Problemy s harddiskom

Zpráva

sspooky13 · #1 Příspěvek od **sspooky13** » 06 říj 2011 19:58

Dobry den, odkedy som mal problem s mojim pocitacom (http://www.viry.cz/forum/viewtopic.php?f=13&t=115854), tak odvtedy mi neviem preco nejde moj externy harddisk. Skusali sme to na pocitaci mojho brata a tomu to ide uplne bez problemov, ale ked ja si ho zapojim tak najprv to spravi zvucku ze je pripojeny ale potom cely zamrzne nic nejde okrem myse. Ja osobne si myslim ze je tam nejaky virus ktory mi to blokuje ale to je iba moja laicka mienka. Pripadne navrhy uvitam. Vopred dakujem za ochotu
PS: ked tam zapojim aj hocijake USB tak to ide a skusal som aj vsetky zapametane pripojenia odinstalovat a pomocou pridania hardwaru som to chcel znova nacitat, ten driver, ale zasa to zamrzlo.

#2 Příspěvek od **Rudy** » 06 říj 2011 21:29

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

sspooky13 · #3 Příspěvek od **sspooky13** » 06 říj 2011 23:04

tu je log, len ten combofix sa pytal nejake veci a nerozumel som im tak som na vsetko daval "ano" tak dufam ze som spravil dobre

