Zaseknuty Win XP

[jenda03]

Dobry den,kdyz zapnu PC tak se sekne a nejde na nic kliknout,bezi akorat ve stavu nouze. prosim pomozte.PC sem projel CCleaner a Tcleaner mi pise chybu.dekuji za odpoved.

zde prikladam LOG:

Logfile of random's system information tool 1.07 (written by random/random)
Run by Administrator at 2010-07-08 14:35:25
WIN_XP Service Pack 1
System drive C: has 7 GB (36%) free of 19 GB
Total RAM: 255 MB (56% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - C:\WINDOWS\System32\msdxm.ocx [2002-09-20 844828]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2005-05-01 98304]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\CTFMON.EXE [2002-09-20 13312]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-11-15 1670144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"NoResolveSearch"=
"NoPopUpsOnBoot"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-07-08 14:35:25 ----D---- C:\rsit
2010-07-08 14:35:25 ----D---- C:\Program Files\trend micro
2010-07-08 14:26:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\MSN6
2010-07-08 14:26:50 ----D---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\MSN6
2010-07-08 13:23:36 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-08 13:02:06 ----D---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\IObit
2010-07-08 12:55:02 ----SD---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\Microsoft
2010-07-08 12:55:02 ----ASH---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\desktop.ini
2010-07-08 12:40:15 ----D---- C:\WINDOWS\CSC
2010-07-06 16:38:36 ----D---- C:\Program Files\Ptáčci
2010-07-03 20:13:10 ----SHD---- C:\FOUND.056

======List of files/folders modified in the last 1 months======


======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-13 3279]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-28 51968]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-28 19328]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2010-05-06 28880]
S1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2002-09-20 34944]
S1 aswSP;aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [2010-05-06 164048]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-06 46672]
S1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
S1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2010-05-06 100432]
S2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS []
S3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-06 23376]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-08-28 891711]
S3 PCAlertDriver;PCAlertDriver; \??\C:\Program Files\MSI\PC Alert 4\NTGLM7X.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2001-08-17 23070]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 VIAudio;VIA AC'97 Enhanced Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2001-11-08 42752]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\System32\drivers\CDAC11BA.EXE [2006-01-15 39936]
S2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
S2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-10 38912]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

-----------------EOF-----------------

[Rudy]

V logu nic nebezpečného nevidím. Zkuste obnovu systému k datu, kdy korektně fungoval.

[jenda03]

Bod obnoveni sem daval ale nic.i posledni znamou funkcni konfiguraci ale nic. on ten PC nabehne ale pokavad chci otevrit slozku tak na ni 2x kliknu,ukazou se presipaci hodiny a konec.musim restartovat a takhle to jde dokola.

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware