Prosím o kontrolu logu Vyřešeno

[kudr8]

A internet mi teď jede parádně rychle

[Reklama]

[kudr8]

Jo a ten AVptool.. mám tam zaškrtnout všechny políčka?

[bledulka]

Fajn, pak mi sem napiš, co AVPtool smazl, dej třeba screen.
Pak ještě něco domažeme v combofixu.

[kudr8]

AVPtool smazal C:\Qoobox.rar, C:\Qoobox a C:\Documents and Setting\Radim\Local Setting\Data aplikací\av.exe

[bledulka]

Co máš za antivir, Avast nebo Eset?



Prosím tě, tohle znáš?
c:\\dvt.exe


Combofix přesuň na plochu
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka

Kód: Vybrat vše

Collect::
c:\windows\Tasks\Norton Security Scan for Radim.job

c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

Folder::
c:\program files\Stylish Profile
c:\program files\Ask.com
c:\program files\Norton Security Scan\

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"=-
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"-
[-HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[-HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"=-
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

DDS::
uStart Page = hxxp://search13.net/
uDefault_Search_URL = hxxp://search13.net/
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/

Firefox::
FF - ProfilePath - c:\documents and settings\Radim\Data aplikací\Mozilla\Firefox\Profiles\ih157vk4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=


-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš

-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[kudr8]

Prosím tě, tohle znáš?
c:\\dvt.exe
.
.
.
Neznám.

[kudr8]

Jo a používám avast.

[bledulka]

Tak tohle prosím Tě ještě otestuj na www.virustotal.com
c:\\dvt.exe

[kudr8]

Tady je ten log z combofixu:


ComboFix 10-07-20.01 - Radim 21.07.2010 20:58:41.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.194 [GMT 2:00]
Spuštěný z: c:\documents and settings\Radim\Plocha\cokoliv.com
Použité ovládací přepínače :: c:\docume~1\Radim\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.51 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

file zipped: c:\windows\Tasks\Norton Security Scan for Radim.job
file zipped: c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_55.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\Norton Security Scan\
c:\program files\Norton Security Scan\\BilBDRes.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\{2A85E335-7417-424d-AD89-31DED1689794}.dat
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\{407D1C08-B366-4aca-92FB-E04E97F6681D}.dat
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\BilBDRes.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ccL80U.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ccScanw.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ccVrTrst.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\dec_abi.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\DefLoad.exe
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\DefUtDCD.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\diLueCbk.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ecmldr32.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\HeartBt.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\help.htm
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\InstWrap.exe
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\Microsoft.VC80.CRT.manifest
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\msl.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\msvcp80.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\msvcr80.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\Nss.exe
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\patch25d.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\PrdDtRes.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ReputationCacheDB.db
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\RevList.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\RptCdRes.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\SAUpdt.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ScanCore.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ScanRes.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\ScanText.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\SKUCfg.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\SKURes.dll
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\symbos.exe
c:\program files\Norton Security Scan\\Norton Security Scan\Engine\2.7.0.52\SymHTML.dll
c:\program files\Norton Security Scan\\Norton Security Scan\isolate.ini
c:\program files\Norton Security Scan\\symbos.exe
c:\program files\Stylish Profile
c:\program files\Stylish Profile\ct.htm
c:\program files\Stylish Profile\enlbrdr.dll
c:\program files\Stylish Profile\hoticon.ico
c:\program files\Stylish Profile\tomapi.js
c:\program files\Stylish Profile\tommain.js
c:\program files\Stylish Profile\uninstall.exe
c:\program files\Stylish Profile\updaterWin32.dll
c:\windows\Tasks\Norton Security Scan for Radim.job
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-21 do 2010-07-21 )))))))))))))))))))))))))))))))
.

2010-07-21 10:00 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\42574892.sys
2010-07-21 10:00 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\4257489.sys
2010-07-21 10:00 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\42574891.sys
2010-07-21 08:05 . 2010-07-21 08:05 -------- d-----w- c:\windows\system32\wbem\Repository
2010-07-21 08:05 . 2010-07-21 08:05 -------- d-----w- C:\_OTL
2010-07-21 08:03 . 2010-07-21 11:33 -------- d-----w- c:\program files\Eset
2010-07-21 07:27 . 2010-07-21 08:03 -------- d-----w- C:\ComboFix(2)
2010-07-20 13:58 . 2004-08-17 13:49 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-07-20 13:53 . 2010-07-20 13:53 -------- d-----w- c:\program files\MSXML 4.0
2010-07-20 13:44 . 2010-07-20 13:44 -------- d-----w- c:\program files\Trend Micro
2010-07-20 13:35 . 2010-07-20 13:35 -------- d-----w- c:\program files\Common Files\Java
2010-07-20 13:32 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-19 21:56 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-19 21:56 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-19 21:56 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-19 21:56 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-19 21:56 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-19 21:56 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-19 21:54 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-19 21:54 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-19 21:50 . 2010-07-19 21:53 -------- d-----w- c:\program files\Alwil Software
2010-07-19 19:39 . 2010-07-19 19:39 -------- d-----w- c:\program files\Glary Utilities
2010-07-19 07:34 . 2010-07-19 10:02 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-07-19 05:54 . 2008-04-21 21:28 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-07-14 10:51 . 2010-07-14 10:51 -------- d-----w- c:\program files\EA GAMES
2010-06-29 17:00 . 2010-07-21 11:26 -------- d-----w- c:\program files\Steam
2010-06-25 17:51 . 2010-06-30 10:52 -------- d-----w- c:\program files\Metin2

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-21 17:38 . 2009-12-15 14:25 -------- d-----w- c:\program files\Valve
2010-07-21 11:32 . 2001-10-25 14:00 47206 ----a-w- c:\windows\system32\perfc005.dat
2010-07-21 11:32 . 2001-10-25 14:00 312970 ----a-w- c:\windows\system32\perfh005.dat
2010-07-21 10:24 . 2005-08-15 17:04 24 ----a-w- c:\windows\system32\DVCStateBkp-{00000000-00000000-0000000A-00001102-00000004-00511102}.dat
2010-07-21 10:24 . 2005-08-15 17:04 24 ----a-w- c:\windows\system32\DVCState-{00000000-00000000-0000000A-00001102-00000004-00511102}.dat
2010-07-21 08:25 . 2009-07-15 19:48 -------- d-----w- c:\program files\ICQ6.5
2010-07-20 14:38 . 2005-12-23 17:49 -------- d-----w- c:\program files\TweakNow RegCleaner Std
2010-07-20 13:32 . 2010-05-26 19:13 -------- d-----w- c:\program files\Java
2010-07-19 21:58 . 2008-11-13 13:56 -------- d-----w- c:\program files\Google
2010-07-16 19:07 . 2008-11-16 13:42 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-06-28 20:33 . 2005-10-27 15:35 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-19 12:56 . 2010-06-19 12:56 -------- d-----w- c:\program files\Stellarium
2010-06-18 11:20 . 2010-06-18 11:19 -------- d-----w- c:\program files\VirtualDJ
2010-06-05 12:43 . 2010-06-05 12:42 -------- d-----w- c:\program files\MOV to AVI MPEG WMV Converter
2010-06-04 11:22 . 2005-08-15 16:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-04 09:25 . 2002-03-25 20:02 11973 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-05-04 17:18 . 2002-09-20 18:05 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:18 . 2005-08-15 11:44 78336 ------w- c:\windows\system32\ieencode.dll
2010-05-04 17:18 . 2001-10-25 14:00 17408 ------w- c:\windows\system32\corpol.dll
2009-12-15 14:22 . 2009-12-15 14:14 302548481 ----a-w- c:\program files\Counter-Strike1.6(1).exe
2009-12-09 18:49 . 2009-12-09 16:23 733777632 ----a-w- c:\program files\Counter-Strike Source(1).exe
2009-12-09 14:59 . 2009-12-09 14:58 733777632 ---ha-w- c:\program files\Counter-Strike Source.exe
2009-12-09 14:34 . 2009-12-09 14:33 57008 ----a-w- c:\program files\cfgs.rar
2009-11-27 12:41 . 2009-11-27 12:41 997113166 ---ha-w- c:\program files\cs_source.rar
2008-10-16 15:58 . 2008-12-24 19:43 2848436 ----a-w- c:\program files\Landa-Touha.mp3
2008-10-01 10:05 . 2008-12-24 19:43 4001792 ----a-w- c:\program files\Enrique Iglesias - Hero.mp3
2008-08-10 23:08 . 2008-08-10 23:08 978396 ----a-w- c:\program files\BDAXP.cab
2008-08-03 15:36 . 2008-08-03 15:36 137003 ----a-w- c:\program files\bhop2.png
2008-06-13 14:46 . 2008-12-24 19:43 5904863 ----a-w- c:\program files\Chinaski - Vakuum.mp3
2008-05-21 11:28 . 2008-12-24 19:43 3343717 ----a-w- c:\program files\Enrique Iglesias - Escape.mp3
2008-05-21 11:00 . 2008-12-24 19:43 5825885 ----a-w- c:\program files\Falling Slowly.mp3
2008-05-20 07:36 . 2008-12-24 19:43 3190317 ----a-w- c:\program files\Glen Hansard-All the way down.mp3
2008-05-20 07:32 . 2008-12-24 19:43 6467440 ----a-w- c:\program files\Fergie - Big Girls Dont Cry.mp3
2008-04-28 18:24 . 2008-12-24 19:43 5552128 ----a-w- c:\program files\Enrique Iglesias - Ring my bells.mp3
2008-04-28 18:20 . 2008-12-24 19:43 3965306 ----a-w- c:\program files\Enrique Iglesias - 03 - Love to see you cry - 21century.mp3
2008-04-28 18:05 . 2008-12-24 19:43 5574053 ----a-w- c:\program files\Fergie - Wont Let You Fall.mp3
2008-04-28 18:00 . 2008-12-24 19:43 6561752 ----a-w- c:\program files\Fergie.mp3
2005-12-20 19:41 . 2005-12-20 19:41 8192 --sha-w- c:\windows\o2cLicStore.bin
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-13 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-09-17 1933381]
"Steam"="c:\program files\steam\steam.exe" [2010-07-02 1238352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064]
"D_V_T"="c:\\dvt.exe" [2006-02-10 3584]
"Ulead AutoDetector"="c:\program files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe" [2003-02-27 45056]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"CARPService"="carpserv.exe" [2002-11-19 4608]
"RTBatteryMeter"="c:\program files\VibrateGameDeviceDriver\RFPIcon.exe" [2003-01-16 49152]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HostingClientShortcut.lnk - c:\hosting\client\HostingClient.exe [2010-5-26 81920]
hp instant support.lnk - c:\program files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe [2005-8-15 208896]
hp psc 2000 Series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2002-5-29 323646]
officejet 6100.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2002-5-29 147456]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Shell"="c:\program files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
"TaskTray"="c:\program files\Creative\SBAudigy\TaskBar\CTLTray.exe"
"TaskBar"="c:\program files\Creative\SBAudigy\TaskBar\CTLTask.exe"
"Eyeball Chat"="c:\progra~1\Eyeball\EYEBAL~1\EyeballChat.exe" -min

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Jet Detection"=c:\program files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
"CARPService"=carpserv.exe
"WINDVDPatch"=CTHELPER.EXE
"CTStartup"=c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run
"Share-to-Web Namespace Daemon"=c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Hry\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\hosting\\client\\HostingClient.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23048:TCP"= 23048:TCP:BitComet 23048 TCP
"23048:UDP"= 23048:UDP:BitComet 23048 UDP

R0 42574892;42574892 Boot Guard Driver;c:\windows\system32\drivers\42574892.sys [21.7.2010 12:00 37392]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 42574891;42574891;c:\windows\system32\drivers\42574891.sys [21.7.2010 12:00 128016]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.7.2010 23:56 165456]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [31.3.2006 22:15 24786]
R1 setup_9.0.0.722_21.07.2010_13-25drv;setup_9.0.0.722_21.07.2010_13-25drv;c:\windows\system32\drivers\4257489.sys [21.7.2010 12:00 315408]
R2 Apache2.2;Apache2.2;c:\hosting\apache\bin\httpd.exe [28.9.2009 23:41 24645]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.7.2010 23:56 17744]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7.11.2008 18:22 222968]
R3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\DynCal.sys [26.9.2005 16:47 8576]
R3 tomcat6;tomcat6;c:\hosting\tomcat\bin\tomcat6.exe [20.7.2007 7:20 57344]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.2.2009 15:34 717296]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31.12.2009 19:07 135664]
S3 CCCP106;CIF USB Camera (2110A);c:\windows\system32\drivers\cccp106.sys [15.8.2005 17:58 227200]
S3 Devx;Devx;c:\windows\system32\drivers\Devx.sys [29.11.2008 19:03 4448]
S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [31.3.2006 22:15 45534]
S3 VtPr;VtPr;c:\windows\system32\drivers\VtPr.sys [29.11.2008 19:03 3328]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ;c:\windows\system32\drivers\mrv8ka51.sys [24.3.2007 14:26 258560]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-21 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-07-19 09:14]

2010-07-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-13 19:34]

2010-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 17:06]

2010-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 17:06]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://search13.net/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Přelož do češtiny - c:\program files\Seznam Bezpecny Internet\SBI.dll/5034
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Hledej v &Seznamu - c:\program files\Seznam Bezpecny Internet\SBI.dll/5033
IE: Hledej v Seznam &Fulltextu - c:\program files\Seznam Bezpecny Internet\SBI.dll/5035
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
LSP: imon.dll
TCP: {05696265-2E64-4DC0-8F18-BF9B1D6C91D1} = 10.0.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Radim\Data aplikací\Mozilla\Firefox\Profiles\ih157vk4.default\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-NSS - c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\InstWrap.exe
AddRemove-Stylish Profile - c:\program files\Stylish Profile\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-21 21:21
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(980)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2010-07-21 21:34:42
ComboFix-quarantined-files.txt 2010-07-21 19:34
ComboFix2.txt 2010-07-21 11:52

Před spuštěním: 6 543 155 200
Po spuštění: 6 574 895 104

- - End Of File - - E2205A4C4CFA293FBC808673B52C6241
Nahr nˇ probŘhlo ŁspŘçnŘ

[kudr8]

www.virustotal.com mi zase nešel spustit tak jsem to udělal přes http://virusscan.jotti.org/cs/..
c:\\dvt.exe - žádný nález

[bledulka]

Odinstaluj combofix přes
Start >> Spustit zkopíruj do okénka:
ComboFix /Uninstall

stiskni Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


Stáhni T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusť,pro potvrzení volby mačkej klávesu A, Enter
-po použití prográmek vymaž.Pozor,antiviry ho mohou falešně označit za vir


*****************
Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt,obsah vlož zde


*********************

Stahni Mbam http://download.cnet.com/3001-8022_4-10 ... l-10804572
-nainstaluj, aktualizuj
-udělej uplný sken a vlož sem log


A napiš, jak to vypadá s počítačem

[kudr8]

S počítačem to vypadá moc dobře.. jede uplně úžasně, a jestli to bude ještě lepší tak mám Vánove