ComboFix 11-10-06.03 - Owner 06.10.2011 23:55:28.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2046.1413 [GMT 2:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-09-06 to 2011-10-06 )))))))))))))))))))))))))))))))
.
.
2011-10-04 16:20 . 2011-10-04 16:20 -------- d-----w- c:\program files\FinalWire
2011-10-03 18:59 . 2011-09-29 07:32 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-10-03 18:50 . 2011-10-03 18:50 -------- d-----w- c:\windows\system32\wbem\Repository
2011-10-03 18:49 . 2011-10-03 18:49 -------- d-----w- C:\Intel
2011-10-03 18:49 . 2011-10-03 18:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-03 18:49 . 2011-10-03 18:49 -------- d-----w- C:\NVIDIA
2011-09-29 12:14 . 2011-09-29 12:15 -------- d-----w- c:\documents and settings\Owner\Application Data\vlc
2011-09-26 19:27 . 2011-09-26 19:27 -------- d-----w- c:\program files\ESET
2011-09-26 19:27 . 2011-09-26 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2011-09-25 18:51 . 2011-09-25 18:51 -------- d-----w- c:\program files\Ubisoft
2011-09-22 20:19 . 2011-09-22 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts
2011-09-22 20:19 . 2011-09-22 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\EA Core
2011-09-21 18:22 . 2011-10-02 18:30 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\dxhr
2011-09-21 18:21 . 2011-09-21 18:21 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\28050
2011-09-20 12:54 . 2011-09-20 12:54 -------- d-----w- c:\documents and settings\Owner\Application Data\Ubisoft
2011-09-19 20:28 . 2011-10-05 20:56 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
2011-09-19 20:28 . 2011-09-19 20:28 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\uTorrent
2011-09-17 12:04 . 2011-09-17 12:04 -------- d-----w- c:\windows\Sun
2011-09-13 20:08 . 2011-09-13 20:08 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2011-09-13 19:46 . 2011-09-13 19:46 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-09-13 14:09 . 2011-09-13 14:10 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\GameSpy
2011-09-13 14:07 . 2011-09-13 14:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-09-13 14:07 . 2011-09-13 14:07 22328 ----a-w- c:\documents and settings\Owner\Application Data\PnkBstrK.sys
2011-09-13 14:06 . 2011-09-13 14:06 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-09-13 14:06 . 2011-09-13 14:06 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-09-13 14:06 . 2011-09-13 14:06 669184 ----a-w- c:\windows\system32\pbsvc.exe
2011-09-13 12:57 . 2011-09-13 12:57 -------- d--h--r- c:\documents and settings\Owner\Application Data\SecuROM
2011-09-13 12:42 . 2011-09-13 12:42 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2011-09-13 12:42 . 2011-09-13 12:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-13 12:42 . 2011-09-13 12:42 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-09-13 12:38 . 2011-09-13 14:01 -------- d-----w- c:\windows\system32\LogFiles
2011-09-13 12:38 . 2011-09-13 12:38 -------- d-----w- c:\windows\system32\drivers\umdf
2011-09-07 14:08 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-07 13:57 . 2011-09-07 13:57 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2011-09-07 13:57 . 2011-09-07 13:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-27 16:52 . 2011-08-13 14:49 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-27 11:53 . 2011-08-13 14:52 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-09-27 11:46 . 2011-08-13 14:52 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-09 09:12 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-08-31 17:12 . 2011-08-13 08:50 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-30 15:28 . 2011-08-13 08:50 6435432 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-08-29 14:20 . 2011-08-13 08:50 1493608 ----a-w- c:\windows\RtlUpd.exe
2011-08-24 18:39 . 2011-08-13 08:52 323816 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
2011-08-23 10:06 . 2011-08-13 21:31 63592 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-08-17 15:09 . 2011-08-13 08:50 20064872 ----a-w- c:\windows\RTHDCPL.EXE
2011-08-16 08:50 . 2011-08-16 08:50 1 ----a-w- c:\documents and settings\Owner\SI.bin
2011-08-13 16:36 . 2011-08-13 16:36 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-13 14:51 . 2011-08-13 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-13 14:51 . 2011-08-13 14:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-13 08:53 . 2011-08-13 08:40 16376 ----a-w- c:\windows\gdrv.sys
2011-08-09 11:57 . 2010-12-21 13:04 154136 ----a-w- c:\windows\system32\drivers\eamon.sys
2011-08-04 07:20 . 2010-12-21 11:47 39824 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2011-08-04 07:20 . 2010-12-21 11:47 147480 ----a-w- c:\windows\system32\drivers\epfw.sys
2011-08-04 07:20 . 2010-08-03 10:28 61936 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2011-08-04 07:20 . 2010-12-21 13:04 118104 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2011-08-03 11:49 . 2011-08-15 20:22 914024 ----a-w- c:\windows\system32\nvdispco32.dll
2011-08-03 11:49 . 2011-08-15 20:22 875112 ----a-w- c:\windows\system32\nvgenco32.dll
