nejde spustit spravce uloh

Zpráva

jarek26 · #1 Příspěvek od **jarek26** » 14 lis 2010 00:35

prosim o radu,kdyz chci spustit spravce uloh /ctrl+alt+delete/tak mi vypise:
spravce tohoto systemu zakazal spravce uloh.Kde a jak si to obnovim
dekuji

#2 Příspěvek od **motji** » 14 lis 2010 10:10

Dobré ranko

Asi tam budete mít nějakou mršku, co to blokuje. Poprosím o log ze rsitu, viz můj podpis.

jarek26 · #3 Příspěvek od **jarek26** » 14 lis 2010 10:30

posilam log z rsit

Logfile of random's system information tool 1.08 (written by random/random)
Run by okaynetbook at 2010-11-14 10:26:11
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 15 GB (20%) free of 74 GB
Total RAM: 1015 MB (40% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-09-09 173488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-27 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9F97205-62A3-41F2-9F2C-D99392F882EB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-25 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-06 19556968]
"Adobe Flash Installer"=C:\WINDOWS\system32:Shdll.exe []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-07-27 397312]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-08 39408]
"Pozadi z webky"=C:\Documents and Settings\okaynetbook\Dokumenty\Downloads\Pozadi z webky\PozadiZWebky.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll [2005-12-20 176128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMBalloonTip"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ASUS\Data Sync\Clotho.exe"="C:\Program Files\ASUS\Data Sync\Clotho.exe:*:Enabled:Clotho"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\programy\Microsoft Office 2007 CZ full\Office12\OUTLOOK.EXE"="D:\programy\Microsoft Office 2007 CZ full\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\programy\Microsoft Office 2007 CZ full\Office12\GROOVE.EXE"="D:\programy\Microsoft Office 2007 CZ full\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\programy\Microsoft Office 2007 CZ full\Office12\ONENOTE.EXE"="D:\programy\Microsoft Office 2007 CZ full\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\okaynetbook\Dokumenty\Preberanie\2hotspot\Program\pacsvc.exe"="C:\Documents and Settings\okaynetbook\Dokumenty\Preberanie\2hotspot\Program\pacsvc.exe:*:Enabled:2hotspot controller"
"D:\Games\Far Cry\Bin32\FarCry.exe"="D:\Games\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-11-14 10:26:13 ----D---- C:\Program Files\trend micro
2010-11-14 10:26:11 ----D---- C:\rsit
2010-11-14 10:07:46 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\funkitron
2010-11-14 09:00:24 ----D---- C:\Program Files\Slingo Quest Egypt
2010-11-14 08:49:31 ----D---- C:\Program Files\bfgclient
2010-11-14 08:47:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\BigFishGamesCache
2010-11-13 23:24:55 ----D---- C:\WINDOWS\system32\windows
2010-11-13 16:52:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-11-13 16:42:08 ----D---- C:\Program Files\Alwil Software
2010-11-10 12:14:03 ----D---- C:\WINDOWS\Sun
2010-11-07 05:04:27 ----D---- C:\Converted
2010-11-07 04:59:21 ----A---- C:\WINDOWS\system32\drivers\SndTAudio.sys
2010-11-06 18:13:39 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\Alawar
2010-10-31 15:32:43 ----A---- C:\Documents and Settings\okaynetbook\Data aplikací\wss.ini
2010-10-31 15:27:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\WebacamSurveyor
2010-10-31 15:25:33 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\GetRightToGo
2010-10-28 00:16:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2010-10-27 23:10:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-26 17:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-26 17:56:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-26 17:56:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-26 17:55:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-26 17:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-26 17:55:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-26 17:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-26 17:50:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-10-22 21:55:35 ----D---- C:\Program Files\GoQ - NetRadio
2010-10-22 19:55:03 ----D---- C:\Program Files\WorldUnlock Codes Calculator
2010-10-21 18:42:54 ----A---- C:\WINDOWS\system32\MFC71U.DLL
2010-10-21 18:42:54 ----A---- C:\WINDOWS\system32\ATL71.DLL
2010-10-16 22:36:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\FreshGames
2010-10-16 22:00:53 ----D---- C:\WINDOWS\pss
2010-10-16 16:30:20 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\iWin
2010-10-16 16:30:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\iWin

======List of files/folders modified in the last 1 months======

2010-11-14 10:26:58 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-11-14 10:26:14 ----D---- C:\WINDOWS\temp
2010-11-14 10:26:13 ----RD---- C:\Program Files
2010-11-14 10:25:43 ----AD---- C:\WINDOWS\system32
2010-11-14 10:12:31 ----D---- C:\WINDOWS\Help
2010-11-14 09:58:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-14 09:45:14 ----AD---- C:\WINDOWS
2010-11-14 09:43:51 ----D---- C:\Program Files\WinUHA
2010-11-14 09:33:25 ----SHD---- C:\WINDOWS\Installer
2010-11-14 09:33:15 ----D---- C:\WINDOWS\system32\drivers
2010-11-14 09:33:14 ----HD---- C:\WINDOWS\inf
2010-11-14 09:08:18 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-14 03:33:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-11-13 22:53:07 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\DMCache
2010-11-13 19:25:30 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\AIMP
2010-11-13 19:13:05 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\Media Player Classic
2010-11-13 19:00:38 ----RSD---- C:\WINDOWS\Fonts
2010-11-13 16:52:21 ----D---- C:\WINDOWS\WinSxS
2010-11-13 16:23:03 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\IDM
2010-11-13 13:10:57 ----SHD---- C:\System Volume Information
2010-11-13 06:24:13 ----RD---- C:\WINDOWS\Web
2010-11-10 23:49:23 ----D---- C:\WINDOWS\uninstall
2010-11-10 23:48:55 ----D---- C:\Program Files\CPU & Ram Meter
2010-11-10 20:11:48 ----D---- C:\WINDOWS\Debug
2010-11-10 19:02:19 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-07 15:09:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-07 15:09:18 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-07 15:00:09 ----A---- C:\WINDOWS\win.ini
2010-11-01 20:48:39 ----D---- C:\Program Files\Windows Media Player
2010-10-31 16:35:40 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-31 16:26:14 ----D---- C:\Program Files\Common Files\InstallShield
2010-10-31 15:36:46 ----D---- C:\WINDOWS\java
2010-10-31 07:53:42 ----D---- C:\Program Files\Mozilla Firefox
2010-10-31 05:10:04 ----D---- C:\WINDOWS\Network Diagnostic
2010-10-28 22:37:06 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-28 01:19:36 ----D---- C:\WINDOWS\system32\RTCOM
2010-10-27 23:50:21 ----D---- C:\WINDOWS\system32\en-US
2010-10-27 23:50:02 ----RSD---- C:\WINDOWS\assembly
2010-10-27 23:10:21 ----D---- C:\Program Files\Internet Explorer
2010-10-27 23:09:52 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-27 15:57:46 ----D---- C:\WINDOWS\system32\cs-cz
2010-10-27 15:47:35 ----D---- C:\Program Files\Microsoft.NET
2010-10-26 18:06:46 ----D---- C:\Program Files\Internet Download Manager
2010-10-16 22:08:01 ----D---- C:\WINDOWS\system32\drivers\mycodec
2010-10-16 18:30:03 ----D---- C:\WINDOWS\Lhsp
2010-10-16 17:31:00 ----A---- C:\WINDOWS\WirelessFTP.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2010-01-08 331288]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-06 6088296]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2010-04-22 61040]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-11-11 14736]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2010-02-04 1323040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 2hotspot controller;2hotspot Miniport; C:\WINDOWS\system32\DRIVERS\acontrol.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Documents and Settings\okaynetbook\Plocha\MediaCoder\SysInfo.sys []
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SndTAudio;SndTAudio; C:\WINDOWS\system32\drivers\SndTAudio.sys [2010-09-11 23608]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 uvclf;uvclf; C:\WINDOWS\system32\DRIVERS\uvclf.sys [2008-11-19 39040]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-29 935208]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\NlsSrv32.exe [2009-06-07 61440]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-15 136176]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-08 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\programy\Microsoft Office 2007 CZ full\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 STSService;STSService; C:\Program Files\SoundTaxi Media Suite\STSService.exe []
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

#4 Příspěvek od **motji** » 14 lis 2010 10:37

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

jarek26 · #5 Příspěvek od **jarek26** » 14 lis 2010 11:22

jo uz to funguje ale pro jistotu jeste log z combofixu:
dekuji

ComboFix 10-11-12.01 - okaynetbook 14.11.2010 10:49:46.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.354 [GMT 1:00]
Spuštěný z: c:\documents and settings\okaynetbook\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\windows
c:\windows\system32\windows\svchost.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\XSxS

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS

((((((((((((((((((((((((( Soubory vytvořené od 2010-10-14 do 2010-11-14 )))))))))))))))))))))))))))))))
.

