Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nejde spustit antivir ziadny

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#16 Příspěvek od jarek26 »

to co ostalo v zlozke c mozem vymazat?FixitRegBackup-registracne polozky a ads_err.dbf?mal som tam toho viac ale vsetko to zmazalo ako napr.boot.ini.....
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#17 Příspěvek od jarek26 »

zase mi zacal explorer.exe tahat na 50 az 98% cpu.mam skusit restartovat pc?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#18 Příspěvek od vyosek »

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#19 Příspěvek od jarek26 »

takze posielam log
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 7909

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9.10.2011 22:34:26
mbam-log-2011-10-09 (22-34-21).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 289905
Uplynulý čas: 1 hodin, 46 minut, 21 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 4
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 13

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\ASH24SXZ9S (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\KYQ8ZBOAXR (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\1000000600002i\svchost.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\1000000b00002i\verclsid.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000002600003i\getpopupinfo.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000003800003i\coreconverter.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000004c00003i\tooLame.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000006900003i\hmp3.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000008300003i\mppenc.exe (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{1c2e968c-4466-43ae-b413-c12e35b10633}\RP1\A0000005.exe (Trojan.Dropper.PGen) -> No action taken.
c:\system volume information\_restore{1c2e968c-4466-43ae-b413-c12e35b10633}\RP1\A0000019.exe (Trojan.Agent) -> No action taken.
d:\Games\doom3\Doom 3\doom3 cz and crack\doom 3 nocd crack + keygen + all mods, packs & cheats [trainer +\doom 3 [iii] crack no-cd & keygen\doom 3 keygen -reloaded\RLD-D3KG.EXE (Trojan.Downloader) -> No action taken.
d:\programy\microsoft office 2007 cz full\hackerstvo\programy2\nc.exe (Backdoor.NetCat) -> No action taken.
d:\programy\microsoft office 2007 cz full\hackerstvo\programy2\setuprevelationv2.exe (HackTool.SnadBoy) -> No action taken.
d:\programy\wirelesskeyview\wirelesskeyview.exe (PUP.WirelessKeyView) -> No action taken.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#20 Příspěvek od vyosek »

:arrow: To jsou ty slavne cracky :twisted:

:arrow: Nalezy smazte - objevi se log, ten rad uvidim

:arrow: Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#21 Příspěvek od jarek26 »

takze posielam log z mban,ale v karantene su stale,a ci si ho uz mozes odinstalovat,aj combofix log,ale teraz mi nerestarovalo pc ale hned dalo log po ukonceni,tak sa na to pozrite:
MBAN
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 7909

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9.10.2011 22:53:20
mbam-log-2011-10-09 (22-53-20).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 289905
Uplynulý čas: 1 hodin, 46 minut, 21 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 4
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 13

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\ASH24SXZ9S (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\KYQ8ZBOAXR (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\1000000600002i\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\1000000b00002i\verclsid.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000002600003i\getpopupinfo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000003800003i\coreconverter.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000004c00003i\tooLame.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000006900003i\hmp3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\okaynetbook\data aplikací\thinstall\dbpoweramp dalet codec\4000008300003i\mppenc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1c2e968c-4466-43ae-b413-c12e35b10633}\RP1\A0000005.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1c2e968c-4466-43ae-b413-c12e35b10633}\RP1\A0000019.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\Games\doom3\Doom 3\doom3 cz and crack\doom 3 nocd crack + keygen + all mods, packs & cheats [trainer +\doom 3 [iii] crack no-cd & keygen\doom 3 keygen -reloaded\RLD-D3KG.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
d:\programy\microsoft office 2007 cz full\hackerstvo\programy2\nc.exe (Backdoor.NetCat) -> Quarantined and deleted successfully.
d:\programy\microsoft office 2007 cz full\hackerstvo\programy2\setuprevelationv2.exe (HackTool.SnadBoy) -> Quarantined and deleted successfully.
d:\programy\wirelesskeyview\wirelesskeyview.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.


COMBOFIX

ComboFix 11-10-09.01 - okaynetbook 09.10.2011 23:11:17.10.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.534 [GMT 2:00]
Spuštěný z: c:\documents and settings\okaynetbook\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
SP: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7094}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-09 do 2011-10-09 )))))))))))))))))))))))))))))))
.
.
2011-10-09 21:07 . 2011-10-09 21:07 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5CF6C894-7D5E-40D8-840D-40D867A3BFF8}\offreg.dll
2011-10-09 21:07 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5CF6C894-7D5E-40D8-840D-40D867A3BFF8}\mpengine.dll
2011-10-09 18:42 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-09 18:41 . 2011-10-09 18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-09 18:41 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-09 14:50 . 2011-10-09 14:51 -------- d-----w- C:\rsit
2011-10-08 18:10 . 2011-10-08 18:12 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-08 16:35 . 2011-10-08 16:35 27626 ----a-w- C:\FixitRegBackup.reg
2011-10-08 15:03 . 2011-10-08 15:03 -------- d-----w- c:\windows\Resistance
2011-10-03 05:51 . 2011-10-03 05:51 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Vasilek Games
2011-10-02 19:07 . 2011-10-02 19:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alawar Stargaze
2011-10-02 18:50 . 2011-10-03 05:50 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\wrapper
2011-10-02 18:49 . 2011-10-03 05:50 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Špidla Data Processing, s.r.o
2011-10-02 18:49 . 2011-10-03 05:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
2011-09-16 22:15 . 2011-09-16 22:15 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\AutoHideIP
2011-09-16 22:15 . 2011-09-16 22:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AutoHideIP
2011-09-15 15:12 . 2011-07-06 15:14 101616 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2011-09-10 16:02 . 2011-09-10 16:02 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Sahmon Games
2011-09-10 15:14 . 2011-09-10 15:14 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Meridian93
2011-09-10 14:43 . 2011-09-10 14:43 -------- d-----w- c:\windows\system32\winrm
2011-09-10 14:43 . 2011-09-10 14:43 -------- d-----w- c:\windows\system32\GroupPolicy
2011-09-10 14:43 . 2011-09-10 14:43 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-09-10 14:07 . 2011-09-10 14:07 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 09:24 . 2011-08-13 06:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-12 14:14 . 2011-01-24 18:19 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-09 09:12 . 2009-09-01 22:26 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-08-16 16:46 . 2009-09-01 21:01 6427240 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-08-15 14:47 . 2009-09-01 21:01 60008 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-08-09 14:14 . 2009-09-01 21:01 20055144 ----a-w- c:\windows\RTHDCPL.EXE
2011-08-04 14:59 . 2009-09-01 21:01 1493608 ----a-w- c:\windows\RtlUpd.exe
2011-07-29 04:34 . 2011-07-29 04:34 689664 ----a-w- c:\windows\system32\yowindow.scr
2011-07-15 13:29 . 2009-09-01 22:26 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-13 03:39 . 2011-08-15 20:46 6881616 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2010-05-01 14:50 . 2011-05-09 19:40 2536390 ----a-w- c:\program files\IDM.5.19.2.exe
2008-03-09 05:25 . 2010-05-17 19:18 236 ----a-w- c:\program files\Common Files\dx.reg
2011-10-09 20:28 . 2011-10-09 20:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\IDM.5.19.2\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-07-27 397312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-09 20055144]
"GrooveMonitor"="d:\programy\Microsoft Office 2007 CZ full\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\okaynetbook\Nabídka Start\Programy\Po spuštění\
Zástupce - sndvol32.lnk - c:\windows\system32\sndvol32.exe [2009-9-1 138752]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\GROOVE.EXE"=
"d:\\Games\\left_4_dead\\left 4 dead\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [15.9.2011 17:12 101616]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [6.7.2011 19:21 13592]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe [4.8.2010 17:06 61440]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18.8.2009 23:44 61040]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 20:45 20744]
S3 2hotspot controller;2hotspot Miniport;c:\windows\system32\DRIVERS\acontrol.sys --> c:\windows\system32\DRIVERS\acontrol.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.9.2009 23:01 1691480]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 12:44 30088]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [6.7.2011 18:43 44432]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [6.7.2011 0:22 23456]
S3 FsUsbExDisk;FsUsbExDisk;\??\c:\windows\system32\FsUsbExDisk.SYS --> c:\windows\system32\FsUsbExDisk.SYS [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 14:58 26248]
S3 NANMp50;NANMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NANMp50.sys --> c:\windows\system32\Drivers\NANMp50.sys [?]
S3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\Drivers\Pcouffin.sys --> c:\windows\system32\Drivers\Pcouffin.sys [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [22.8.2011 17:18 2240064]
S3 RTLWUSB;AirLive WL1600USB;c:\windows\system32\drivers\RTL8187.sys [2.3.2011 16:00 323328]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [7.11.2010 5:59 23608]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [12.8.2009 8:57 39040]
S3 widseasd;Widsea Secret Disk Service;\??\c:\documents and settings\okaynetbook\Dokumenty\Downloads\Music\TS-Disk1.63\TS-Disk1.63\widseasd.sys --> c:\documents and settings\okaynetbook\Dokumenty\Downloads\Music\TS-Disk1.63\TS-Disk1.63\widseasd.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2.9.2009 0:26 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-15 20:00]
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-15 20:00]
.
2011-07-06 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2010-07-21 14:52]
.
2011-10-09 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2011-10-09 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com.eg/keyword/%s
IE: ????3??
IE: ????3??????
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Stáhnout s IDM - c:\program files\IDM.5.19.2\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\IDM.5.19.2\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\IDM.5.19.2\IEGetAll.htm
IE: Stáhnout vše pomocí FlashGet - c:\program files\FlashGet\jc_all.htm
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: ????3?? - c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 217.119.127.1 217.119.127.200
FF - ProfilePath - c:\documents and settings\okaynetbook\Data aplikací\Mozilla\Firefox\Profiles\6jpdurms.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-09 23:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\okaynetbook\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\okaynetbook\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(776)
c:\windows\SYSTEM32\RtlGina\RtlGina.DLL
.
- - - - - - - > 'explorer.exe'(3804)
c:\program files\IDM.5.19.2\IDMShellExt.dll
c:\program files\IDM.5.19.2\IDMNetMon.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-10-09 23:27:14
ComboFix-quarantined-files.txt 2011-10-09 21:27
.
Před spuštěním: 9 209 499 648
Po spuštění: 9 159 094 272
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 65119AE729C1E2D4DD8A6E2C4CDCD766
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#22 Příspěvek od vyosek »

