Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Zpráva

Rinto · #61 Příspěvek od **Rinto** » 01 úno 2010 23:30

register atapi zazipovany

a v tom programe som pozrel sectory 0 az 63 a nenasiel som ani jeden sektor kde by boli len same nuly

#62 Příspěvek od **motji** » 01 úno 2010 23:42

Ráno Vám sem vložím návod na vyčištění, pokud si troufnete. Určitě jste se díval na fyzické disky?

Rinto · #63 Příspěvek od **Rinto** » 01 úno 2010 23:57

hej,fyzicke disky--pevny disk 1--
na sektore 0-vseliake cisla a pismena
na sektore 1-vsetko 01
na sektore 2-vsetko 02
na sektore 3-vsetko 03
na sektore 4-vsetko 04
na sektore 5-vsetko 05
na sektore 6-vsetko 06
na sektore 7-vsetko 07
na sektore 8-vsetko 08
na sektore 9-vsetko 09
na sektore 10-vsetko 0A
na sektore 11-vsetko 0B
na sektore 12-vsetko 0C
na sektore 13-vsetko 0D
na sektore 14-vsetko 0E
na sektore 15-vsetko 0F
na sektore 16-vsetko 10
na sektore 17-vsetko 11
na sektore 18-vsetko 12
na sektore 19-vsetko 13
na sektore 20-vsetko 14
na sektore 21-vsetko 15
na sektore 22-vsetko 16
na sektore 23-vsetko 17
na sektore 24-vsetko 18
na sektore 25-vsetko 19
na sektore 26-vsetko 1A
na sektore 27-vsetko 1B
na sektore 28-vsetko 1C
na sektore 29-vsetko 1D
na sektore 30-vsetko 1E
na sektore 31-vsetko 1F
na sektore 32-vsetko 20
na sektore 33-vsetko 21
na sektore 34-vsetko 22
na sektore 35-vsetko 23
na sektore 36-vsetko 24
na sektore 37-vsetko 25
na sektore 38-vsetko 26
na sektore 39-vsetko 27
na sektore 40-vsetko 28
na sektore 41-vsetko 29
na sektore 42-vsetko 2A
na sektore 43-vsetko 2B
na sektore 44-vsetko 2C
na sektore 45-vsetko 2D
na sektore 46-vsetko 2E
na sektore 47-vsetko 2F
na sektore 48-vsetko 30
na sektore 49-vsetko 31
na sektore 50-vsetko 32
na sektore 51-vsetko 33
na sektore 52-vsetko 34
na sektore 53-vsetko 35
na sektore 54-vsetko 36
na sektore 55-vsetko 37
na sektore 56-vsetko 38
na sektore 57-vsetko 39
na sektore 58-vsetko 3A
na sektore 59-vsetko 3B
na sektore 60-vsetko 3C
na sektore 61-vsetko 3D
na sektore 62-vsetko 3E
na sektore 63-vseliake cisla a pismena

#64 Příspěvek od **motji** » 02 úno 2010 08:01

Aby jsme si rozuměli - každý sektor obsahuje spoustu řádků, tady jsem si pujčila obrázek od kolegy,
jsou tam dva sektory z MBR, v tomto případě 0a 8 , ale to není podstatné.
Jen chci, abychom oba mysleli stejnou věc.
0. sektor je v pořádku, ten se nepřepisuje, z něj bootují winows.
Sektory 1-59 by měli tvořit samé 0

Pokud je s 0 nemáte, předpokládám že ne, tak je opravíme.
Pro jistotu si ale udělejte zálohu dat. O. sektor se neopravuje, to by windows nenabootovali.

Je Vám to jasné - můžeme se pustit do opravy?

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
..
..

Rinto · #65 Příspěvek od **Rinto** » 02 úno 2010 15:01

mozeme sa pustit do opravy
pre istotu prikladam screen zo sectoru 5

bez_názvu3.JPG: (172.54 KiB) Staženo 86 x

#66 Příspěvek od **motji** » 02 úno 2010 16:23

Jdeme na to

Naughty píše:spustis HxD
- kliknes otevrit pevny disk (fyzicky disk 1), ale tentokrat odkliknes ze ctverecku fajku "Jen pro cteni"
- program se otevre v edit mode
- najdi sektory 1-59
- oznac mysanem cely sektor 1
- zvol moznost vypln vyber (3 moznost od spodu mezi dvema carami - mam slovenskou verzi) otevre se ti prednastavene hodnoty (mely by tam byt hex 00) das Ok.
- opak i ze zbyvajicimi sektory tj. 2-59
- zavres program, pri zavirani potvrdis zmenu.
- restart pc
- kouknes, zda se skutecne prepsaly sektory

sektor 0 nepřepisovat

Rinto · #67 Příspěvek od **Rinto** » 02 úno 2010 17:52

ok,sectory 1 az 59 vratane prepisane na 00
po restarte skontrolovane,vsade su 00

co dalej?

#68 Příspěvek od **motji** » 02 úno 2010 21:09

Ještě poprosím znovu o nový log z Gmeru

Jak to ted vypadá s počítačem? Myška nemrzne?

Rinto · #69 Příspěvek od **Rinto** » 02 úno 2010 22:59

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-02 21:50:21
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kgnoypog.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-02 22:57:54
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kgnoypog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB4D576B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB4D57574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB4D57A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB4D5714C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB4D5764E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB4D5708C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB4D570F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB4D5776E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB4D5772E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB4D578AE]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB73EE380, 0x550AF5, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[472] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[740] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[740] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE6 0x78 0x95 0x8A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0x17 0x06 0xC2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xAE 0x34 0xBF 0x79 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE6 0x78 0x95 0x8A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0x17 0x06 0xC2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xAE 0x34 0xBF 0x79 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE6 0x78 0x95 0x8A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0x17 0x06 0xC2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xAE 0x34 0xBF 0x79 ...

---- EOF - GMER 1.0.15 ----

myska dnes este ani raz nezamrzla

#70 Příspěvek od **motji** » 02 úno 2010 23:03

A v událostech máte stále chybu atapi?

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe

Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?

Rinto · #71 Příspěvek od **Rinto** » 02 úno 2010 23:28

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-02-02 23:25:50
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 81 GB (68%) free of 120 GB
Total RAM: 2030 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:59, on 2.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9576110484
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4814 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-02-02 23:25:50 ----D---- C:\Program Files\trend micro
2010-02-02 23:25:49 ----D---- C:\rsit
2010-02-01 23:33:17 ----D---- C:\Documents and Settings\Owner\Application Data\Mael
2010-02-01 23:32:00 ----D---- C:\Program Files\HxD
2010-01-31 17:32:53 ----SHD---- C:\RECYCLER
2010-01-31 12:51:40 ----D---- C:\Documents and Settings\Owner\Application Data\WinRAR
2010-01-31 12:51:24 ----D---- C:\Program Files\WinRAR
2010-01-31 12:50:16 ----A---- C:\WINDOWS\wininit.ini
2010-01-31 09:38:19 ----HD---- C:\WINDOWS\PIF
2010-01-31 09:23:50 ----D---- C:\Program Files\Lavalys
2010-01-30 23:54:03 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-30 23:53:56 ----D---- C:\Program Files\Adobe
2010-01-30 18:15:58 ----D---- C:\WINDOWS\ie8updates
2010-01-30 18:13:56 ----HDC---- C:\WINDOWS\ie8
2010-01-30 18:10:51 ----A---- C:\WINDOWS\system32\msdbg2.dll
2010-01-30 18:10:50 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2010-01-30 18:10:49 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2010-01-30 18:10:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2010-01-30 18:10:48 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2010-01-30 15:00:48 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-01-30 15:00:39 ----D---- C:\Program Files\NVIDIA Corporation
2010-01-30 14:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-01-30 14:39:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-01-30 14:39:11 ----D---- C:\WINDOWS\system32\sk-SK
2010-01-30 14:38:30 ----D---- C:\WINDOWS\ie7updates
2010-01-30 14:38:17 ----D---- C:\WINDOWS\WBEM
2010-01-30 14:37:21 ----HDC---- C:\WINDOWS\ie7
2010-01-30 14:37:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-01-30 14:37:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\ieui.dll
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-30 14:33:52 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-01-30 14:33:51 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-30 14:33:51 ----A---- C:\WINDOWS\system32\icardie.dll
2010-01-30 14:33:51 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2010-01-30 14:33:48 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2010-01-30 14:33:44 ----D---- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
2010-01-30 14:33:05 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-01-30 14:33:05 ----D---- C:\Program Files\Windows Desktop Search
2010-01-30 14:32:43 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-01-30 14:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-01-29 22:46:46 ----A---- C:\Boot.bak
2010-01-29 22:46:43 ----RASHD---- C:\cmdcons
2010-01-29 20:31:15 ----D---- C:\Program Files\Mozilla Firefox
2010-01-29 19:33:51 ----D---- C:\WINDOWS\Minidump
2010-01-29 18:17:44 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2010-01-29 18:17:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-29 18:17:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-29 18:10:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-29 17:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-01-29 17:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-01-29 17:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-29 17:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-29 17:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-01-29 17:27:53 ----D---- C:\Program Files\CCleaner
2010-01-29 17:00:44 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvcolor.exe
2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-01-11 21:29:16 ----D---- C:\Documents and Settings\Owner\Application Data\ESET
2010-01-11 20:38:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-01-11 20:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-11 20:38:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-01-11 20:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-01-11 20:38:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-01-11 20:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-01-11 20:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-11 20:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-01-11 20:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-01-11 20:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-01-11 20:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-01-11 20:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-01-11 20:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-01-11 20:37:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-01-11 20:36:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-11 20:36:12 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$

======List of files/folders modified in the last 1 months======

2010-02-02 23:25:59 ----D---- C:\WINDOWS\Prefetch
2010-02-02 23:25:50 ----RD---- C:\Program Files
2010-02-02 23:22:23 ----D---- C:\WINDOWS
2010-02-02 23:22:01 ----D---- C:\WINDOWS\Temp
2010-02-02 23:21:32 ----SHD---- C:\System Volume Information
2010-02-02 23:21:32 ----D---- C:\WINDOWS\system32\Restore
2010-02-02 23:20:12 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-02-02 00:27:14 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-01 18:31:48 ----D---- C:\WINDOWS\system32\NtmsData
2010-02-01 18:30:22 ----HD---- C:\WINDOWS\inf
2010-01-31 17:32:57 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-31 13:31:32 ----D---- C:\WINDOWS\system32\drivers
2010-01-31 13:17:49 ----A---- C:\WINDOWS\system.ini
2010-01-31 13:16:54 ----D---- C:\WINDOWS\system32
2010-01-31 13:16:54 ----D---- C:\WINDOWS\AppPatch
2010-01-31 13:16:53 ----D---- C:\Program Files\Common Files
2010-01-30 23:54:37 ----SHD---- C:\WINDOWS\Installer
2010-01-30 23:54:03 ----D---- C:\WINDOWS\WinSxS
2010-01-30 23:54:03 ----D---- C:\Program Files\Common Files\Adobe
2010-01-30 21:40:11 ----HDC---- C:\Documents and Settings\All Users\Application Data\{FC0EF073-EDB5-4CBE-B92D-5CE9A223F37B}
2010-01-30 21:40:07 ----HDC---- C:\Documents and Settings\All Users\Application Data\{F444439B-B473-48E8-8DE5-4CB929C79A9F}
2010-01-30 21:33:23 ----D---- C:\WINDOWS\Debug
2010-01-30 20:05:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-30 20:05:27 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-30 18:19:37 ----D---- C:\WINDOWS\Media
2010-01-30 18:19:37 ----D---- C:\WINDOWS\Help
2010-01-30 18:19:37 ----D---- C:\Program Files\Internet Explorer
2010-01-30 15:59:44 ----D---- C:\Program Files\Opera
2010-01-30 15:45:14 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-01-30 15:00:47 ----D---- C:\WINDOWS\nview
2010-01-30 15:00:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-30 14:46:10 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-30 14:39:01 ----D---- C:\WINDOWS\system32\en-us
2010-01-30 14:33:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-30 14:33:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-30 14:33:05 ----D---- C:\WINDOWS\system32\wbem
2010-01-29 22:46:46 ----RASH---- C:\boot.ini
2010-01-29 21:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2010-01-29 20:31:46 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla
2010-01-29 17:06:17 ----D---- C:\Documents and Settings
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-01-12 12:03:34 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-01-11 21:01:20 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-11 21:01:18 ----RSD---- C:\WINDOWS\assembly
2010-01-11 20:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-11 20:30:48 ----A---- C:\WINDOWS\win.ini
2010-01-11 20:23:12 ----D---- C:\WINDOWS\system32\config
2010-01-11 20:22:54 ----D---- C:\WINDOWS\Registration
2010-01-05 11:00:21 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-06-08 254872]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-04-10 1271032]
R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-05-01 223128]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2007-06-08 54272]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

pocitac zatial bezi bez chyby,kurzor nemrzne

#72 Příspěvek od **motji** » 03 úno 2010 16:55

spusťte přejmenované HJT C:\Program Files\trend micro\Owner.exe

-Klikněte na "Do a system scan only"
-u řádku
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)

Dejte fajfku do čtverečku a zmáčkněte Fix checked
-restartujte pc

Otestujte na www.virustotal.com
C:\WINDOWS\bdoscandel.exe

Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980

Jsou nějaké problémy s počítačem?

Rinto · #73 Příspěvek od **Rinto** » 03 úno 2010 17:52

tu je novy log z HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:02, on 3.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9576110484
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4471 bytes

http://www.virustotal.com/analisis/07fe ... 1265215691

FW bude Kerio personal firewall

pocitac ide bez problemov

#74 Příspěvek od **motji** » 03 úno 2010 20:07

Virustotal se mi nenačetl, bylo to čisté?
Pokud nejsou problémy, je to vše

.

Rinto · #75 Příspěvek od **Rinto** » 03 úno 2010 21:55

na virustotal to bolo ciste 0/39
Dakujem velmi pekne za pomoc,nech sa vam dari

VIRY.CZ

Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

Re: Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi