Prosím o kontrolu logu, nejdou mi online hry Vyřešeno

[123]

RogueKiller V8.6.8 [Sep 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : user [Práva správce]
Mód : Odebrat -- Datum : 09/02/2013 18:08:38
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD502IJ +++++
--- User ---
[MBR] 4d1885e3003f356f6cb71435390adbcb
[BSP] 364c1ba76dcc4503e0362a6dba885fad : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 61443 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 125837145 | Size: 415485 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_09022013_180838.txt >>
RKreport[0]_D_09022013_180220.txt;RKreport[0]_H_09022013_180231.txt;RKreport[0]_S_09022013_180217.txt
RKreport[0]_S_09022013_180434.txt;RKreport[0]_S_09022013_180815.txt

[Reklama]

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
SecCenter::
AV: ZoneAlarm Free Firewall Antivirus *Enabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}

File::
c:\documents and settings\user\P-7-78-8964-9648-3874\winusm.exe
c:\windows\Tasks\Norton Security Scan for user.job

Folder::
c:\progra~1\NORTON~1


Driver::
sptd

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\documents and settings\user\P-7-78-8964-9648-3874\winusm.exe"=-


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[123]

ComboFix 13-09-02.02 - user 04.09.2013 19:27:18.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1358 [GMT 2:00]
Spuštěný z: c:\documents and settings\user\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\user\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\documents and settings\user\P-7-78-8964-9648-3874\winusm.exe"
"c:\windows\Tasks\Norton Security Scan for user.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\NORTON~1
c:\progra~1\NORTON~1\BilBDRes.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\{2A85E335-7417-424d-AD89-31DED1689794}.dat
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\{71B3DD3A-BC1F-40cc-A74F-C0C30DFCE7D5}.dat
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\{F8D07955-00ED-4093-88AA-0A0F69AFD83C}.dat
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\BilBDRes.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ccL100U.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ccScanw.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ccVrTrst.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\Config.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\dec_abi.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\DefUtDCD.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\diLueCbk.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ecmldr32.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\HeartBt.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\help.htm
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\InstWrap.exe
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\InstWRes.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\Microsoft.VC90.CRT.manifest
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\msl.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\msvcp90.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\msvcr90.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\Nss.exe
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\patch25d.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\pePIDyn.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\pePIRes.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\pePIRes.dll.bckp
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ReputationCacheDB.db
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\RevList.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SAUpdt.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ScanCore.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ScanRes.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\ScanText.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SKU.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SKURes.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SymCCIS.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SymCCISE.exe
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SymDltCl.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SymHTML.dll
c:\progra~1\NORTON~1\Norton Security Scan\Engine\3.7.2.10\SymInstallStub.exe
c:\progra~1\NORTON~1\Norton Security Scan\isolate.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPTD
-------\Service_sptd
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-04 do 2013-09-04 )))))))))))))))))))))))))))))))
.
.
2013-09-02 11:00 . 2013-09-02 11:00 -------- d-----w- c:\windows\ERUNT
2013-09-01 13:45 . 2013-09-01 13:45 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-01 13:45 . 2013-09-01 13:45 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-09-01 13:45 . 2013-09-01 13:45 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-09-01 13:31 . 2013-09-01 13:31 -------- d-----w- c:\program files\EA Games
2013-09-01 11:04 . 2013-09-01 11:04 -------- d-----w- c:\documents and settings\user\Data aplikací\Malwarebytes
2013-09-01 11:04 . 2013-09-01 11:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-09-01 11:04 . 2013-09-01 11:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-01 11:04 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-01 10:50 . 2013-09-01 10:57 -------- dc----w- C:\AdwCleaner
2013-08-29 19:34 . 2006-03-02 12:00 25600 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2013-08-19 13:26 . 2013-08-19 13:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-19 13:26 . 2013-08-19 13:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-01 13:45 . 2010-06-24 13:46 138056 -c--a-w- c:\documents and settings\user\Data aplikací\PnkBstrK.sys
2013-09-01 13:45 . 2010-06-24 13:46 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-07-06 11:35 . 2013-04-13 18:16 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-06 11:35 . 2012-01-08 12:37 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-06 11:35 . 2009-05-13 06:34 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 19:25 . 2013-06-28 19:25 1700352 ----a-w- c:\windows\system32\gdiplus.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-12-05 2295072]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2009-10-30 93376]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Steam"="c:\program files\Steam\steam.exe" [2013-08-28 1811880]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2013-04-01 4288048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="=" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\documents and settings\user\P-7-78-8964-9648-3874\winusm.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\TrackMania United\\TmForever.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\TrackMania United\\TmForeverLauncher.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA Games\\Battlefield Heroes\\BFHeroes.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Half-Life\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59016:TCP"= 59016:TCP:Pando Media Booster
"59016:UDP"= 59016:UDP:Pando Media Booster
"443:TCP"= 443:TCP:War Thunder
"20010:UDP"= 20010:UDP:War Thunder
"3478:UDP"= 3478:UDP:War Thunder
"7850:TCP"= 7850:TCP:War Thunder
"27022:TCP"= 27022:TCP:War Thunder
"6881:TCP"= 6881:TCP:War Thunder
"33333:TCP"= 33333:TCP:War Thunder
"20443:TCP"= 20443:TCP:War Thunder
"8090:TCP"= 8090:TCP:War Thunder
"59047:TCP"= 59047:TCP:Pando Media Booster
"59047:UDP"= 59047:UDP:Pando Media Booster
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [13.4.2013 20:16 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [13.4.2013 20:16 175176]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [21.9.2012 19:39 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8.1.2012 14:37 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.5.2009 8:34 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.5.2009 8:34 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [13.4.2013 20:16 66336]
R2 LANPkt;Realtek LANPkt Protocol Driver;c:\windows\system32\drivers\LANPkt.sys [22.8.2012 9:24 8960]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1.9.2013 13:04 701512]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [14.8.2013 11:10 3291008]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [22.8.2012 12:15 36864]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [7.7.2013 14:27 103040]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [13.1.2012 16:07 239168]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1.9.2013 13:04 22856]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [22.8.2012 9:24 11264]
S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [22.8.2012 9:24 16640]
S3 WinRing0_1_2_0;WinRing0_1_2_0;\??\c:\program files\IObit\Game Booster\Driver\WinRing0.sys --> c:\program files\IObit\Game Booster\Driver\WinRing0.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-12-05 10:27 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-19 13:26]
.
2013-09-01 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-09-03 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-09-02 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-09-02 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16 19:12]
.
2013-09-04 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-08-15 08:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\user\Data aplikací\Mozilla\Firefox\Profiles\vpukcm0i.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-09-01 12:48; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-NSS - c:\program files\Norton Security Scan\Norton Security Scan\Engine\3.7.2.10\InstWrap.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-04 19:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-776561741-1500820517-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:57,d9,d1,f3,45,e8,f4,04,eb,e6,fd,9a,25,ee,b9,44,f0,34,3c,39,8f,76,c0,
80,e1,ae,23,6b,3c,23,3e,a9,6f,85,e4,dc,e8,dd,5b,a5,9f,52,1b,2b,88,4e,b3,ae,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-776561741-1500820517-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:e4,73,cd,7a,40,c5,30,d0,27,8c,06,b7,65,c0,18,cf,a5,74,19,c0,9a,
1e,9c,2f,88,77,f6,11,c8,61,f8,44,ce,d7,cb,a0,cd,c4,3c,04,1e,7d,9f,ba,d3,5f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3728)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2013-09-04 19:40:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-04 17:40
ComboFix2.txt 2013-09-02 16:24
.
Před spuštěním: Volných bajtů: 21 017 137 152
Po spuštění: Volných bajtů: 21 721 636 864
.
- - End Of File - - 45A42A6C778262044575317968C2B8B8
413FC2A0C716421B3158746D63736515

