VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zaseknuty Win XP

https://forum.viry.cz:443/viewtopic.php?t=102523

Stránka 1 z 1

Zaseknuty Win XP

Napsal: 08 črc 2010 13:38
od jenda03
Dobry den,kdyz zapnu PC tak se sekne a nejde na nic kliknout,bezi akorat ve stavu nouze. prosim pomozte.PC sem projel CCleaner a Tcleaner mi pise chybu.dekuji za odpoved.

zde prikladam LOG:

Logfile of random's system information tool 1.07 (written by random/random)
Run by Administrator at 2010-07-08 14:35:25
WIN_XP Service Pack 1
System drive C: has 7 GB (36%) free of 19 GB
Total RAM: 255 MB (56% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - C:\WINDOWS\System32\msdxm.ocx [2002-09-20 844828]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2005-05-01 98304]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\CTFMON.EXE [2002-09-20 13312]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-11-15 1670144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"NoResolveSearch"=
"NoPopUpsOnBoot"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-07-08 14:35:25 ----D---- C:\rsit
2010-07-08 14:35:25 ----D---- C:\Program Files\trend micro
2010-07-08 14:26:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\MSN6
2010-07-08 14:26:50 ----D---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\MSN6
2010-07-08 13:23:36 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-08 13:02:06 ----D---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\IObit
2010-07-08 12:55:02 ----SD---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\Microsoft
2010-07-08 12:55:02 ----ASH---- C:\Documents and Settings\Administrator.HOMESTAT.000\Data aplikací\desktop.ini
2010-07-08 12:40:15 ----D---- C:\WINDOWS\CSC
2010-07-06 16:38:36 ----D---- C:\Program Files\Ptáčci
2010-07-03 20:13:10 ----SHD---- C:\FOUND.056

======List of files/folders modified in the last 1 months======


======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-13 3279]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-28 51968]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-28 19328]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2010-05-06 28880]
S1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2002-09-20 34944]
S1 aswSP;aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [2010-05-06 164048]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-06 46672]
S1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
S1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2010-05-06 100432]
S2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS []
S3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-06 23376]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-08-28 891711]
S3 PCAlertDriver;PCAlertDriver; \??\C:\Program Files\MSI\PC Alert 4\NTGLM7X.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2001-08-17 23070]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 VIAudio;VIA AC'97 Enhanced Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2001-11-08 42752]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\System32\drivers\CDAC11BA.EXE [2006-01-15 39936]
S2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
S2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-10 38912]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

-----------------EOF-----------------

Re: Zaseknuty Win XP

Napsal: 08 črc 2010 18:37
od Rudy
V logu nic nebezpečného nevidím. Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: Zaseknuty Win XP

Napsal: 08 črc 2010 19:11
od jenda03
Bod obnoveni sem daval ale nic.i posledni znamou funkcni konfiguraci ale nic. on ten PC nabehne ale pokavad chci otevrit slozku tak na ni 2x kliknu,ukazou se presipaci hodiny a konec.musim restartovat a takhle to jde dokola.

Re: Zaseknuty Win XP

Napsal: 08 črc 2010 20:20
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz