Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Mrzne PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#16 Příspěvek od Unlimited_Killer »

Potřebuju log (měl by vyletět notepad s logem).
inactive
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#17 Příspěvek od martin1973 »

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3635
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

30.1.2010 17:13:24
mbam-log-2010-01-30 (17-13-24).txt

Typ kontroly: Úplná (C:\|D:\|)
Objektov kontrolovaných: 207297
Uplynutý cas: 55 minute(s), 27 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 2

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\System Volume Information\_restore{24C17329-FC0D-4DE6-B26B-E0459C585C45}\RP32\A0020906.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{24C17329-FC0D-4DE6-B26B-E0459C585C45}\RP32\A0020740.sys (Malware.Trace) -> Quarantined and deleted successfully.
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#18 Příspěvek od Unlimited_Killer »

Prosím o nový ComboFix log.
inactive
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#19 Příspěvek od martin1973 »

ComboFix 10-01-29.09 - Martin Čigaš 30.01.2010 17:18:53.3.1 - x86
Running from: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100130-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-30 )))))))))))))))))))))))))))))))
.

2010-01-28 18:49 . 2010-01-28 18:49 -------- d-----w- c:\program files\Trend Micro
2010-01-28 15:13 . 2010-01-28 15:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\BVRP Software
2010-01-28 15:12 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2010-01-28 15:12 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2010-01-28 15:12 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2010-01-28 15:12 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2010-01-28 15:12 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2010-01-28 15:12 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2010-01-28 15:12 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2010-01-28 15:12 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2010-01-28 15:11 . 2010-01-28 15:11 -------- d-----w- c:\program files\Sony Ericsson
2010-01-28 15:11 . 2010-01-28 15:11 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Sony Ericsson
2010-01-27 21:35 . 2007-06-19 08:51 21928 ----a-r- c:\windows\system32\drivers\s816nd5.sys
2010-01-27 21:35 . 2007-06-19 08:51 97704 ----a-r- c:\windows\system32\drivers\s816unic.sys
2010-01-27 21:35 . 2007-06-19 08:51 9768 ----a-r- c:\windows\system32\drivers\s816cr.sys
2010-01-27 21:35 . 2007-06-19 08:51 99112 ----a-r- c:\windows\system32\drivers\s816mgmt.sys
2010-01-27 21:35 . 2007-06-19 08:51 97320 ----a-r- c:\windows\system32\drivers\s816obex.sys
2010-01-27 21:35 . 2007-06-19 08:51 13864 ----a-r- c:\windows\system32\drivers\s816mdfl.sys
2010-01-27 21:35 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816cmnt.sys
2010-01-27 21:35 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816cm.sys
2010-01-27 21:34 . 2007-06-19 08:51 107304 ----a-r- c:\windows\system32\drivers\s816mdm.sys
2010-01-27 21:34 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816whnt.sys
2010-01-27 21:34 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816wh.sys
2010-01-27 21:34 . 2007-06-19 08:51 81832 ----a-r- c:\windows\system32\drivers\s816bus.sys
2010-01-27 18:06 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-27 18:06 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-27 18:06 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-27 18:06 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-27 18:06 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-27 18:06 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-27 18:06 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-27 18:06 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-27 18:06 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-27 14:57 . 2010-01-27 14:57 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY.000\Local Settings\Application Data\Google
2010-01-27 14:54 . 2010-01-27 14:54 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Local Settings\Application Data\Google
2010-01-27 14:54 . 2010-01-27 14:55 -------- d-----w- c:\program files\Google
2010-01-27 14:53 . 2010-01-27 15:08 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Alwil Software
2010-01-26 21:24 . 2010-01-26 21:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-26 21:23 . 2010-01-26 21:23 -------- d-----w- c:\program files\Java
2010-01-26 21:22 . 2010-01-26 21:22 -------- d-----w- c:\program files\Brothersoft
2010-01-26 17:44 . 2007-02-08 19:00 95744 ----a-r- c:\windows\system32\atl80.dll
2010-01-26 17:44 . 2007-02-08 19:00 626688 ----a-r- c:\windows\system32\msvcr80.dll
2010-01-26 17:44 . 2007-02-08 19:00 548864 ----a-r- c:\windows\system32\msvcp80.dll
2010-01-26 17:44 . 2007-02-08 19:00 1079808 ----a-r- c:\windows\system32\mfc80u.dll
2010-01-26 14:56 . 2007-04-04 11:43 23176 ----a-r- c:\windows\system32\drivers\s716nd5.sys
2010-01-26 14:56 . 2007-04-04 11:43 98952 ----a-r- c:\windows\system32\drivers\s716unic.sys
2010-01-26 14:56 . 2007-04-04 11:43 11016 ----a-r- c:\windows\system32\drivers\s716cr.sys
2010-01-26 14:56 . 2007-04-04 11:43 100360 ----a-r- c:\windows\system32\drivers\s716mgmt.sys
2010-01-26 14:56 . 2007-04-04 11:43 98568 ----a-r- c:\windows\system32\drivers\s716obex.sys
2010-01-26 14:56 . 2007-04-04 11:43 108552 ----a-r- c:\windows\system32\drivers\s716mdm.sys
2010-01-26 14:56 . 2007-04-04 11:43 15112 ----a-r- c:\windows\system32\drivers\s716mdfl.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716cmnt.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716cm.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716whnt.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716wh.sys
2010-01-26 14:56 . 2007-04-04 11:43 83208 ----a-r- c:\windows\system32\drivers\s716bus.sys
2010-01-26 14:32 . 2010-01-26 14:32 6144 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\sp_rsdel.exe
2010-01-26 14:32 . 2010-01-26 14:32 5632 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\fileobjinfo.sys
2010-01-26 14:32 . 2010-01-26 14:32 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-26 14:32 . 2010-01-30 15:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator
2010-01-26 14:32 . 2010-01-30 15:52 -------- d-----w- c:\program files\Spyware Terminator
2010-01-25 17:04 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-25 17:03 . 2010-01-25 17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-25 17:03 . 2010-01-25 17:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-01-25 17:03 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-25 16:32 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-01-24 22:39 . 2010-01-26 17:42 -------- d-----w- c:\program files\OLYMPUS
2010-01-24 22:35 . 2010-01-24 22:35 -------- d-----w- c:\program files\QuickTime
2010-01-24 22:34 . 2010-01-24 22:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2010-01-24 22:18 . 2010-01-24 22:18 -------- d-----w- c:\program files\ZipX
2010-01-24 22:12 . 2004-08-03 21:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2010-01-24 22:12 . 2004-08-03 21:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-01-24 22:12 . 2004-08-03 21:41 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-01-24 22:12 . 2004-08-03 21:41 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-01-24 22:12 . 2008-04-14 00:12 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-01-24 22:04 . 2010-01-24 22:04 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-01-24 22:04 . 2008-05-29 08:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2010-01-24 22:03 . 2010-01-24 22:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2010-01-24 22:03 . 2010-01-24 22:04 -------- d-----w- c:\program files\TuneUp Utilities 2008
2010-01-24 22:02 . 2010-01-24 22:02 -------- d-----w- c:\program files\Opera
2010-01-24 21:59 . 2010-01-25 16:38 -------- d-----w- c:\program files\BS_Player
2010-01-24 21:59 . 2010-01-24 21:59 -------- d-----w- c:\program files\Webteh
2010-01-24 21:58 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-01-24 21:58 . 2010-01-24 21:58 -------- d-----w- c:\program files\CDBurnerXP
2010-01-24 21:56 . 2010-01-24 21:56 -------- d-----w- c:\program files\MSBuild
2010-01-24 21:55 . 2010-01-24 21:55 -------- d-----w- c:\program files\Reference Assemblies
2010-01-24 21:55 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-24 21:55 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-24 21:55 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-24 21:55 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-24 21:55 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-24 21:55 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-24 21:55 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-24 21:55 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-24 21:55 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-24 21:49 . 2010-01-24 21:49 -------- d-----w- c:\program files\MSXML 6.0