Uploadnete mi nekam prosim tento soubor C:\FixitRegBackup.reg
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#23 Příspěvek od jarek26 »

ok,a este mi budete moct pomoct,pri odinstalaci programu paragon system backup?stale ked spustam netbook,tak mi hned nabehne stalcte F6 a intalacka,ale ja to nestlacam,tak mi hned nabeha windows,ale ide mi o to ci sa to nejako neda dat prec.raz som si ho instaloval,potom aj odinstaloval,a toto tam ostalo.neviem ci odesle prilohu,tak skuste toto
http://www.uloz.to/10571950/fixitregbackup-reg
dakujem
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#24 Příspěvek od vyosek »

:arrow: Program zkuste dat pryc pomoci Revo Uninstalleru http://www.stahuj.centrum.cz/utility_a_ ... installer/

:arrow: Aplikujte tento skript pro ComboFix - opet vytvorit CFScript.txt a pretahnout nad CF

Kód: Vybrat vše

KillAll::

File::
C:\FixitRegBackup.reg
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
uSearchURL,(Default) = hxxp://www.google.com.eg/keyword/%s
IE: ????3??
IE: ????3??????
IE: Stáhnout vše pomocí FlashGet - c:\program files\FlashGet\jc_all.htm
IE: ????3?? - c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO\GetAllUrl.htm

Folder::
c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO

RegLockDel::
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]

RegNull::
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]

Reboot::
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#25 Příspěvek od jarek26 »

ok,urobil som to,nenapisali ste ze chcete log z combofix,ale pre istotu ho posielam.skuste napisat ci je to uz dobre.
ComboFix 11-10-09.01 - okaynetbook 11.10.2011 19:36:54.11.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.471 [GMT 2:00]
Spuštěný z: c:\documents and settings\okaynetbook\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\okaynetbook\Plocha\CFScript.txt.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
SP: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7094}
.
FILE ::
"C:\FixitRegBackup.reg"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job"
.
ADS - WINDOWS: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-11 do 2011-10-11 )))))))))))))))))))))))))))))))
.
.
2011-10-11 17:48 . 2011-10-11 17:48 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3036F2A4-AD30-44E7-90D9-2F58A31EDF16}\offreg.dll
2011-10-11 17:17 . 2011-10-11 17:17 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3036F2A4-AD30-44E7-90D9-2F58A31EDF16}\MpKsl4eed78bc.sys
2011-10-11 17:16 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3036F2A4-AD30-44E7-90D9-2F58A31EDF16}\mpengine.dll
2011-10-10 18:50 . 2011-10-10 18:58 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\TuxPaint
2011-10-10 12:11 . 2003-08-29 21:52 75264 ----a-w- c:\windows\system32\unacev2.dll
2011-10-10 12:11 . 2003-08-29 21:51 156160 ----a-w- c:\windows\system32\unrar3.dll
2011-10-09 14:50 . 2011-10-09 14:51 -------- d-----w- C:\rsit
2011-10-08 18:10 . 2011-10-08 18:12 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-08 16:35 . 2011-10-08 16:35 27626 ----a-w- C:\FixitRegBackup.reg
2011-10-08 15:03 . 2011-10-08 15:03 -------- d-----w- c:\windows\Resistance
2011-10-03 05:51 . 2011-10-03 05:51 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Vasilek Games
2011-10-02 19:07 . 2011-10-02 19:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alawar Stargaze
2011-10-02 18:50 . 2011-10-03 05:50 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\wrapper
2011-10-02 18:49 . 2011-10-03 05:50 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\Špidla Data Processing, s.r.o
2011-10-02 18:49 . 2011-10-03 05:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
2011-09-16 22:15 . 2011-09-16 22:15 -------- d-----w- c:\documents and settings\okaynetbook\Data aplikací\AutoHideIP
2011-09-16 22:15 . 2011-09-16 22:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AutoHideIP
2011-09-15 15:12 . 2011-07-06 15:14 101616 ----a-w- c:\windows\system32\drivers\idmtdi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 09:24 . 2011-08-13 06:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-12 14:14 . 2011-01-24 18:19 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-10 14:07 . 2011-09-10 14:07 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-09-09 09:12 . 2009-09-01 22:26 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-08-16 16:46 . 2009-09-01 21:01 6427240 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-08-15 14:47 . 2009-09-01 21:01 60008 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-08-09 14:14 . 2009-09-01 21:01 20055144 ----a-w- c:\windows\RTHDCPL.EXE
2011-08-04 14:59 . 2009-09-01 21:01 1493608 ----a-w- c:\windows\RtlUpd.exe
2011-07-29 04:34 . 2011-07-29 04:34 689664 ----a-w- c:\windows\system32\yowindow.scr
2011-07-15 13:29 . 2009-09-01 22:26 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-05-01 14:50 . 2011-05-09 19:40 2536390 ----a-w- c:\program files\IDM.5.19.2.exe
2008-03-09 05:25 . 2010-05-17 19:18 236 ----a-w- c:\program files\Common Files\dx.reg
2011-10-09 20:28 . 2011-10-09 20:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-09_21.23.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-11 17:48 . 2011-10-11 17:48 16384 c:\windows\temp\Perflib_Perfdata_6bc.dat
+ 2001-03-02 18:52 . 2001-03-02 18:52 15360 c:\windows\system32\asfsipc.dll
- 2010-07-09 21:42 . 2011-09-15 21:07 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2001-03-02 18:52 . 2001-03-02 18:52 8704 c:\windows\system32\npwmsdrm.dll
- 2010-07-09 21:42 . 2011-09-15 21:07 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-07-09 21:42 . 2011-09-15 21:07 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-07-09 21:42 . 2011-10-10 17:34 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\IDM.5.19.2\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-07-27 397312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-09 20055144]
"GrooveMonitor"="d:\programy\Microsoft Office 2007 CZ full\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\okaynetbook\Nabídka Start\Programy\Po spuštění\
Zástupce - sndvol32.lnk - c:\windows\system32\sndvol32.exe [2009-9-1 138752]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 20:45 20744]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [15.9.2011 17:12 101616]
R1 MpKsl4eed78bc;MpKsl4eed78bc;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3036F2A4-AD30-44E7-90D9-2F58A31EDF16}\MpKsl4eed78bc.sys [11.10.2011 19:17 28752]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [6.7.2011 19:21 13592]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe [4.8.2010 17:06 61440]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18.8.2009 23:44 61040]
S3 2hotspot controller;2hotspot Miniport;c:\windows\system32\DRIVERS\acontrol.sys --> c:\windows\system32\DRIVERS\acontrol.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.9.2009 23:01 1691480]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 12:44 30088]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [6.7.2011 18:43 44432]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [6.7.2011 0:22 23456]
S3 FsUsbExDisk;FsUsbExDisk;\??\c:\windows\system32\FsUsbExDisk.SYS --> c:\windows\system32\FsUsbExDisk.SYS [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 14:58 26248]
S3 NANMp50;NANMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NANMp50.sys --> c:\windows\system32\Drivers\NANMp50.sys [?]
S3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\Drivers\Pcouffin.sys --> c:\windows\system32\Drivers\Pcouffin.sys [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [22.8.2011 17:18 2240064]
S3 RTLWUSB;AirLive WL1600USB;c:\windows\system32\drivers\RTL8187.sys [2.3.2011 16:00 323328]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [7.11.2010 5:59 23608]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [12.8.2009 8:57 39040]
S3 widseasd;Widsea Secret Disk Service;\??\c:\documents and settings\okaynetbook\Dokumenty\Downloads\Music\TS-Disk1.63\TS-Disk1.63\widseasd.sys --> c:\documents and settings\okaynetbook\Dokumenty\Downloads\Music\TS-Disk1.63\TS-Disk1.63\widseasd.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2.9.2009 0:26 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-15 20:00]
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-15 20:00]
.
2011-07-06 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2010-07-21 14:52]
.
2011-10-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2011-10-11 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com.eg/keyword/%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Stáhnout s IDM - c:\program files\IDM.5.19.2\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\IDM.5.19.2\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\IDM.5.19.2\IEGetAll.htm
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: ????3?? - c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 217.119.127.1 217.119.127.200
FF - ProfilePath - c:\documents and settings\okaynetbook\Data aplikací\Mozilla\Firefox\Profiles\6jpdurms.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-11 19:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\okaynetbook\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\okaynetbook\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(776)
c:\windows\SYSTEM32\RtlGina\RtlGina.DLL
.
- - - - - - - > 'explorer.exe'(2876)
c:\program files\IDM.5.19.2\IDMShellExt.dll
c:\program files\IDM.5.19.2\IDMNetMon.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2011-10-11 19:55:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-11 17:55
ComboFix2.txt 2011-10-09 21:27
.
Před spuštěním: Volných bajtů: 52 522 663 936
Po spuštění: Volných bajtů: 52 548 218 880
.
- - End Of File - - FC22D58D79EC357F7467B2899154944A
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#26 Příspěvek od vyosek »

:arrow: Stahnete OTM (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :files
C:\FixitRegBackup.reg
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
    :arrow: Dejte novy log z RSIT
  • Kliknete na cervene tlacitko MoveIt!
  • Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#27 Příspěvek od jarek26 »

ok posielam log z otm
All processes killed
========== FILES ==========
C:\FixitRegBackup.reg moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\documents and settings\okaynetbook\Data aplikací\FlashGetBHO folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 2536 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: okaynetbook
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 38022177 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6322 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 36,00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 10112011_204713




a novy log z rsit

Logfile of random's system information tool 1.09 (written by random/random)
Run by okaynetbook at 2011-10-11 20:51:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 50 GB (68%) free of 74 GB
Total RAM: 1015 MB (51% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\okaynetbook\Data aplikací\Mozilla\Firefox\Profiles\6jpdurms.default

prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, mozilla_cc@internetdownloadmanager.com:6.9.7, translator@zoli.bod:2.1.0.1, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\okaynetbook\Data aplikací\Mozilla\Firefox\Profiles\6jpdurms.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\IDM.5.19.2\IDMIECC.dll [2011-09-15 210352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\programy\Microsoft Office 2007 CZ full\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-29 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-08-12 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9F97205-62A3-41F2-9F2C-D99392F882EB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-29 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-08-09 20055144]
"GrooveMonitor"=D:\programy\Microsoft Office 2007 CZ full\Office12\GrooveMonitor.exe [2008-10-25 31072]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-07-27 397312]

C:\Documents and Settings\okaynetbook\Nabídka Start\Programy\Po spuštění
Zástupce - sndvol32.lnk - C:\WINDOWS\system32\sndvol32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\programy\Microsoft Office 2007 CZ full\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMBalloonTip"=0
"NoDriveAutoRun"=67108863
"NoInstrumentation"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"D:\programy\Microsoft Office 2007 CZ full\Office12\GROOVE.EXE"="D:\programy\Microsoft Office 2007 CZ full\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE"="C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE:*:Enabled:Microsoft Application Error Reporting"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:Windows® installer"
"C:\Program Files\Google\Update\GoogleUpdate.exe"="C:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:Instalační program Google"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.DIVX"=divx.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.divxa32"=msaud32_divx.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.VP31"=vp31vfw.dll

