kontrola

[jaro3]

Tohle sis ale nastavoval ne?

Kód: Vybrat vše

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

??

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Reklama]

[bilecek]

Když ten program spustím vypne se mě celej počítač.Zkoušel jsem to několikrát po sobě. A teď se seká ještě víc.každou minutu zamrzá

[jaro3]

Myslíš aswMBR?
Na něco jsem se ptal.

[bilecek]

Ano myslím ten program aswMBR

[jaro3]

Tohle sis ale nastavoval ne?

Kód: Vybrat vše

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

??

Stáhni Bootkit Remover
http://www.edisk.cz/stahni/44022/bootki ... .51KB.html
-ulož na plochu
-spusť
- pak klikni do černého okna a zkopíruj sem výsledek, případně dej screen

[bilecek]

ComboFix 12-04-29.01 - Lukes 05.05.2012 11:45:29.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.784 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lukes\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: /uninstal
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-05 do 2012-05-05 )))))))))))))))))))))))))))))))
.
.
2012-05-03 10:23 . 2012-05-03 10:23 -------- d-----w- c:\documents and settings\Lukes\Data aplikací\SpaceMonger
2012-05-03 10:23 . 2012-05-03 10:23 -------- d-----w- c:\program files\SpaceMonger
2012-05-03 07:02 . 2012-05-03 07:02 -------- d-----w- c:\program files\Ask.com
2012-05-03 07:02 . 2012-05-03 07:02 -------- d-----w- c:\documents and settings\Lukes\Local Settings\Data aplikací\AskToolbar
2012-05-03 07:01 . 2012-05-03 07:01 -------- d-----w- c:\documents and settings\Lukes\Local Settings\Data aplikací\APN
2012-05-03 07:01 . 2012-05-03 07:01 -------- d-----w- c:\program files\PANDORA.TV
2012-04-29 13:39 . 2012-04-29 13:39 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-29 12:52 . 2012-04-29 12:52 -------- d-----w- c:\documents and settings\Lukes\Data aplikací\Malwarebytes
2012-04-29 12:51 . 2012-04-29 12:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-04-29 12:51 . 2012-04-29 12:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-29 12:51 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-21 09:09 . 1999-06-23 15:13 86016 ----a-w- c:\windows\unvise32.exe
2012-04-21 09:08 . 2012-04-21 09:09 -------- d-----w- c:\program files\HP Photo Idea CD
2012-04-16 08:49 . 2012-05-05 09:30 -------- d-----w- C:\NVIDIA
2012-04-13 12:37 . 2012-04-13 12:37 -------- d-----w- c:\documents and settings\Nika2\Data aplikací\AVG Secure Search
2012-04-13 12:37 . 2012-04-13 12:37 -------- d-----w- c:\documents and settings\Nika2\Data aplikací\searchresultstb
2012-04-08 15:56 . 2012-04-08 15:56 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-04-08 15:56 . 2012-04-08 15:56 138056 ----a-w- c:\documents and settings\Lukes\Data aplikací\PnkBstrK.sys
2012-04-08 15:55 . 2012-04-08 15:55 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-04-08 15:55 . 2012-04-08 15:55 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-04-08 14:58 . 2012-05-03 10:30 -------- d-----w- c:\program files\EA Games
2012-04-06 08:30 . 2012-04-06 08:31 -------- d-----w- c:\documents and settings\Lukes\Data aplikací\FreeFileViewer
2012-04-06 08:30 . 2012-04-06 08:41 -------- d-----w- c:\documents and settings\Lukes\Local Settings\Data aplikací\FileTypeAssistant
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 17:48 . 2012-03-29 16:21 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-14 17:48 . 2011-05-17 14:38 70304 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-08 09:49 . 2012-03-08 09:49 239168 -c--a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-07 00:15 . 2011-04-12 16:32 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-04-12 16:32 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-04-12 16:32 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2011-04-12 16:32 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2012-03-18 11:32 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-03-07 00:02 . 2011-04-12 16:32 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2011-04-12 16:32 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-04-12 16:32 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2011-04-12 16:32 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2011-04-12 16:32 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2011-04-12 16:32 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 01:14 . 2006-03-02 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 01:14 . 2006-03-02 12:00 1830912 -c----w- c:\windows\system32\inetcpl.cpl
2012-03-01 01:14 . 2006-03-02 12:00 78336 -c--a-w- c:\windows\system32\ieencode.dll
2012-03-01 01:14 . 2006-03-02 12:00 17408 -c--a-w- c:\windows\system32\corpol.dll
2012-02-29 23:58 . 2012-02-11 09:34 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-29 23:58 . 2011-10-06 09:26 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-29 23:58 . 2011-10-06 09:26 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-29 23:58 . 2011-04-10 16:21 4309760 ----a-w- c:\windows\system32\nv4_disp.dll
2012-02-29 23:58 . 2011-04-10 16:18 13417632 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-02-29 23:58 . 2011-02-23 06:27 5918720 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-29 23:58 . 2011-02-23 06:27 2522944 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-29 23:58 . 2011-02-23 06:27 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-29 23:58 . 2011-02-23 06:27 2291712 ----a-w- c:\windows\system32\nvapi.dll
2012-02-29 23:58 . 2011-02-23 06:27 18624512 ----a-w- c:\windows\system32\nvoglnt.dll
2012-02-29 23:58 . 2011-02-23 06:27 17534976 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-29 21:15 . 2006-07-12 12:19 253952 -c--a-w- c:\windows\system32\nvrssv.dll
2012-02-29 21:15 . 2006-07-12 11:19 335872 -c--a-w- c:\windows\system32\nvrshe.dll
2012-02-29 21:15 . 2006-07-12 11:19 274432 -c--a-w- c:\windows\system32\nvrsja.dll
2012-02-29 21:15 . 2006-07-12 11:19 274432 -c--a-w- c:\windows\system32\nvrsesm.dll
2012-02-29 21:15 . 2006-07-12 11:19 258048 -c--a-w- c:\windows\system32\nvrspl.dll
2012-02-29 21:15 . 2006-07-12 11:19 249856 -c--a-w- c:\windows\system32\nvrseng.dll
2012-02-29 21:15 . 2006-07-12 11:19 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-02-29 21:15 . 2006-07-12 11:19 282624 -c--a-w- c:\windows\system32\nvrsit.dll
2012-02-29 21:15 . 2006-07-12 11:19 278528 -c--a-w- c:\windows\system32\nvrsde.dll
2012-02-29 21:15 . 2006-07-12 11:19 270336 -c--a-w- c:\windows\system32\nvrsptb.dll
2012-02-29 21:15 . 2006-07-12 11:19 258048 -c--a-w- c:\windows\system32\nvrssk.dll
2012-02-29 21:15 . 2006-07-12 11:19 274432 -c--a-w- c:\windows\system32\nvrspt.dll
2012-02-29 21:15 . 2006-07-12 11:19 262144 -c--a-w- c:\windows\system32\nvrshu.dll
2012-02-29 21:15 . 2006-07-12 11:19 266240 -c--a-w- c:\windows\system32\nvrsko.dll
2012-02-29 21:15 . 2012-02-25 15:02 253952 -c--a-w- c:\windows\system32\nvrsth.dll
2012-02-29 21:15 . 2006-07-12 12:19 258048 -c--a-w- c:\windows\system32\nvrstr.dll
2012-02-29 21:15 . 2006-07-12 11:19 335872 -c--a-w- c:\windows\system32\nvrsar.dll
2012-02-29 21:15 . 2006-07-12 11:19 282624 -c--a-w- c:\windows\system32\nvrses.dll
2012-02-29 21:15 . 2006-07-12 11:19 274432 -c--a-w- c:\windows\system32\nvrsnl.dll
2012-02-29 21:15 . 2006-07-12 11:19 253952 -c--a-w- c:\windows\system32\nvrsno.dll
2012-02-29 21:15 . 2006-07-12 12:19 229376 -c--a-w- c:\windows\system32\nvrszhc.dll
2012-02-29 21:15 . 2006-07-12 11:19 286720 -c--a-w- c:\windows\system32\nvrsfr.dll
2012-02-29 21:15 . 2006-07-12 11:19 282624 -c--a-w- c:\windows\system32\nvrsel.dll
2012-02-29 21:15 . 2006-07-12 11:19 270336 -c--a-w- c:\windows\system32\nvrsru.dll
2012-02-29 21:15 . 2006-07-12 12:19 126976 -c--a-w- c:\windows\system32\nvrszht.dll
2012-02-29 21:15 . 2006-07-12 11:19 253952 -c--a-w- c:\windows\system32\nvrsda.dll
2012-02-29 21:15 . 2006-07-12 11:19 249856 -c--a-w- c:\windows\system32\nvrsfi.dll
2012-02-29 21:15 . 2006-07-12 12:19 258048 -c--a-w- c:\windows\system32\nvrssl.dll