2010-01-24 21:41 . 2010-01-24 21:41 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-24 21:40 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-01-24 21:40 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-01-24 21:40 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-01-24 21:40 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-01-24 21:40 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-24 21:40 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-01-24 21:40 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-01-24 21:40 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-24 21:40 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-01-24 21:39 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-01-24 21:39 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2010-01-24 21:39 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-01-24 21:38 . 2010-01-24 21:38 -------- d-----r- c:\program files\Skype
2010-01-24 21:38 . 2010-01-24 21:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2010-01-24 21:36 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-01-24 21:36 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-24 21:36 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-01-24 21:36 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-01-24 21:36 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-01-24 21:36 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-24 21:36 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-24 21:36 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-01-24 21:34 . 2008-06-12 14:23 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll
2010-01-24 21:34 . 2008-06-12 14:23 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-29 15:09 . 2010-01-29 15:08 -------- d-----w- c:\program files\JDownloader
2010-01-24 22:48 . 2010-01-24 20:36 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-24 22:48 . 2010-01-24 20:36 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-24 22:16 . 2009-04-23 19:10 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 22:01 . 2010-01-24 22:01 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-24 22:01 . 2010-01-24 22:01 -------- d-----w- c:\program files\CCleaner
2010-01-24 20:51 . 2010-01-24 20:37 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-24 20:33 . 2010-01-24 20:33 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-23 20:53 . 2009-04-23 18:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-04 18:00 . 2010-01-24 22:01 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-12-25 17:29 . 2009-12-25 17:30 36 ----a-w- C:\mediamp3.dat
2009-12-22 05:21 . 2006-02-28 12:00 667136 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-12 14:15 . 2010-01-24 22:01 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-29_14.54.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-27 17:43 . 2010-01-30 16:19 32768 c:\windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-27 17:43 . 2010-01-29 14:49 32768 c:\windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-29 15:14 . 2010-01-29 15:14 16384 c:\windows\Temp\Perflib_Perfdata_570.dat
+ 2010-01-30 16:15 . 2010-01-30 16:15 16384 c:\windows\Temp\Perflib_Perfdata_19c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e8de9422-3b2c-4243-bf6f-235da84d8ef8}"= "c:\program files\Brothersoft\tbBrot.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
2009-12-31 10:53 2349080 ----a-w- c:\program files\Brothersoft\tbBrot.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-01-25 16:38 2166296 ----a-w- c:\program files\BS_Player\tbBS_1.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-01-25 2166296]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-26 3037696]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-26 2166784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 133104]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
R3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
R3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
R3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
R3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
R3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
R3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S1 aswSP;avast! Self Protection; [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-26 142592]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-01-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2010-01-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 14:54]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 14:54]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2463487&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Brothersoft Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2463487&SearchSource=13
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 17:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(172)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-01-30 17:25:10
ComboFix-quarantined-files.txt 2010-01-30 16:25
ComboFix2.txt 2010-01-29 14:55

Pre-Run: 14 138 716 160 bytes free
Post-Run: 14 139 678 720 bytes free

- - End Of File - - AEFDF8DF28D7066D0A095F60A145853D
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#20 Příspěvek od martin1973 »

RSIT som stiahol znova ale nejde spustiť aj tak,ale HJT ide ak pomôže tu je log Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29:23, on 30.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: Brothersoft Toolbar - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - C:\Program Files\Brothersoft\tbBrot.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Brothersoft Toolbar - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - C:\Program Files\Brothersoft\tbBrot.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User '?')
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5602 bytes
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#21 Příspěvek od Unlimited_Killer »

Omlouvám se za prodlevu. :oops:

~~~

Otevřete si Poznámkový blok a vkopírujte do něj

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e8de9422-3b2c-4243-bf6f-235da84d8ef8}"=-
"{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}"=-
[-HKEY_CLASSES_ROOT\clsid\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"=
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-

File::
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\AppleSoftwareUpdate.job

Extra::
FireFox::
FF - ProfilePath - c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Brothersoft Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT24634 ... hSource=13

Reboot::
uložte to na Plochu jako CFScript.txt Pak jej myší přetáhněte nad ComboFix (musí být na Ploše) a pusťte (vizte obrázek).

Obrázek

ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem vložte log, který na Vás po dočistění vybafne.
inactive
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#22 Příspěvek od martin1973 »

ComboFix 10-01-30.04 - Martin Čigaš 31.01.2010 8:31.4.1 - x86
Running from: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Desktop\CFScript.txt.txt
AV: avast! antivirus 4.8.1368 [VPS 100130-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\Tasks\AppleSoftwareUpdate.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\AppleSoftwareUpdate.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

.
((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-31 )))))))))))))))))))))))))))))))
.

2010-01-30 16:27 . 2010-01-31 07:27 -------- d-----w- C:\rsit
2010-01-29 15:08 . 2010-01-29 15:09 -------- d-----w- c:\program files\JDownloader
2010-01-28 18:49 . 2010-01-28 18:49 -------- d-----w- c:\program files\Trend Micro
2010-01-28 15:13 . 2010-01-28 15:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\BVRP Software
2010-01-28 15:12 . 2008-05-16 10:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2010-01-28 15:12 . 2008-05-16 10:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2010-01-28 15:12 . 2008-05-16 10:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2010-01-28 15:12 . 2008-05-16 10:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2010-01-28 15:12 . 2008-05-16 10:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2010-01-28 15:12 . 2008-05-16 10:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2010-01-28 15:12 . 2008-05-16 10:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2010-01-28 15:12 . 2008-05-16 10:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2010-01-28 15:12 . 2008-05-16 10:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2010-01-28 15:11 . 2010-01-28 15:11 -------- d-----w- c:\program files\Sony Ericsson
2010-01-28 15:11 . 2010-01-28 15:11 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Sony Ericsson
2010-01-27 21:35 . 2007-06-19 08:51 21928 ----a-r- c:\windows\system32\drivers\s816nd5.sys
2010-01-27 21:35 . 2007-06-19 08:51 97704 ----a-r- c:\windows\system32\drivers\s816unic.sys
2010-01-27 21:35 . 2007-06-19 08:51 9768 ----a-r- c:\windows\system32\drivers\s816cr.sys
2010-01-27 21:35 . 2007-06-19 08:51 99112 ----a-r- c:\windows\system32\drivers\s816mgmt.sys
2010-01-27 21:35 . 2007-06-19 08:51 97320 ----a-r- c:\windows\system32\drivers\s816obex.sys
2010-01-27 21:35 . 2007-06-19 08:51 13864 ----a-r- c:\windows\system32\drivers\s816mdfl.sys
2010-01-27 21:35 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816cmnt.sys
2010-01-27 21:35 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816cm.sys
2010-01-27 21:34 . 2007-06-19 08:51 107304 ----a-r- c:\windows\system32\drivers\s816mdm.sys
2010-01-27 21:34 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816whnt.sys
2010-01-27 21:34 . 2007-06-19 08:51 11176 ----a-r- c:\windows\system32\drivers\s816wh.sys
2010-01-27 21:34 . 2007-06-19 08:51 81832 ----a-r- c:\windows\system32\drivers\s816bus.sys
2010-01-27 18:06 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-27 18:06 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-27 18:06 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-27 18:06 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-27 18:06 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-27 18:06 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-27 18:06 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-27 18:06 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-27 18:06 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-27 14:57 . 2010-01-27 14:57 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY.000\Local Settings\Application Data\Google
2010-01-27 14:54 . 2010-01-27 14:54 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Local Settings\Application Data\Google