======List of files/folders created in the last 1 month======

2011-10-11 20:47:13 ----D---- C:\_OTM
2011-10-11 20:45:17 ----SHD---- C:\RECYCLER
2011-10-11 19:55:31 ----A---- C:\ComboFix.txt
2011-10-11 19:46:56 ----D---- C:\WINDOWS\temp
2011-10-10 20:50:05 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\TuxPaint
2011-10-10 14:11:23 ----A---- C:\WINDOWS\system32\unrar3.dll
2011-10-10 14:11:23 ----A---- C:\WINDOWS\system32\unacev2.dll
2011-10-09 23:08:28 ----A---- C:\Boot.bak
2011-10-09 23:08:15 ----RASHD---- C:\cmdcons
2011-10-09 23:03:14 ----A---- C:\WINDOWS\zip.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\SWSC.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\SWREG.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\sed.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\PEV.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\NIRCMD.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\MBR.exe
2011-10-09 23:03:14 ----A---- C:\WINDOWS\grep.exe
2011-10-09 23:03:04 ----D---- C:\WINDOWS\ERDNT
2011-10-09 16:50:57 ----D---- C:\rsit
2011-10-08 20:10:45 ----D---- C:\Program Files\Microsoft Security Client
2011-10-08 17:03:01 ----D---- C:\WINDOWS\Resistance
2011-10-08 14:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB953356$
2011-10-03 07:51:20 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\Vasilek Games
2011-10-02 21:07:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
2011-10-02 20:50:11 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\wrapper
2011-10-02 20:49:04 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\Špidla Data Processing, s.r.o
2011-10-02 20:49:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
2011-10-01 11:49:00 ----A---- C:\WINDOWS\popcinfo.dat
2011-09-17 00:15:47 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\AutoHideIP
2011-09-17 00:15:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\AutoHideIP
2011-09-15 23:07:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-15 22:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-15 17:12:49 ----A---- C:\WINDOWS\system32\drivers\idmtdi.sys

