Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Příspěvekod **Žbeky** » 02 čer 2011 06:43

Mělo by stačit restartovat počítač

Reklama

HAFcool · Příspěvekod **HAFcool** » 02 čer 2011 11:24

Máš pravdu. Jak budu mít přístup, tak ti sem ten log hodím.

HAFcool · Příspěvekod **HAFcool** » 02 čer 2011 18:46

ComboFix 11-05-31.02 - Pracovna 02/06/2011 18:24:40.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1029.18.4095.2951 [GMT 2:00]
Running from: c:\users\Pracovna\Desktop\ANTIVIRUS\ComboFix.exe
Command switches used :: c:\users\Pracovna\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\DRIVERS\AVGIDSDriver.Sys"
"c:\windows\system32\DRIVERS\AVGIDSEH.Sys"
"c:\windows\system32\DRIVERS\AVGIDSFilter.Sys"
"c:\windows\system32\DRIVERS\avgldx64.sys"
"c:\windows\system32\DRIVERS\avgmfx64.sys"
"c:\windows\system32\DRIVERS\avgrkx64.sys"
"c:\windows\system32\drivers\avgtdia.sys"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-394250893-1804949367-1451634499-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-394250893-1804949367-1451634499-1000UA.job"
.
.
((((((((((((((((((((((((( Files Created from 2011-05-02 to 2011-06-02 )))))))))))))))))))))))))))))))
.
.
2011-06-02 16:31 . 2011-06-02 16:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-01 19:46 . 2009-03-26 23:23 19432 ----a-w- c:\windows\system32\drivers\cpuz132_x64.sys
2011-06-01 19:13 . 2011-05-24 17:12 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F43D62EC-3525-428F-BB2D-CEB9EB99BFF0}\mpengine.dll
2011-06-01 18:35 . 2011-05-10 11:59 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-01 18:35 . 2011-05-10 12:04 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-06-01 18:35 . 2011-05-10 11:59 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-06-01 18:35 . 2011-05-10 12:04 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-01 18:35 . 2011-05-10 12:02 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-06-01 18:35 . 2011-05-10 11:59 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-06-01 18:35 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-06-01 18:35 . 2011-05-10 12:10 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-06-01 14:25 . 2011-06-01 14:25 388096 ----a-r- c:\users\Pracovna\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-01 14:04 . 2011-06-01 14:04 0 ----a-w- c:\windows\ativpsrm.bin
2011-06-01 13:54 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-01 13:53 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-01 12:57 . 2011-06-01 12:57 -------- d-----w- c:\users\Pracovna\AppData\Local\Ahead
2011-05-31 20:36 . 2011-05-31 20:36 -------- d-----w- c:\windows\SysWow64\BestPractices
2011-05-31 20:36 . 2011-05-31 20:36 -------- d-----w- c:\windows\system32\BestPractices
2011-05-31 19:59 . 2011-05-31 19:59 -------- d-----w- c:\program files\CPUID
2011-05-27 17:09 . 2011-05-27 18:26 -------- d-----w- c:\users\Pracovna\DoctorWeb
2011-05-25 08:27 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-24 21:11 . 2011-05-31 20:36 -------- d-----w- C:\inetpub
2011-05-17 13:46 . 2011-05-21 19:57 -------- d-----w- c:\users\Pracovna\AppData\Roaming\Mount&Blade Warband
2011-05-14 20:04 . 2011-05-24 20:38 -------- d-----w- c:\programdata\AVAST Software
2011-05-14 20:04 . 2011-05-14 20:04 -------- d-----w- c:\program files\AVAST Software
2011-05-14 17:39 . 2011-05-14 17:39 -------- d--h--w- c:\programdata\Common Files
2011-05-14 17:32 . 2011-06-01 13:59 -------- d-----w- c:\programdata\MFAData
2011-05-12 15:52 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-12 15:52 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 18:22 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 18:22 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 18:22 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 18:22 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 18:22 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 18:22 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 18:22 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 18:22 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 18:22 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-09 15:41 . 2011-05-09 15:50 -------- d-----w- c:\users\Pracovna\AppData\Roaming\Dwarfs
2011-05-09 15:40 . 2011-05-09 15:40 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-05-08 15:51 . 2011-05-08 15:51 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-05-08 15:46 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-08 15:46 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-05-08 15:08 . 2011-05-08 15:08 -------- d-----w- c:\windows\system32\SPReview
2011-05-08 15:07 . 2011-05-08 15:07 -------- d-----w- c:\windows\system32\EventProviders
2011-05-08 15:02 . 2010-11-20 13:27 312832 ----a-w- c:\windows\system32\Wldap32.dll
2011-05-08 15:01 . 2010-11-20 13:27 249856 ----a-w- c:\program files\Common Files\System\msadc\msdarem.dll
2011-05-08 14:59 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-05-08 14:59 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-05-08 14:59 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-05-08 14:59 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-05-08 14:59 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-05-08 14:59 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-05-08 14:59 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-05-04 16:44 . 2011-05-08 11:02 -------- d-----w- c:\users\Pracovna\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2010-05-26 14:18 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-10 12:10 . 2011-01-15 17:10 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-08 15:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-05-08 15:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-03-12 12:08 . 2011-04-28 10:24 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-12 11:23 . 2011-04-28 10:24 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:41 . 2011-04-28 10:24 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 06:41 . 2011-04-28 10:24 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:41 . 2011-04-28 10:24 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:41 . 2011-04-28 10:24 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:41 . 2011-04-28 10:24 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:41 . 2011-04-28 10:24 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:41 . 2011-04-28 10:24 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:34 . 2011-04-14 06:54 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-14 06:54 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:33 . 2011-04-28 10:24 2565632 ----a-w- c:\windows\system32\esent.dll
2011-03-11 06:30 . 2011-04-28 10:24 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-03-11 05:33 . 2011-04-14 06:54 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:33 . 2011-04-14 06:54 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-28 10:24 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-03-11 05:31 . 2011-04-28 10:24 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-03-08 06:29 . 2011-04-14 06:54 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-14 06:54 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-01_14.42.08 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-05-09 21:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-02 16:33 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-02 16:33 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-05-09 21:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-05-09 21:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-02 16:33 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-27 11:13 . 2011-06-02 16:34 61080 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-02 16:34 33606 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-05-26 13:54 . 2011-06-02 16:34 19134 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-394250893-1804949367-1451634499-1000_UserData.bin
+ 2010-05-26 13:49 . 2011-06-01 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-05-26 13:49 . 2011-06-01 14:12 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-26 13:49 . 2011-06-01 20:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-05-26 13:49 . 2011-06-01 14:12 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-01 14:12 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-01 20:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-06-01 19:48 95240 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-06-02 16:32 . 2011-06-02 16:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-01 14:04 . 2011-06-01 14:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-01 14:04 . 2011-06-01 14:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-02 16:32 . 2011-06-02 16:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2011-06-01 18:57 652196 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-06-01 18:57 116944 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2011-06-02 16:31 389404 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-06-01 14:03 389404 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-19 11:29 . 2011-06-01 20:22 845112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-394250893-1804949367-1451634499-1000-12288.dat
+ 2010-07-12 07:54 . 2011-06-02 16:31 2025660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-394250893-1804949367-1451634499-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="d:\programy\Deamon\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]
"Steam"="c:\program files (x86)\steam\steam.exe" [2010-11-29 1242448]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2010-12-13 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"NokiaMusic FastStart"="d:\program files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2011-02-08 63360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-10 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-10 136176]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [x]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-02 c:\windows\Tasks\PCConfidential.job
- c:\program files (x86)\Winferno\PC Confidential\PCConfidential.exe [2010-10-08 12:10]
.
2011-05-14 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2011-05-08 13:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáre Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 10.0.0.138
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2011-06-02 18:38:09 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-02 16:38
ComboFix2.txt 2011-06-02 09:00
ComboFix3.txt 2011-06-01 20:51
ComboFix4.txt 2011-06-01 20:08
ComboFix5.txt 2011-06-02 16:23
.
Pre-Run: Volných bajtu: 77,678,678,016
Post-Run: Volných bajtu: 77,401,354,240
.
- - End Of File - - 32FD6F4B266DE3B76E2A23F52D0CF5D6

