VIRY.CZ

Combofix sa nespustí.Vyskočí okno CFScript name Error a je tam napísané : Were you trying to run CFScript? The name CFScipt appears to be incorrectly spelt.

Zapoměl jsem napsat, abyste jej uložil jako CFScript.txt. Omlouvám se.

Keď som to premenoval Combofix sa už spustil.Bohužiaľ to problém nevyriešilo.prikladám log

ComboFix 13-03-25.01 - janči . 03. 2013 22:32:36.8.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3325.2266 [GMT 1:00]
Running from: c:\users\janči\Documents\ComboFix.exe
Command switches used :: c:\users\janči\Documents\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-02-25 to 2013-03-25 )))))))))))))))))))))))))))))))
.
.
2013-03-25 21:36 . 2013-03-25 21:41 -------- d-----w- c:\users\janči\AppData\Local\temp
2013-03-25 21:36 . 2013-03-25 21:36 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-03-25 21:36 . 2013-03-25 21:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-25 19:12 . 2013-03-06 23:33 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-25 19:12 . 2013-03-06 23:33 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-25 19:12 . 2013-03-06 23:33 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-25 19:12 . 2013-03-06 23:33 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-25 19:12 . 2013-03-06 23:33 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-25 19:12 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-25 19:12 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-25 19:12 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-25 19:12 . 2013-03-06 23:32 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-25 19:11 . 2013-03-06 23:32 41664 ----a-w- c:\windows\avastSS.scr
2013-03-25 19:11 . 2013-03-25 19:11 -------- d-----w- c:\program files\AVAST Software
2013-03-25 19:10 . 2013-03-25 19:11 -------- d-----w- c:\programdata\AVAST Software
2013-03-25 17:37 . 2013-03-25 17:37 -------- d-----w- C:\_OTM
2013-03-25 16:49 . 2013-03-25 16:49 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-25 16:07 . 2013-03-25 16:07 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-03-25 15:06 . 2013-03-25 15:06 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2013-03-24 16:22 . 2013-03-24 16:25 -------- d-----w- c:\program files\MyPC Backup
2013-03-24 16:21 . 2013-03-24 16:25 -------- d-----w- c:\users\janči\AppData\Roaming\Systweak
2013-03-24 11:59 . 2013-03-24 11:59 -------- d---a-w- c:\windows\rundll16.exe
2013-03-24 11:59 . 2013-03-24 11:59 -------- d---a-w- c:\windows\logo1_.exe
2013-03-24 10:42 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-14 16:50 . 2013-03-14 16:50 -------- d-----w- c:\users\janči\AppData\Local\MigWiz
2013-03-12 16:36 . 2013-03-12 16:36 -------- d-----w- c:\users\janči\AppData\Roaming\Kastner software
2013-03-12 16:36 . 2013-03-12 16:36 -------- d-----w- c:\programdata\KASTNER software
2013-03-12 16:36 . 2013-03-12 16:36 -------- d-----w- c:\program files\KASTNER software
2013-02-24 19:00 . 2007-04-10 06:29 3186688 ----a-w- c:\windows\system32\cdintf300.dll
2013-02-24 19:00 . 2007-04-10 06:29 3186688 ----a-w- c:\windows\system32\acXMLParser.dll
2013-02-24 18:57 . 2013-02-24 20:07 -------- d-----w- C:\CENKROSplusData
2013-02-24 18:57 . 2013-02-24 20:07 -------- d-----w- c:\program files\CENKROSplus
2013-02-24 18:56 . 2013-02-24 18:56 -------- d-----w- c:\windows\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-24 11:46 . 2012-05-24 11:00 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-24 11:46 . 2012-05-24 11:00 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-05 05:26 . 2013-02-13 08:32 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:26 . 2013-02-13 08:32 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 11:28 . 2013-02-13 08:32 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38 . 2013-02-13 08:32 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-03-07 14:30 . 2013-03-24 19:59 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnergySettings"="c:\program files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe" [2008-09-19 113664]
"FSCRecovery"="c:\program files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe" [2008-06-18 268096]
"KeyConfiguration"="c:\program files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe" [2008-09-04 413184]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-10 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner]
c:\program files\Uniblue\DriverScanner\launcher.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-09-12 16:45 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-25 19:15 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 11:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\janči\AppData\Roaming\Mozilla\Firefox\Profiles\gkk72vu4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.sk/
FF - ExtSQL: 2013-03-25 20:11; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-25 22:42
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
c:\program files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe
c:\program files\Nero\Update\NASvc.exe
c:\program files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2013-03-25 22:43:45 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-25 21:43
ComboFix2.txt 2013-03-25 20:35
ComboFix3.txt 2013-03-25 20:23
ComboFix4.txt 2013-03-24 16:14
ComboFix5.txt 2013-03-25 20:49
.
Pre-Run: 191 122 944 000 bytes free
Post-Run: 190 950 887 424 bytes free
.
- - End Of File - - 6B50B47F639B9EB2526A6CF19B733677

Chtěl jsem jen vědět, jestli problém nezpůsobuje virus. CF v prvním skenu něco smazal a v druhém odemkl uzamčené klíče. Log je nyní čistý a PC vyčištěn od zbytečností. Zkuste ještě:

1. Restart modemu, příp. dalších síť. prvků v datové cestě.
2. Vypnout na zkoušku systémový firewall.
3. Klik pravým myšítkem na ikonu sítě na tray>opravit. Bude resetován TCP/IP protokol.
4. Smazat cache prohlížeče.

Ďakujem za snahu pomôcť.Nefunguje nič,čo má niečo spoločné s "google"

zaskocim:
pozri v TCP/IP ako mas nastavene DNS servery ??

Tak to teda netuším ako mám spraviť...................

skus v prikazovom riadku napisat ipconfig /all

So mnou musíš ako s analfabetom.....ako sa dostanem k príkazovému riadku vo Viste?

Tak som to do toho príkazového riadku napísal a........žiadna zmena

start-spustit-cmd <enter>
dostanes sa do prikazoveho riadku - cierne okno
ipconfig /all <enter>
prebehne vypis - z toho odpises nastavenie serverov DNS

Ďakujem za rady ! Chyba bola u prevádzkovateľa siete.

diiik zo info

Děkujeme a zamykám.