2011-08-03 11:49 . 2011-08-13 20:18 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-08-03 11:49 . 2011-05-21 04:01 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-08-03 11:49 . 2011-05-21 04:01 2387560 ----a-w- c:\windows\system32\nvcuvid.dll
2011-08-03 11:49 . 2011-05-21 04:01 2090088 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-08-03 11:49 . 2011-05-21 04:01 17186816 ----a-w- c:\windows\system32\nvcompiler.dll
2011-08-03 11:49 . 2007-12-04 17:41 5427200 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:49 . 2007-12-04 17:41 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-08-03 11:49 . 2007-12-04 17:41 4210816 ----a-w- c:\windows\system32\nv4_disp.dll
2011-08-03 11:49 . 2007-12-04 17:41 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-08-03 11:49 . 2007-12-04 17:41 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-08-03 11:49 . 2007-12-04 17:41 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-08-03 11:49 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-08-03 11:49 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-08-03 11:49 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-08-03 11:49 . 2007-12-04 17:41 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-08-03 11:49 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-08-03 11:49 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-08-03 11:49 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-08-03 11:49 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-08-03 11:49 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-08-03 11:49 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-08-03 11:49 . 2007-12-04 17:41 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-08-03 11:49 . 2007-12-04 17:41 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-08-03 11:49 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-08-03 11:49 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-08-03 11:49 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-08-03 11:49 . 2007-12-04 17:41 2404864 ----a-w- c:\windows\system32\nvapi.dll
2011-08-03 11:49 . 2007-12-04 17:41 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-08-03 11:49 . 2007-12-04 17:41 16191488 ----a-w- c:\windows\system32\nvoglnt.dll
2011-08-03 11:49 . 2007-12-04 17:41 146024 ----a-w- c:\windows\system32\nvsvc32.exe
2011-08-03 11:49 . 2007-12-04 17:41 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-08-03 11:49 . 2007-12-04 17:41 13892200 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:49 . 2007-12-04 17:41 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-08-03 11:49 . 2007-12-04 17:41 12542592 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-08-03 11:49 . 2007-12-04 17:41 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-07-15 13:29 . 2006-02-28 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-09-29 07:32 . 2011-10-03 18:59 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 17093512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-06 3076144]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"RGSC"=d:\hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Hry\\Crysis\\Bin32\\Crysis.exe"=
"d:\\Hry\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.8.2011 18:36 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.9.2011 18:16 974944]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7.9.2011 16:08 366152]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.8.2011 22:19 2255464]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [27.9.2011 13:50 1526080]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7.9.2011 16:08 22216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [29.11.2010 19:27 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [13.8.2011 23:31 1691480]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 rp24msdrv;2.4g Device;c:\windows\system32\drivers\rp24msdrv.sys --> c:\windows\system32\drivers\rp24msdrv.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [28.2.2006 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1659004503-839522115-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-24 08:29]
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1659004503-839522115-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-24 08:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovať do programu Microsoft Excel
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\vm5b4gh0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-06 23:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1614895754-1659004503-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:ce,be,f7,b7,0c,83,c0,09,0d,f0,7f,0c,cb,cc,ab,dd,9d,e2,b2,c3,79,
3a,45,80,fa,5f,63,5b,6b,1e,e0,1d,44,f2,bf,67,dc,f5,b4,aa,ef,0a,92,d6,6c,ea,\
"rkeysecu"=hex:db,79,93,59,f9,b5,5f,b4,e6,2a,84,f8,4b,b4,ff,76
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1592)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Completion time: 2011-10-07 00:01:29 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-06 22:01
.
Pre-Run: 82 175 774 720 bytes free
Post-Run: 82 133 565 440 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 403F808624CB7AF6F3F0C31DA5057E47

#4 Příspěvek od **Rudy** » 07 říj 2011 17:20

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Firefox::
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\vm5b4gh0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

sspooky13 · #5 Příspěvek od **sspooky13** » 07 říj 2011 19:51

No toto mi s toho vyplulo potom. A myslite ze by to mohlo byt tym? Popripade ze by to mohlo pomoct?

ComboFix 11-10-07.03 - Owner 07.10.2011 20:39:08.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2046.1380 [GMT 2:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((( Files Created from 2011-09-07 to 2011-10-07 )))))))))))))))))))))))))))))))
.
.
2011-10-04 16:20 . 2011-10-04 16:20 -------- d-----w- c:\program files\FinalWire
2011-10-03 18:59 . 2011-09-29 07:32 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-10-03 18:50 . 2011-10-03 18:50 -------- d-----w- c:\windows\system32\wbem\Repository
2011-10-03 18:49 . 2011-10-03 18:49 -------- d-----w- C:\Intel
2011-10-03 18:49 . 2011-10-03 18:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-03 18:49 . 2011-10-03 18:49 -------- d-----w- C:\NVIDIA
2011-09-29 12:14 . 2011-09-29 12:15 -------- d-----w- c:\documents and settings\Owner\Application Data\vlc
2011-09-26 19:27 . 2011-09-26 19:27 -------- d-----w- c:\program files\ESET
2011-09-26 19:27 . 2011-09-26 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2011-09-25 18:51 . 2011-09-25 18:51 -------- d-----w- c:\program files\Ubisoft
2011-09-22 20:19 . 2011-09-22 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts
2011-09-22 20:19 . 2011-09-22 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\EA Core
2011-09-21 18:22 . 2011-10-02 18:30 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\dxhr
2011-09-21 18:21 . 2011-09-21 18:21 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\28050
2011-09-20 12:54 . 2011-09-20 12:54 -------- d-----w- c:\documents and settings\Owner\Application Data\Ubisoft
2011-09-19 20:28 . 2011-10-05 20:56 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
2011-09-19 20:28 . 2011-09-19 20:28 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\uTorrent
2011-09-17 12:04 . 2011-09-17 12:04 -------- d-----w- c:\windows\Sun
2011-09-13 20:08 . 2011-09-13 20:08 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2011-09-13 19:46 . 2011-09-13 19:46 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-09-13 14:09 . 2011-09-13 14:10 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\GameSpy
2011-09-13 14:07 . 2011-09-13 14:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-09-13 14:07 . 2011-09-13 14:07 22328 ----a-w- c:\documents and settings\Owner\Application Data\PnkBstrK.sys
2011-09-13 14:06 . 2011-09-13 14:06 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-09-13 14:06 . 2011-09-13 14:06 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-09-13 14:06 . 2011-09-13 14:06 669184 ----a-w- c:\windows\system32\pbsvc.exe
2011-09-13 12:57 . 2011-09-13 12:57 -------- d--h--r- c:\documents and settings\Owner\Application Data\SecuROM
2011-09-13 12:42 . 2011-09-13 12:42 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2011-09-13 12:42 . 2011-09-13 12:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-13 12:42 . 2011-09-13 12:42 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-09-13 12:38 . 2011-09-13 14:01 -------- d-----w- c:\windows\system32\LogFiles
2011-09-13 12:38 . 2011-09-13 12:38 -------- d-----w- c:\windows\system32\drivers\umdf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 14:28 . 2011-08-13 14:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-27 11:53 . 2011-08-13 14:52 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-09-27 11:46 . 2011-08-13 14:52 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-09 09:12 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-08-31 17:12 . 2011-08-13 08:50 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-31 15:00 . 2011-09-07 14:08 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-30 15:28 . 2011-08-13 08:50 6435432 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-08-29 14:20 . 2011-08-13 08:50 1493608 ----a-w- c:\windows\RtlUpd.exe
2011-08-24 18:39 . 2011-08-13 08:52 323816 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
2011-08-23 10:06 . 2011-08-13 21:31 63592 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-08-17 15:09 . 2011-08-13 08:50 20064872 ----a-w- c:\windows\RTHDCPL.EXE
2011-08-16 08:50 . 2011-08-16 08:50 1 ----a-w- c:\documents and settings\Owner\SI.bin
2011-08-13 16:36 . 2011-08-13 16:36 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-13 14:51 . 2011-08-13 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-13 14:51 . 2011-08-13 14:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-13 08:53 . 2011-08-13 08:40 16376 ----a-w- c:\windows\gdrv.sys
2011-08-09 11:57 . 2010-12-21 13:04 154136 ----a-w- c:\windows\system32\drivers\eamon.sys
2011-08-04 07:20 . 2010-12-21 11:47 39824 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2011-08-04 07:20 . 2010-12-21 11:47 147480 ----a-w- c:\windows\system32\drivers\epfw.sys
2011-08-04 07:20 . 2010-08-03 10:28 61936 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2011-08-04 07:20 . 2010-12-21 13:04 118104 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2011-08-03 11:49 . 2011-08-15 20:22 914024 ----a-w- c:\windows\system32\nvdispco32.dll
2011-08-03 11:49 . 2011-08-15 20:22 875112 ----a-w- c:\windows\system32\nvgenco32.dll
2011-08-03 11:49 . 2011-08-13 20:18 600680 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-08-03 11:49 . 2011-05-21 04:01 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-08-03 11:49 . 2011-05-21 04:01 2387560 ----a-w- c:\windows\system32\nvcuvid.dll
2011-08-03 11:49 . 2011-05-21 04:01 2090088 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-08-03 11:49 . 2011-05-21 04:01 17186816 ----a-w- c:\windows\system32\nvcompiler.dll