Příspěvekod **Žbeky** » 02 čer 2011 19:20

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

HAFcool · Příspěvekod **HAFcool** » 02 čer 2011 19:40

PC se chová už normálně. Teď už přístup nemám, takže log dodám zítra. Jinak díky moc. :wink:

Příspěvekod **Žbeky** » 02 čer 2011 19:55

Kurnik. Já si říkal, že jsem na něco zapoměl... Už udělal ten T-Cleaner? CF totiž smazal nějaký cartograph.exe (asi se mu nelíbil, ale předpokládám, že to je celkem důležitý pracovní program). Pokud už to vyčistil, tak ho musí nainstalovat znovu, jinak ho ještě můžu obnovit z karantény CF

HAFcool · Příspěvekod **HAFcool** » 02 čer 2011 21:41

Ok, vyřídím.

HAFcool · Příspěvekod **HAFcool** » 04 čer 2011 19:30

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:19, on 04/06/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files (x86)\Winferno\PC Confidential\PCCBHO.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (file missing)
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "D:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\Programy\Deamon\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://10.0.0.138
O15 - ESC Trusted IP range: http://10.0.0.138
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11633 bytes

Příspěvekod **Žbeky** » 04 čer 2011 19:35

Fixni:

Kód: Vybrat vše

O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files (x86)\Winferno\PC Confidential\PCCBHO.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (file missing)

Pokud už bude PC bez problémů, je to vše. Zkontroluj si ale, že to je fixlé, co jsem radil na začátku buď nefixl nebo fixl blbě

HAFcool · Příspěvekod **HAFcool** » 04 čer 2011 19:45

Děkuju moc, Žbeky. :wink:

Já jsem to nefixoval. Možná to asi neoznačil.

Prosím o kontrolu logu. Vypadá na hodně zavirovaný Vyřešeno

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný

Re: Prosím o kontrolu logu. Vypadá na hodně zavirovaný Vyřešeno

Kdo je online