 13:15 -------- d-----w- c:\program files\Real
2009-08-11 13:15 . 2009-08-11 13:15 -------- d-----w- c:\program files\Common Files\Real
2009-08-10 14:03 . 2009-08-10 14:03 -------- d-----w- c:\program files\Common Files\Skype
2009-08-10 14:03 . 2009-08-10 14:44 -------- d-----r- c:\program files\Skype
2009-08-10 10:17 . 2009-09-06 23:02 -------- d-----w- c:\program files\Froggy Castle 2
2009-08-10 10:07 . 2009-09-06 23:01 -------- d-----w- c:\program files\Dracula Twins
2009-08-10 09:58 . 2009-08-10 09:59 -------- d-----w- c:\program files\Bud Redhead
2009-08-10 09:17 . 2009-08-18 14:39 -------- d-----w- c:\program files\GamesBar
2009-08-10 09:16 . 2009-08-10 09:16 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-08-10 09:16 . 2009-08-10 09:22 -------- d-----w- c:\program files\Oberon Media
2009-08-10 09:02 . 2009-08-10 09:02 -------- d-----w- c:\program files\Hidden Wonders of the Depths 2
2009-08-10 09:02 . 2009-08-10 09:02 -------- d-----w- c:\windows\Hidden Wonders of the Depths 2
2009-08-10 09:01 . 2009-08-10 09:01 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-08 20:19 . 2006-03-02 12:00 92006 ----a-w- c:\windows\system32\perfc005.dat
2009-09-08 20:19 . 2006-03-02 12:00 461402 ----a-w- c:\windows\system32\perfh005.dat
2009-09-08 15:37 . 2009-08-06 18:37 -------- d-----w- c:\program files\PokerStars
2009-09-05 17:12 . 2009-07-29 20:06 -------- d-----w- c:\program files\GIMP-2.0
2009-09-03 16:08 . 2009-02-04 00:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-01 16:58 . 2009-07-29 04:41 -------- d-----w- c:\program files\JDownloader 0.6.193
2009-08-21 17:11 . 2009-02-04 00:21 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-19 16:43 . 2009-07-28 17:58 -------- d-----w- c:\program files\IObit
2009-08-06 05:03 . 2009-08-05 18:06 -------- d-----w- c:\program files\Avanquest update
2009-08-05 18:04 . 2009-08-05 18:04 -------- d-----w- c:\program files\Sony Ericsson
2009-08-05 09:01 . 2006-03-02 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 21:43 . 2009-08-04 21:43 -------- d-----w- c:\program files\VGA USB Camera
2009-08-04 20:18 . 2009-08-04 20:17 -------- d-----w- c:\program files\Windows Live
2009-08-04 20:17 . 2009-08-04 20:17 -------- d-----w- c:\program files\Microsoft
2009-08-04 20:17 . 2009-08-04 20:17 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-04 20:13 . 2009-08-04 20:13 -------- d-----w- c:\program files\Common Files\Windows Live
2009-08-04 14:08 . 2009-08-04 13:53 -------- d-----w- c:\program files\Windows Desktop Search
2009-08-04 13:51 . 2009-08-04 13:51 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-03 09:35 . 2009-08-03 09:34 -------- d-----w- c:\program files\4 Elements
2009-08-03 09:12 . 2009-07-30 05:57 -------- d-----w- c:\program files\Ricochet Infinity
2009-08-02 08:55 . 2009-08-01 07:31 -------- d-----w- c:\program files\Counter-Strike Source
2009-07-30 14:04 . 2009-07-30 14:04 -------- d-----w- c:\program files\Microsoft Works
2009-07-30 14:03 . 2009-07-29 19:50 -------- d-----w- c:\program files\MSBuild
2009-07-30 14:01 . 2009-07-30 14:01 -------- d-----w- c:\program files\Microsoft.NET
2009-07-30 13:59 . 2009-07-30 13:58 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-07-30 05:57 . 2009-07-30 05:57 -------- d-----w- c:\program files\ReflexiveArcade
2009-07-29 20:02 . 2009-07-29 20:02 -------- d-----w- c:\program files\Common Files\GTK
2009-07-29 20:01 . 2009-07-29 20:01 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-07-29 19:50 . 2009-07-29 19:50 -------- d-----w- c:\program files\Reference Assemblies
2009-07-29 18:08 . 2009-07-29 18:08 -------- d-----w- c:\program files\Lavalys
2009-07-29 10:12 . 2009-07-29 10:12 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-07-29 10:12 . 2009-07-29 10:12 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-07-29 10:08 . 2009-07-29 10:08 -------- d-----w- c:\program files\PlayLogic
2009-07-29 04:46 . 2009-07-29 04:46 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-29 04:46 . 2009-07-29 04:46 -------- d-----w- c:\program files\Java
2009-07-27 20:04 . 2009-07-27 20:04 -------- d-----w- c:\program files\ESET
2009-07-27 14:37 . 2009-07-27 14:37 0 ----a-w- c:\windows\nsreg.dat
2009-07-17 19:04 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2006-03-02 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:59 . 2006-03-02 12:00 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 08:27 . 2006-03-02 12:00 729088 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:27 . 2006-03-02 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:27 . 2006-03-02 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:27 . 2006-03-02 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:27 . 2006-03-02 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:27 . 2006-03-02 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2006-03-02 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 10:45 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:45 . 2006-03-02 12:00 81408 ----a-w- c:\windows\system32\tlntsess.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-09-08_20.26.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-08 20:54 . 2009-09-08 20:54 16384 c:\windows\temp\Perflib_Perfdata_1e0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Call of Duty\\CoDMP.exe"=
"c:\\Program Files\\Call of Duty\\CoDUOMP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\IObit\\Advanced SystemCare 3\\AWC.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Counter-Strike Source\\srcds.exe"=
"c:\\Program Files\\PokerStars\\PokerStarsUpdate.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [1.7.2008 9:04 34312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [21.12.2007 8:21 468224]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-09-08 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-09-05 09:32]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\MojePC\Data aplikací\Mozilla\Firefox\Profiles\d5mpk7tl.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 22:54
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1560)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\PSIService.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2009-09-08 23:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-09-08 21:01
ComboFix2.txt 2009-09-08 20:29

Před spuštěním: Volných bajtů: 12 568 322 048
Po spuštění: Volných bajtů: 12 535 492 608

260 --- E O F --- 2009-09-07 01:00

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 23:05

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:57, on 8.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3708013187
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6921 bytes

Jeste sem ti zapomnel rict ze kdyz sem chtel pretahnout okno tak se mi zprusvitnilo (jestli vis jak to myslim)Pritom sem to nastavoval asi Xkrat a porad se to vracelo.Jinak Pc asi ok nic na me nevyskocilo.

Damned · Příspěvekod **Damned** » 08 zář 2009 23:13

Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se. :bigups:

Yelkinson · Příspěvekod **Yelkinson** » 08 zář 2009 23:22

tak dik moc doufam ze tu nebudu zase tak casto!

Vyskakujici tabulka?! Vyřešeno

Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?!

Re: Vyskakujici tabulka?! Vyřešeno

Kdo je online