2012-02-29 20:30 . 2006-07-12 11:19 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-02-29 20:30 . 2006-07-12 11:19 15494464 -c--a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:30 . 2006-07-12 11:19 143680 -c--a-w- c:\windows\system32\nvcolor.exe
2012-02-29 20:30 . 2006-07-12 11:19 164160 ----a-w- c:\windows\system32\nvsvc32.exe
2012-02-29 20:30 . 2006-07-12 11:19 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 14:10 . 2006-03-02 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2006-03-02 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2011-06-16 04:30 . 2011-07-18 15:29 142296 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-29_14.13.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-05 09:35 . 2012-05-05 09:35 16384 c:\windows\temp\Perflib_Perfdata_6d4.dat
+ 2012-05-05 09:30 . 2012-02-29 23:58 65536 c:\windows\system32\ReinstallBackups\0011\DriverFiles\OpenCL.dll
- 2006-03-02 12:00 . 2012-04-29 13:50 72426 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2012-05-05 09:39 72426 c:\windows\system32\perfc009.dat
- 2006-03-02 12:00 . 2012-04-29 13:50 83942 c:\windows\system32\perfc005.dat
+ 2006-03-02 12:00 . 2012-05-05 09:39 83942 c:\windows\system32\perfc005.dat
+ 2011-04-09 11:06 . 2008-04-14 06:52 18944 c:\windows\system32\dllcache\wbemprox.dll
+ 2006-03-02 12:00 . 2008-04-14 06:51 25088 c:\windows\system32\dllcache\shfolder.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 881984 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvgenco32.dll
+ 2012-05-05 09:30 . 2012-02-29 23:58 293992 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvdrsdb.bin
+ 2012-05-05 09:30 . 2012-02-29 23:58 175104 c:\windows\system32\ReinstallBackups\0011\DriverFiles\dbInstaller.exe
- 2006-03-02 12:00 . 2012-04-29 13:50 443352 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2012-05-05 09:39 443352 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2012-05-05 09:39 439922 c:\windows\system32\perfh005.dat
- 2006-03-02 12:00 . 2012-04-29 13:50 439922 c:\windows\system32\perfh005.dat
+ 2011-04-12 15:54 . 2012-05-05 09:30 293992 c:\windows\system32\nvdrsdb1.bin
+ 2011-10-06 09:26 . 2012-05-05 09:30 293992 c:\windows\system32\nvdrsdb0.bin
+ 2006-03-02 12:00 . 2008-04-14 06:52 190464 c:\windows\system32\dllcache\syncui.dll
+ 2011-04-09 11:08 . 2008-04-14 06:51 409088 c:\windows\system32\dllcache\qmgr.dll
+ 2006-03-02 12:00 . 2008-04-14 06:51 122880 c:\windows\system32\dllcache\oledlg.dll
+ 2006-03-02 12:00 . 2008-04-13 22:10 463360 c:\windows\system32\dllcache\obrs0405.dll
+ 2012-05-03 07:02 . 2012-05-03 07:02 102400 c:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe
+ 2012-05-05 09:30 . 2012-02-10 04:10 1000256 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvdispco32.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 2522944 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvcuvid.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 2437440 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvcuvenc.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 5918720 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvcuda.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 2292224 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvapi.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 4309760 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nv4_disp.dll
+ 2012-05-03 07:02 . 2012-05-03 07:02 2288128 c:\windows\Installer\6143fd.msi
+ 2012-05-05 09:30 . 2012-02-10 04:10 18620416 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvoglnt.dll
+ 2012-05-05 09:30 . 2012-02-10 04:10 76614408 c:\windows\system32\ReinstallBackups\0011\DriverFiles\NvCplSetupInt.exe
+ 2012-05-05 09:30 . 2012-02-10 04:10 17534976 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nvcompiler.dll
+ 2012-05-05 09:30 . 2012-02-29 23:58 13417632 c:\windows\system32\ReinstallBackups\0011\DriverFiles\nv4_mini.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-04-09 15:43 1519272 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-02-04 93376]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"T-Mobile Communication Centre"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2011-11-22 1363984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-23 16342528]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]
"PCSuiteTrayApplication"="c:\progra~1\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-06-15 229376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Lukes\Nabídka Start\Programy\Po spuštění\
fliptoast.lnk - c:\program files\fliptoast\fliptoast.exe [N/A]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\FreeFileViewer\\FFVCheckForUpdates.exe"=
"c:\\Program Files\\File Type Assistant\\tsassist.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
.
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [18.3.2012 13:32 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12.4.2011 18:32 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12.4.2011 18:32 337880]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [8.3.2012 11:49 239168]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.4.2011 18:32 20696]
R2 Iprip;Naslouchání RIP;c:\windows\System32\svchost.exe -k netsvcs [2.3.2006 14:00 14336]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [25.2.2012 17:02 2348352]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [3.6.2010 12:26 122096]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [18.3.2012 13:31 134920]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe --> c:\program files\PANDORA.TV\PanService\PandoraService.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29.3.2012 18:36 253088]
S3 ip100xp;TP-LINK 10/100Mbps PCI Network Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [12.4.2011 17:15 26752]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [21.1.2012 18:53 9216]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [29.4.2012 15:39 40776]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NVSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 17:48]
.
2012-05-05 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files\FreeFileViewer\FFVCheckForUpdates.exe [2011-12-29 12:24]
.
2012-05-05 c:\windows\Tasks\ProgramUpdateCheck.job
- c:\program files\File Type Assistant\tsassist.exe [2011-10-11 20:19]
.
2012-05-05 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2012-04-09 15:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com/?l=dis&o=15187
mWindow Title = Microsoft Internet Explorer
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{27BD0F6A-2F47-4D0D-8E8E-B6FDD00A273A}: NameServer = 192.168.11.1
FF - ProfilePath - c:\documents and settings\Lukes\Data aplikací\Mozilla\Firefox\Profiles\vrb5dgfa.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_Prot
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.3&q=
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files\PANDORA.TV\PanService\unins000.exe
AddRemove-PunkBusterSvc - c:\program files\EA Games\Battlefield Play4Free\pbsvc_p4f.exe
AddRemove-{87686C21-8A15-4b4d-A3F1-11141D9BE094} - c:\program files\EA Games\Battlefield Play4Free\uninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-05 11:47
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(872)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-05-05 11:49:05
ComboFix-quarantined-files.txt 2012-05-05 09:49
ComboFix2.txt 2012-04-29 16:54
ComboFix3.txt 2012-04-29 14:15
.
Před spuštěním: Volných bajtů: 54 284 386 304
Po spuštění: Volných bajtů: 54 355 013 632
.
- - End Of File - - 89846BA66EDD3A815D2D8B62D49EC65B

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfh005.dat

Folder::
c:\program files\Ask.com
c:\documents and settings\Lukes\Local Settings\Data aplikací\AskToolbar
c:\documents and settings\Nika2\Data aplikací\AVG Secure Search

Driver::
PanService

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-

Firefox::
FF - ProfilePath - c:\documents and settings\Lukes\Data aplikací\Mozilla\Firefox\Profiles\vrb5dgfa.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_Prot
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.3&q=


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.