======List of files/folders modified in the last 1 month======

2011-10-11 20:51:19 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-11 20:50:31 ----AD---- C:\WINDOWS
2011-10-11 20:47:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-11 20:47:17 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-11 20:47:14 ----SD---- C:\WINDOWS\Tasks
2011-10-11 19:55:34 ----D---- C:\WINDOWS\system32\drivers
2011-10-11 19:55:33 ----D---- C:\Qoobox
2011-10-11 19:49:49 ----A---- C:\WINDOWS\system.ini
2011-10-11 19:43:07 ----D---- C:\WINDOWS\AppPatch
2011-10-11 19:43:07 ----AD---- C:\WINDOWS\system32
2011-10-11 19:43:05 ----D---- C:\Program Files\Common Files
2011-10-11 19:35:04 ----SHD---- C:\System Volume Information
2011-10-11 19:35:04 ----D---- C:\WINDOWS\system32\Restore
2011-10-11 19:27:14 ----RD---- C:\Program Files
2011-10-11 19:22:47 ----SHD---- C:\WINDOWS\Installer
2011-10-11 19:22:47 ----RD---- C:\WINDOWS\Web
2011-10-11 19:22:47 ----D---- C:\WINDOWS\Icons
2011-10-11 19:22:47 ----D---- C:\Program Files\Windows Media Connect 2
2011-10-11 19:22:46 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\Chessmaster Challenge
2011-10-10 21:27:12 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\DMCache
2011-10-10 21:15:28 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-10 19:35:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-10-10 14:44:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-10 14:39:55 ----D---- C:\Program Files\totalcmd
2011-10-10 14:39:37 ----A---- C:\WINDOWS\WINCMD.INI
2011-10-10 14:32:18 ----HD---- C:\WINDOWS\inf
2011-10-09 23:08:28 ----RASH---- C:\boot.ini
2011-10-09 23:03:04 ----D---- C:\WINDOWS\Prefetch
2011-10-09 22:54:55 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-09 22:29:48 ----D---- C:\Program Files\Mozilla Firefox
2011-10-09 16:18:38 ----D---- C:\Program Files\trend micro
2011-10-09 16:06:55 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\IDM
2011-10-08 23:12:44 ----RSD---- C:\WINDOWS\assembly
2011-10-08 23:12:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-08 22:32:54 ----D---- C:\Program Files\Pinnacle
2011-10-08 22:32:36 ----RSD---- C:\WINDOWS\Fonts
2011-10-08 19:13:06 ----D---- C:\WINDOWS\system32\config
2011-10-08 19:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-10-08 16:23:51 ----SD---- C:\Documents and Settings\okaynetbook\Data aplikací\Microsoft
2011-10-08 16:22:08 ----A---- C:\WINDOWS\ODBC.INI
2011-10-08 16:18:34 ----D---- C:\WINDOWS\system
2011-10-08 14:43:13 ----D---- C:\Program Files\Common Files\LightScribe
2011-10-08 14:40:26 ----DC---- C:\WINDOWS\$NtUninstallKB12818$
2011-10-08 14:08:43 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-08 14:06:42 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-08 11:49:11 ----D---- C:\WINDOWS\Debug
2011-10-03 12:54:21 ----A---- C:\WINDOWS\WirelessFTP.INI
2011-09-29 21:13:27 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\Skype
2011-09-29 00:06:44 ----D---- C:\Program Files\IDM.5.19.2
2011-09-28 08:40:08 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\SEDE
2011-09-23 15:26:13 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-09-16 21:43:14 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\ICQ
2011-09-16 20:31:08 ----D---- C:\Program Files\ICQ7.2
2011-09-16 10:38:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-15 23:07:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-15 19:17:01 ----RD---- C:\Program Files\Skype
2011-09-15 19:16:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-09-15 17:13:14 ----D---- C:\Documents and Settings\okaynetbook\Data aplikací\skypePM
2011-09-15 16:37:51 ----D---- C:\WINDOWS\system32\Adobe
2011-09-15 16:37:29 ----D---- C:\WINDOWS\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2011-05-20 461592]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2011-07-06 101616]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl078093ce;MpKsl078093ce; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{43E76015-0C90-4A5C-A564-DF0806F60858}\MpKsl078093ce.sys []
R1 MpKslc40626bf;MpKslc40626bf; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{43E76015-0C90-4A5C-A564-DF0806F60858}\MpKslc40626bf.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-03-02 21361]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-08-16 6427240]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2010-04-22 61040]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 2hotspot controller;2hotspot Miniport; C:\WINDOWS\system32\DRIVERS\acontrol.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz132;cpuz132; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Documents and Settings\okaynetbook\Plocha\MediaCoder\SysInfo.sys []
S3 dc3d;MS Hardware Device Detection Driver; C:\WINDOWS\system32\DRIVERS\dc3d.sys [2010-07-21 44432]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NANMp50;NANMp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\NANMp50.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2010-07-21 21520]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2010-07-21 40848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2011-04-15 2240064]
S3 RTLWUSB;AirLive WL1600USB; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2010-04-06 323328]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SndTAudio;SndTAudio; C:\WINDOWS\system32\drivers\SndTAudio.sys [2010-09-11 23608]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\sscdserd.sys [2007-07-03 86824]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 uvclf;uvclf; C:\WINDOWS\system32\DRIVERS\uvclf.sys [2008-11-19 39040]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 widseasd;Widsea Secret Disk Service; \??\C:\Documents and Settings\okaynetbook\Dokumenty\Downloads\Music\TS-Disk1.63\TS-Disk1.63\widseasd.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-21 53248]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\NlsSrv32.exe [2009-06-07 61440]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-06-19 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\programy\Microsoft Office 2007 CZ full\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#28 Příspěvek od vyosek »

Tak co ten nas pacient, jak se chova :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
jarek26
Návštěvník
Návštěvník
Příspěvky: 121
Registrován: 23 pro 2008 16:01
Bydliště: Bardejov
Kontaktovat uživatele:
Kontaktovat uživatele jarek26

Re: nejde spustit antivir ziadny

#29 Příspěvek od jarek26 »

jo je to dobry,zatim:)),tak dekujem za vsechno,dobre se s vami spolupracovalo.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: nejde spustit antivir ziadny

#30 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A je to z me strany vse :|

Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek


A na rozloucenou vam zahraje nase kapela :guitar: :150: :151: :152: :153: :154: :196:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Diskuze, řešení problémů“