2011-08-03 11:49 . 2007-12-04 17:41 5427200 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:49 . 2007-12-04 17:41 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-08-03 11:49 . 2007-12-04 17:41 4210816 ----a-w- c:\windows\system32\nv4_disp.dll
2011-08-03 11:49 . 2007-12-04 17:41 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-08-03 11:49 . 2007-12-04 17:41 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-08-03 11:49 . 2007-12-04 17:41 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-08-03 11:49 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-08-03 11:49 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-08-03 11:49 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-08-03 11:49 . 2007-12-04 17:41 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-08-03 11:49 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-08-03 11:49 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-08-03 11:49 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-08-03 11:49 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-08-03 11:49 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-08-03 11:49 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-08-03 11:49 . 2007-12-04 17:41 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-08-03 11:49 . 2007-12-04 17:41 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-08-03 11:49 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-08-03 11:49 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-08-03 11:49 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-08-03 11:49 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-08-03 11:49 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-08-03 11:49 . 2007-12-04 17:41 2404864 ----a-w- c:\windows\system32\nvapi.dll
2011-08-03 11:49 . 2007-12-04 17:41 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-08-03 11:49 . 2007-12-04 17:41 16191488 ----a-w- c:\windows\system32\nvoglnt.dll
2011-08-03 11:49 . 2007-12-04 17:41 146024 ----a-w- c:\windows\system32\nvsvc32.exe
2011-08-03 11:49 . 2007-12-04 17:41 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-08-03 11:49 . 2007-12-04 17:41 13892200 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:49 . 2007-12-04 17:41 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-08-03 11:49 . 2007-12-04 17:41 12542592 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-08-03 11:49 . 2007-12-04 17:41 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-07-15 13:29 . 2006-02-28 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-09-29 07:32 . 2011-10-03 18:59 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-06_21.59.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-07 13:16 . 2011-10-07 13:16 16384 c:\windows\Temp\Perflib_Perfdata_778.dat
+ 2011-10-07 14:28 . 2011-10-07 14:28 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe
+ 2011-08-13 14:49 . 2011-10-07 14:28 8522400 c:\windows\system32\Macromed\Flash\NPSWF32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 17093512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-06 3076144]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"RGSC"=d:\hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Hry\\Crysis\\Bin32\\Crysis.exe"=
"d:\\Hry\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.8.2011 18:36 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.9.2011 18:16 974944]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7.9.2011 16:08 366152]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.8.2011 22:19 2255464]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [27.9.2011 13:50 1526080]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7.9.2011 16:08 22216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [29.11.2010 19:27 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [13.8.2011 23:31 1691480]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 rp24msdrv;2.4g Device;c:\windows\system32\drivers\rp24msdrv.sys --> c:\windows\system32\drivers\rp24msdrv.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [28.2.2006 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1659004503-839522115-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-24 08:29]
.
2011-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1659004503-839522115-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-08-24 08:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovať do programu Microsoft Excel
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\vm5b4gh0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-07 20:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1614895754-1659004503-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:ce,be,f7,b7,0c,83,c0,09,0d,f0,7f,0c,cb,cc,ab,dd,9d,e2,b2,c3,79,
3a,45,80,fa,5f,63,5b,6b,1e,e0,1d,44,f2,bf,67,dc,f5,b4,aa,ef,0a,92,d6,6c,ea,\
"rkeysecu"=hex:db,79,93,59,f9,b5,5f,b4,e6,2a,84,f8,4b,b4,ff,76
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3808)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-10-07 20:43:15
ComboFix-quarantined-files.txt 2011-10-07 18:43
ComboFix2.txt 2011-10-06 22:01
.
Pre-Run: 81 969 446 912 bytes free
Post-Run: 12 adresárov, 81 955 364 864 voľných bajtov
.
- - End Of File - - A589D412FE481CEE00DBFE83E6DDEF0A

#6 Příspěvek od **Rudy** » 07 říj 2011 20:25

Log již vypadá čistý. Jak to nyní s detekci disku vypadá?

sspooky13 · #7 Příspěvek od **sspooky13** » 07 říj 2011 20:30

este som neskusal lebo nemam cas ale zajtra vam dam vediet

#8 Příspěvek od **Rudy** » 07 říj 2011 21:38

sspooky13 · #9 Příspěvek od **sspooky13** » 08 říj 2011 12:28

Tak skusal som zapojit harddisk a stale nic, ako nahle ho zapojim hned mi sekne PC. Len tak pre info mam harddisk : http://www.alza.sk/western-digital-my-b ... 191948.htm

sspooky13 · #10 Příspěvek od **sspooky13** » 08 říj 2011 16:23

Tak uz nic nebavilo ma to riesit tak som preinstaloval system ale aj tak dakujem za ochotu pomoct Pan Rudy

#11 Příspěvek od **Rudy** » 08 říj 2011 17:16

OK. Nemáte zač!

VIRY.CZ

Problemy s harddiskom

Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom

Re: Problemy s harddiskom