MBR: \\.\PHYSICALDRIVE0 prosím pomoci

[pips13]

Aha ).

To je super, doufám, že bude vše ok .

Jo a tam se píše, kdyžv budu zapínat pokaždé PC, dostanu nabídku na ten Combo-fix, to se mi moc nelíbí , ale neva ...

[pips13]

JO a teď se mi reset sám od sebe PC, je to normální ?

[pips13]

a kde mám najít to co po mě chceš ?

[pips13]

Není tam nic ((.

[pips13]

ComboFix 11-12-27.01 - pc 01.01.2012 15:22:20.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1490 [GMT 1:00]
Spuštěný z: c:\documents and settings\pc\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\SET9A.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\setb3.tmp
c:\windows\system32\setb5.tmp
c:\windows\system32\SETEF.tmp
c:\windows\system32\SETF.tmp
c:\windows\system32\VIRepair
c:\windows\system32\VIRepair\vi.sif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-01 do 2012-01-01 )))))))))))))))))))))))))))))))
.
.
2012-01-01 12:41 . 2012-01-01 12:41 -------- d-----w- c:\program files\trend micro
2012-01-01 12:41 . 2012-01-01 12:42 -------- d-----w- C:\rsit
2012-01-01 11:18 . 2012-01-01 11:18 1409 ----a-w- c:\windows\QTFont.for
2011-12-30 16:11 . 2011-12-30 16:11 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-30 16:11 . 2011-12-30 16:11 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-30 16:11 . 2011-12-30 16:11 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-30 16:11 . 2011-12-30 16:11 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-09 13:31 . 2011-12-09 16:07 -------- d-----w- c:\documents and settings\pc\Data aplikací\Broad Intelligence
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-28 13:26 . 2008-12-01 15:56 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-28 13:25 . 2008-12-01 15:55 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-11-28 18:01 . 2011-09-16 12:18 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-09-16 12:18 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-09-16 12:19 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-09-16 12:19 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-09-16 12:19 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-09-16 12:19 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-09-16 12:19 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-09-16 12:19 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-09-16 12:19 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-09-16 12:19 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-22 14:14 . 2008-12-22 12:22 87608 ----a-w- c:\documents and settings\pc\Data aplikací\inst.exe
2011-11-22 14:14 . 2008-12-22 12:22 47360 ----a-w- c:\documents and settings\pc\Data aplikací\pcouffin.sys
2011-11-18 12:49 . 2011-05-15 09:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-30 16:11 . 2011-11-12 18:36 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"nwiz"="nwiz.exe" [2006-06-01 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-06-01 86016]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 16207872]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2008-03-21 91432]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2007-05-31 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\pc\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007 (2).lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2009-12-25 159744]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.8.2008 12:28 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16.9.2011 13:19 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.9.2011 13:19 314456]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [25.12.2009 12:06 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [25.12.2009 12:06 9291]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [1.2.2008 17:24 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.9.2011 13:19 20568]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [22.8.2008 13:59 2368]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [25.12.2009 11:58 16384]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [25.12.2009 11:58 9856]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2011 7:58 136176]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [25.10.2001 13:00 3584]
S3 cusbohcn;cusbohcn;\??\c:\docume~1\pc\LOCALS~1\Temp\cusbohcn.sys --> c:\docume~1\pc\LOCALS~1\Temp\cusbohcn.sys [?]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [25.12.2009 11:58 17408]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2011 7:58 136176]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [25.12.2008 15:48 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [25.12.2008 15:48 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [25.12.2008 15:48 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [25.12.2008 15:48 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [25.12.2008 15:48 83344]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [22.12.2008 13:22 47360]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [14.11.2010 17:50 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [14.11.2010 17:50 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [14.11.2010 17:50 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [14.11.2010 17:51 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [14.11.2010 17:51 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [14.11.2010 17:51 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [14.11.2010 17:51 109864]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-18 06:58]
.
2012-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-18 06:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.96.160.50 212.96.164.158
FF - ProfilePath - c:\documents and settings\pc\Data aplikací\Mozilla\Firefox\Profiles\nisle19a.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2832595&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-DrvIcon - c:\program files\Vista Drive Icon\DrvIcon.exe
AddRemove-BearShare MediaBar - c:\program files\BearShare Applications\BearShare MediaBar\Uninstall.exe
AddRemove-DVD Decrypter - c:\program files\DVD Decrypter\uninstall.exe
AddRemove-Foxit Reader - c:\program files\Foxit Software\Foxit Reader\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-01 15:34
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-746137067-1614895754-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:d4,32,42,a1,09,b4,c0,a4,29,6e,01,80,51,91,58,c5,8b,50,08,1d,86,
83,a9,ab,de,7d,d6,30,73,82,fc,60,69,e6,06,34,73,af,ff,33,84,8b,38,f8,7d,b1,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
Celkový čas: 2012-01-01 15:39:41
ComboFix-quarantined-files.txt 2012-01-01 14:39
.
Před spuštěním: Volných bajtů: 45 158 395 904
Po spuštění: Volných bajtů: 45 165 707 264
.
- - End Of File - - 3D3AC6A2BC4687EB429E3B7893F95B67

[pips13]

Jakej port ???

Jaký nod ?

[pips13]

No tiskárnu mám připojenou, a ten port neva že je otevřen ?


Jo už si vzpomínám, ten nod před avastem.


Jo a vše co mám na ploše, ty programy a textáky můžu vše smazat ?

A PC je tedy čistý ?

[pips13]

No ZoneAlarm to je co ?

[pips13]

:-DDDDDDDDDDDD

Ok, díky za pomoc.