2010-01-27 14:54 . 2010-01-27 14:55 -------- d-----w- c:\program files\Google
2010-01-27 14:53 . 2010-01-27 15:08 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Alwil Software
2010-01-26 21:24 . 2010-01-26 21:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-26 21:23 . 2010-01-26 21:23 -------- d-----w- c:\program files\Java
2010-01-26 21:22 . 2010-01-26 21:22 -------- d-----w- c:\program files\Brothersoft
2010-01-26 17:44 . 2007-02-08 19:00 95744 ----a-r- c:\windows\system32\atl80.dll
2010-01-26 17:44 . 2007-02-08 19:00 626688 ----a-r- c:\windows\system32\msvcr80.dll
2010-01-26 17:44 . 2007-02-08 19:00 548864 ----a-r- c:\windows\system32\msvcp80.dll
2010-01-26 17:44 . 2007-02-08 19:00 1079808 ----a-r- c:\windows\system32\mfc80u.dll
2010-01-26 14:56 . 2007-04-04 11:43 23176 ----a-r- c:\windows\system32\drivers\s716nd5.sys
2010-01-26 14:56 . 2007-04-04 11:43 98952 ----a-r- c:\windows\system32\drivers\s716unic.sys
2010-01-26 14:56 . 2007-04-04 11:43 11016 ----a-r- c:\windows\system32\drivers\s716cr.sys
2010-01-26 14:56 . 2007-04-04 11:43 100360 ----a-r- c:\windows\system32\drivers\s716mgmt.sys
2010-01-26 14:56 . 2007-04-04 11:43 98568 ----a-r- c:\windows\system32\drivers\s716obex.sys
2010-01-26 14:56 . 2007-04-04 11:43 108552 ----a-r- c:\windows\system32\drivers\s716mdm.sys
2010-01-26 14:56 . 2007-04-04 11:43 15112 ----a-r- c:\windows\system32\drivers\s716mdfl.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716cmnt.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716cm.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716whnt.sys
2010-01-26 14:56 . 2007-04-04 11:43 12424 ----a-r- c:\windows\system32\drivers\s716wh.sys
2010-01-26 14:56 . 2007-04-04 11:43 83208 ----a-r- c:\windows\system32\drivers\s716bus.sys
2010-01-26 14:32 . 2010-01-26 14:32 6144 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\sp_rsdel.exe
2010-01-26 14:32 . 2010-01-26 14:32 5632 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\fileobjinfo.sys
2010-01-26 14:32 . 2010-01-26 14:32 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-26 14:32 . 2010-01-30 15:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator
2010-01-26 14:32 . 2010-01-30 16:35 -------- d-----w- c:\program files\Spyware Terminator
2010-01-25 17:04 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-25 17:03 . 2010-01-25 17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-25 17:03 . 2010-01-25 17:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-01-25 17:03 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-25 16:32 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-01-24 22:39 . 2010-01-26 17:42 -------- d-----w- c:\program files\OLYMPUS
2010-01-24 22:35 . 2010-01-24 22:35 -------- d-----w- c:\program files\QuickTime
2010-01-24 22:34 . 2010-01-24 22:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2010-01-24 22:18 . 2010-01-24 22:18 -------- d-----w- c:\program files\ZipX
2010-01-24 22:12 . 2004-08-03 21:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2010-01-24 22:12 . 2004-08-03 21:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-01-24 22:12 . 2004-08-03 21:41 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-01-24 22:12 . 2004-08-03 21:41 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-01-24 22:12 . 2008-04-14 00:12 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-01-24 22:04 . 2010-01-24 22:04 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-01-24 22:04 . 2008-05-29 08:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2010-01-24 22:03 . 2010-01-24 22:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2010-01-24 22:03 . 2010-01-24 22:04 -------- d-----w- c:\program files\TuneUp Utilities 2008
2010-01-24 22:02 . 2010-01-24 22:02 -------- d-----w- c:\program files\Opera
2010-01-24 21:59 . 2010-01-25 16:38 -------- d-----w- c:\program files\BS_Player
2010-01-24 21:59 . 2010-01-24 21:59 -------- d-----w- c:\program files\Webteh
2010-01-24 21:58 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-01-24 21:58 . 2010-01-24 21:58 -------- d-----w- c:\program files\CDBurnerXP
2010-01-24 21:56 . 2010-01-24 21:56 -------- d-----w- c:\program files\MSBuild
2010-01-24 21:55 . 2010-01-24 21:55 -------- d-----w- c:\program files\Reference Assemblies
2010-01-24 21:55 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-24 21:55 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-24 21:55 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-24 21:55 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-24 21:55 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-24 21:55 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-24 21:55 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-24 21:55 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-24 21:55 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-24 21:49 . 2010-01-24 21:49 -------- d-----w- c:\program files\MSXML 6.0
2010-01-24 21:41 . 2010-01-24 21:41 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-24 21:40 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-01-24 21:40 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-01-24 21:40 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-01-24 21:40 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-01-24 21:40 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-24 21:40 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-01-24 21:40 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-01-24 21:40 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-24 21:40 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-01-24 21:39 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-01-24 21:39 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2010-01-24 21:39 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-01-24 21:38 . 2010-01-24 21:38 -------- d-----r- c:\program files\Skype
2010-01-24 21:38 . 2010-01-24 21:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2010-01-24 21:36 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-01-24 21:36 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-24 21:36 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-01-24 21:36 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-01-24 21:36 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-01-24 21:36 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-24 21:36 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-24 21:36 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 22:48 . 2010-01-24 20:36 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-24 22:48 . 2010-01-24 20:36 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-24 22:16 . 2009-04-23 19:10 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 22:01 . 2010-01-24 22:01 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-24 22:01 . 2010-01-24 22:01 -------- d-----w- c:\program files\CCleaner
2010-01-24 20:51 . 2010-01-24 20:37 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-24 20:33 . 2010-01-24 20:33 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-23 20:53 . 2009-04-23 18:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-04 18:00 . 2010-01-24 22:01 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-12-25 17:29 . 2009-12-25 17:30 36 ----a-w- C:\mediamp3.dat
2009-12-22 05:21 . 2006-02-28 12:00 667136 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-12 14:15 . 2010-01-24 22:01 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-29_14.54.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-31 07:41 . 2010-01-31 07:42 32768 c:\windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-27 17:43 . 2010-01-29 14:49 32768 c:\windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-31 07:42 . 2010-01-31 07:42 13824 c:\windows\Temporary Internet Files\Content.IE5\12YH1AGL\Reader9Manifest[1].msi
+ 2010-01-31 07:18 . 2010-01-31 07:18 16384 c:\windows\Temp\Perflib_Perfdata_57c.dat
+ 2010-01-31 07:36 . 2010-01-31 07:36 16384 c:\windows\Temp\Perflib_Perfdata_568.dat
+ 2010-01-31 07:37 . 2010-01-31 07:37 16384 c:\windows\Temp\Perflib_Perfdata_194.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-26 3037696]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-26 2166784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-27 133104]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
R3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
R3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
R3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
R3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
R3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
R3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S1 aswSP;avast! Self Protection; [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-26 142592]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-01-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Martin Čigaš.MARTIN-747D4297\Application Data\Mozilla\Firefox\Profiles\ml5y73xi.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-31 08:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2636)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2010-01-31 08:45:08 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-31 07:45
ComboFix2.txt 2010-01-30 16:25
ComboFix3.txt 2010-01-29 14:55

Pre-Run: 14 118 387 712 bytes free
Post-Run: 14 076 821 504 bytes free

- - End Of File - - B68FD9DF8A651EF43CAF52D55A4ED12C
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#23 Příspěvek od Unlimited_Killer »

Prosím o nový RSIT log.
inactive
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#24 Příspěvek od martin1973 »

RSIT nejde spustiť ani núdzovom režime.Dať log HJT?
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#25 Příspěvek od martin1973 »

Tu je log z HJT Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:49, on 31.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User '?')
O4 - HKUS\S-1-5-21-583907252-1960408961-839522115-1004\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5151 bytes
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#26 Příspěvek od Unlimited_Killer »

Zapomněl jsem, že Vám nějak nejde. :oops:

~~~

Spusťte Příkazový řádek [Start > Spustit > cmd > Enter].
Do něho napište následující příkaz:

Kód: Vybrat vše

sc delete JavaQuickStarterService
a po každém příkaze stiskněte Enter.

~~~

Jak se chová PC?
inactive
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#27 Příspěvek od martin1973 »

Stále rovnako,Jdownloader nenačíta vôbec,Olympus Master po načítavaní zopár fotiek sa zasekne a už sa nedá nič robiť len reštartnúť pc a ktomu ten rsit
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#28 Příspěvek od Unlimited_Killer »

Zkoušel jste obě aplikace přeinstalovat?
inactive
Nahoru
martin1973
Návštěvník
Návštěvník
Příspěvky: 194
Registrován: 13 led 2010 23:10

Re: Mrzne PC

#29 Příspěvek od martin1973 »

Ano a nič.Zaujímavé.Pritom Olympus na inom pc doma funguje v pohode
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Mrzne PC

#30 Příspěvek od Unlimited_Killer »

Zajímavé... neexistují k těmto programům nějaké alternativní?
inactive
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“