[123]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:45:02, on 4.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\user\Dokumenty\Stažené soubory\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .145.0.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7039 bytes

[123]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-04 19:51:02
-----------------------------
19:51:02.828 OS Version: Windows 5.1.2600 Service Pack 3
19:51:02.828 Number of processors: 2 586 0x1706
19:51:02.828 ComputerName: USER-9413ED0969 UserName: user
19:51:03.546 Initialize success
19:51:07.703 AVAST engine defs: 13090400
19:51:12.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7
19:51:12.078 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01113 Size: 476938MB BusType: 3
19:51:12.140 Disk 0 MBR read successfully
19:51:12.140 Disk 0 MBR scan
19:51:12.140 Disk 0 Windows XP default MBR code
19:51:12.140 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 61443 MB offset 63
19:51:12.140 Disk 0 Partition - 00 0F Extended LBA 415485 MB offset 125837145
19:51:12.156 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 415485 MB offset 125837208
19:51:12.156 Disk 0 scanning sectors +976752000
19:51:12.171 Disk 0 scanning C:\WINDOWS\system32\drivers
19:51:16.312 Service scanning
19:51:23.234 Modules scanning
19:51:26.703 Disk 0 trace - called modules:
19:51:26.718
19:51:27.062 AVAST engine scan C:\WINDOWS
19:51:30.093 AVAST engine scan C:\WINDOWS\system32
19:52:46.328 AVAST engine scan C:\WINDOWS\system32\drivers
19:52:52.906 AVAST engine scan C:\Documents and Settings\user
19:53:16.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Plocha\MBR.dat"
19:53:16.296 The log file has been saved successfully to "C:\Documents and Settings\user\Plocha\aswMBR.txt"

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Jak se chová PC?

HJT vypadá OK

[123]

PC se chová normálně ale stále to píše u těch online her pořád ty stejné chyby udělal jsem vše co jste tu napsal, existuje ještě nějaká možnost tyto chyby odstranit?

[memphisto]

Co firewall ve windows?

[123]

Zkoušel jsem ho vypnout a zkusit spustit jednu zher ale ani to nepomohlo.

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Kód: Vybrat vše

O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

"443:TCP"= 443:TCP:War Thunder
"20010:UDP"= 20010:UDP:War Thunder
"3478:UDP"= 3478:UDP:War Thunder
"7850:TCP"= 7850:TCP:War Thunder
"27022:TCP"= 27022:TCP:War Thunder
"6881:TCP"= 6881:TCP:War Thunder
"33333:TCP"= 33333:TCP:War Thunder
"20443:TCP"= 20443:TCP:War Thunder
"8090:TCP"= 8090:TCP:War Thunder
"59047:TCP"= 59047:TCP:Pando Media Booster
"59047:UDP"= 59047:UDP:Pando Media Booster

máš tam ve vyjímkách firewallu jen tyhle hry.

ostatní musíš povolit , nebo přeinstalovat hry.

[123]

Tak jsem přeinstaloval windows a vše funguje jak má, všem co tu napsali děkuji za ochotu pomoct mi :)