2010-11-14 09:26 . 2010-11-14 09:26 -------- d-----w- c:\program files\trend micro
2010-11-14 09:26 . 2010-11-14 09:27 -------- d-----w- C:\rsit
2010-11-14 09:07 . 2010-11-14 09:07 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\funkitron
2010-11-14 08:00 . 2010-11-14 08:00 -------- d-----w- c:\program files\Slingo Quest Egypt
2010-11-14 07:49 . 2010-11-14 07:49 -------- d-----w- c:\program files\bfgclient
2010-11-14 07:47 . 2010-11-14 07:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\BigFishGamesCache
2010-11-13 15:52 . 2010-11-13 15:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alwil Software
2010-11-13 15:42 . 2010-11-13 15:52 -------- d-----w- c:\program files\Alwil Software
2010-11-10 11:14 . 2010-11-10 11:14 -------- d-----w- c:\windows\Sun
2010-11-07 04:04 . 2010-11-07 04:04 -------- d-----w- C:\Converted
2010-11-07 03:59 . 2010-09-11 07:21 23608 ----a-w- c:\windows\system32\drivers\SndTAudio.sys
2010-11-06 17:13 . 2010-11-06 17:13 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Alawar
2010-10-31 14:33 . 2010-10-31 14:52 -------- d-----w- c:\documents and settings\okaynetbook\Local Settings\Data aplikací\CamShot
2010-10-31 14:27 . 2010-10-31 14:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WebacamSurveyor
2010-10-31 14:25 . 2010-10-31 20:30 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\GetRightToGo
2010-10-27 23:34 . 2010-10-27 23:34 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2010-10-27 23:16 . 2010-10-27 23:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2010-10-26 18:21 . 2010-11-13 18:03 -------- d-----w- c:\documents and settings\okaynetbook\Local Settings\Data aplikací\Jan_Macháček
2010-10-22 20:55 . 2010-11-13 18:34 -------- d-----w- c:\program files\GoQ - NetRadio
2010-10-22 18:55 . 2010-10-22 18:55 -------- d-----w- c:\program files\WorldUnlock Codes Calculator
2010-10-21 17:42 . 2003-03-19 04:12 1047552 ----a-w- c:\windows\system32\MFC71U.DLL
2010-10-21 17:42 . 2003-03-19 02:05 89088 ----a-w- c:\windows\system32\ATL71.DLL
2010-10-16 21:36 . 2010-10-16 21:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FreshGames
2010-10-16 16:06 . 2010-10-24 19:18 -------- d-----w- c:\documents and settings\okaynetbook\Local Settings\Data aplikací\Temp
2010-10-16 15:30 . 2010-10-16 15:30 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\iWin
2010-10-16 15:30 . 2010-10-16 15:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\iWin

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2009-09-01 22:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2009-09-01 22:26 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2009-09-01 22:26 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2009-09-01 22:26 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-17 16:23 . 2010-09-17 16:23 249856 ------w- c:\windows\Setup1.exe
2010-09-17 16:23 . 2010-09-17 16:23 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-09-10 05:52 . 2009-09-01 22:26 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2009-09-01 22:26 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2009-09-01 22:26 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-07 06:59 . 2010-09-07 07:00 1034240 ----a-w- c:\windows\explorer.exe
2010-09-06 22:27 . 2009-09-01 22:26 507904 ----a-w- c:\windows\system32\winlogon.exe
2010-09-01 11:52 . 2009-09-01 22:26 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2009-09-01 22:26 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2009-09-01 22:26 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2009-09-01 22:26 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2009-09-01 22:26 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2009-09-01 22:26 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-22 14:02 . 2010-08-22 14:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-17 13:17 . 2009-09-01 22:26 58880 ----a-w- c:\windows\system32\spoolsv.exe
2008-09-28 20:00 . 2010-05-05 16:01 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2008-03-09 05:25 . 2010-05-17 19:18 236 ----a-w- c:\program files\Common Files\dx.reg
.

((((((((((((((((((((((((((((( SnapShot_2010-09-11_10.47.06 )))))))))))))))))))))))))))))))))))))))))
jr toho hodne a nevejde se do logu
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-07-27 397312]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-08 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-06 19556968]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2005-12-20 20:57 176128 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ASUS\\Data Sync\\Clotho.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\GROOVE.EXE"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Games\\Far Cry\\Bin32\\FarCry.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 14:23 727720]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25.7.2010 18:27 246520]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe [4.8.2010 16:06 61440]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18.8.2009 22:44 61040]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [7.9.2010 11:25 1323040]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.9.2010 21:01 136176]
S3 2hotspot controller;2hotspot Miniport;c:\windows\system32\DRIVERS\acontrol.sys --> c:\windows\system32\DRIVERS\acontrol.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.9.2009 22:01 1691480]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [7.11.2010 4:59 23608]
S3 STSService;STSService;"c:\program files\SoundTaxi Media Suite\STSService.exe" --> c:\program files\SoundTaxi Media Suite\STSService.exe [?]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [12.8.2009 7:57 39040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-15 20:00]

2010-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-15 20:00]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.Google.com.eg/
uSearchURL,(Default) = hxxp://www.google.com.eg/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Odeslat do zařízení &Bluetooth...
IE: Odeslat do zařízení Bluetooth
IE: Prevziať cez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - c:\program files\Pop Up Police Demo\PopUpPoliceDemo164825.exe
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\documents and settings\okaynetbook\Data aplikací\Mozilla\Firefox\Profiles\1gqjbis4.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=sk&q=
FF - component: c:\documents and settings\okaynetbook\Data aplikací\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\okaynetbook\Data aplikací\Mozilla\Firefox\Profiles\1gqjbis4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-Pozadi z webky - c:\documents and settings\okaynetbook\Dokumenty\Downloads\Pozadi z webky\PozadiZWebky.exe
HKLM-Run-Adobe Flash Installer - c:\windows\system32:Shdll.exe
ActiveSetup-{9CB5900A-8628-A49B-FEA5-DF23A5520525} - c:\windows\system32:Shdll.exe
ActiveSetup-{ZE4NK-5RJ0L9J-412FQ-PPTW8R-7BJCSF9PG} - c:\windows\system32\windows\svchost.exe
AddRemove-Watchtone Studio Demo - c:\docume~1\OKAYNE~1\DOKUME~1\PREBER~1\WATCHT~1\WATCHT~1\Setup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-14 10:58
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Adobe Flash Installer = c:\windows\system32:Shdll.exe?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

skenování skrytých souborů ...

c:\windows\system32:Shdll.exe 269824 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E46F3BC9-8B94-C456-C5D6-D2E81A5A459D}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iahhggppehjionjpmc"=hex:6a,61,64,67,64,68,66,63,63,67,6d,62,69,63,64,6d,68,6d,
6a,62,00,a6
"habimfkfdnbpjiln"=hex:6a,61,64,67,64,68,66,63,63,67,6d,62,69,63,64,6d,68,6d,
6a,62,00,a6
"iadipbjdpahnebdhdl"=hex:63,61,64,67,6c,69,00,7c

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0470c0e5-e7d6-4970-aadc-2497f7be8e14}]
@Denied: (Full) (Everyone)
"Model"=dword:00000118
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):00,fe,de,4d,de,29,61,83,57,e5,06,1c,bd,d4,98,e6,74,46,8e,c8,5e,
5a,e0,cf,a1,39,fe,20,4c,cd,1e,1d,1f,19,39,ac,4d,7b,0e,08,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1092)
c:\progra~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll

- - - - - - - > 'explorer.exe'(3732)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\RTHDCPL.EXE
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Celkový čas: 2010-11-14 11:03:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-14 10:03
ComboFix2.txt 2010-09-11 10:51
ComboFix3.txt 2010-09-06 20:34
ComboFix4.txt 2010-09-05 09:12

Před spuštěním: Volných bajtů: 15 663 976 448
Po spuštění: Volných bajtů: 15 646 572 544

- - End Of File - - FD31C69E333E7340430CAB73BBDB0667

#6 Příspěvek od **motji** » 14 lis 2010 11:54

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

VIRY.CZ

nejde spustit spravce uloh

nejde spustit spravce uloh

Re: nejde spustit spravce uloh

Re: nejde spustit spravce uloh

Re: nejde spustit spravce uloh

Re: nejde spustit spravce uloh

Re: nejde spustit spravce uloh