po zapnutí PC naběhne ERROR

Zpráva

SorryToHereToKillYou

Zdravím když zapnu PC naběhne mi ERROR předem se omlouvam sem naprostý začátečník jen bych se rád zbavil erroru a zkontroloval PC jestli vnem neni neco co tam nepatři tady je ted error (Java Virtual Machine Launcher) Error:could not open ‘C:\Program Files\Java\jre6\lib\i386\jvm.cfg‘ vím že je to zpusobene programem java virtual machine ale ted sem odistaloval a celou složku smazal složka zmizela ale error zustal samozdrejme se zacal obevovat až po smazani programu vim že sem v necem udelal chybu a ted vas prosim pomozte mi to nak napravit opravdu sem laik a rad bych se toho nak zbavil tak vas moc prosim dekuji

SorryToHereToKillYou

SorryToHereToKillYou píše:Zdravím když zapnu PC naběhne mi ERROR předem se omlouvam sem naprostý začátečník jen bych se rád zbavil erroru a zkontroloval PC jestli vnem neni neco co tam nepatři tady je ted error (Java Virtual Machine Launcher) Error:could not open ‘C:\Program Files\Java\jre6\lib\i386\jvm.cfg‘ vím že je to zpusobene programem java virtual machine ale ted sem odistaloval a celou složku smazal složka zmizela ale error zustal samozdrejme se zacal obevovat až po smazani programu vim že sem v necem udelal chybu a ted vas prosim pomozte mi to nak napravit opravdu sem laik a rad bych se toho nak zbavil tak vas moc prosim dekuji

#3 Příspěvek od **motji** » 24 črc 2010 23:45

Dobrý večer

poprosím Vás o log ze Rsitu, viz můj podpis

SorryToHereToKillYou

Moc děkuji jak sem se zapomel zminit PC je nas vic proto mi nektere programi nic nerykaji ja zastanu max icq skype a internet a proto si prypadam na svem PC jako cizinec ale i presto sem nakopiruju vse co mi vyjelo z rsitu Logfile of random's system information tool 1.08 (written by random/random)
Run by Uživatel at 2010-07-25 00:58:33
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 270 GB (88%) free of 305 GB
Total RAM: 1015 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:58:39, on 25.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Documents and Settings\Uživatel\Plocha\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (file missing)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [adsnwi] C:\WINDOWS\system32\adsnwi.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SIMBAR={940EC1B2-8FD6-41C2-B132-EAAAEA781B81}; GTB6.3)" -"http://www.miniclip.com/games/bp-ultima ... llenge/en/"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/UIVATE~1/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

--
End of file - 9138 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files\Zynga\tbZyng.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-29 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-05-19 1117976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-07-09 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files\Zynga\tbZyng.dll []
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll []
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-07-09 2515552]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-17 17508864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"adsnwi"=C:\WINDOWS\system32\adsnwi.exe [2007-04-04 20480]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-05-05 462104]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-03-07 39408]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-03-28 323392]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-06-08 133368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-21 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Disabled:vietcong"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\FarmHelper\Bot.exe"="C:\FarmHelper\Bot.exe:*:Disabled:Bot"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Disabled:metin2client"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Web Speed Analyzer\was.exe"="C:\Program Files\Web Speed Analyzer\was.exe:*:Disabled:was"
"C:\FarmHelper\FVBot.exe"="C:\FarmHelper\FVBot.exe:*:Disabled:FVBot"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-07-25 00:53:07 ----D---- C:\rsit
2010-07-25 00:53:07 ----D---- C:\Program Files\trend micro
2010-07-24 15:59:27 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DivX
2010-07-24 15:57:10 ----D---- C:\Program Files\Common Files\Yahoo!
2010-07-24 15:57:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle VideoSpin
2010-07-22 00:44:10 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Ambient Design
2010-07-21 19:34:09 ----D---- C:\Program Files\Valve
2010-07-20 14:08:15 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Desktopicon
2010-07-20 14:08:05 ----A---- C:\WINDOWS\system32\vbzlib1.dll
2010-07-20 14:08:03 ----D---- C:\Program Files\DsNET Corp
2010-07-14 04:21:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-13 16:12:51 ----D---- C:\Program Files\Mozilla Firefox
2010-06-30 22:04:00 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\gtk-2.0
2010-06-30 21:55:52 ----D---- C:\Program Files\GIMP-2.0
2010-06-30 15:21:58 ----A---- C:\WINDOWS\system32\pvmjpg30.dll
2010-06-30 15:21:58 ----A---- C:\WINDOWS\system32\LTRPR13n.DLL
2010-06-30 15:21:58 ----A---- C:\WINDOWS\system32\LTRIO13N.DLL
2010-06-30 15:21:58 ----A---- C:\WINDOWS\system32\LTRFD13n.DLL
2010-06-30 15:21:58 ----A---- C:\WINDOWS\system32\ltr13n.dll
2010-06-30 15:21:58 ----A---- C:\WINDOWS\system32\DiskIO.dll
2010-06-30 15:21:55 ----A---- C:\WINDOWS\system32\msxml4a.dll
2010-06-30 15:21:55 ----A---- C:\WINDOWS\system32\MMAviAx.dll
2010-06-30 15:21:55 ----A---- C:\WINDOWS\system32\MLPagAx.dll
2010-06-30 15:21:55 ----A---- C:\WINDOWS\system32\Aviprax.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\LTCLR13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfwmf13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lftif13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lftga13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfpsd13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfpng13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfpcx13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfpct13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfpcd13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\LFJ2K13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfgif13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lffax13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfeps13s.dll
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\LFCMP13s.DLL
2010-06-30 15:21:54 ----A---- C:\WINDOWS\system32\lfbmp13s.dll
2010-06-30 15:20:05 ----A---- C:\WINDOWS\system32\atl71.dll
2010-06-30 15:20:05 ----A---- C:\WINDOWS\system32\ATL70.DLL
2010-06-30 15:20:03 ----A---- C:\WINDOWS\VFO.INI
2010-06-30 15:19:24 ----D---- C:\WINDOWS\Downloaded Installations
2010-06-30 15:19:21 ----A---- C:\WINDOWS\system32\MSVCI70.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71u.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71FRA.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2010-06-30 15:19:20 ----A---- C:\WINDOWS\system32\MFC70U.DLL
2010-06-30 15:18:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
2010-06-30 15:17:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2010-06-30 15:17:19 ----A---- C:\WINDOWS\system32\drivers\Pclepci.sys
2010-06-29 23:12:25 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Antispam Scanner

======List of files/folders modified in the last 1 months======

2010-07-25 00:58:18 ----D---- C:\WINDOWS\Temp
2010-07-25 00:57:58 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2010-07-25 00:57:47 ----D---- C:\Program Files\DNA
2010-07-25 00:57:47 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DNA
2010-07-25 00:56:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-25 00:56:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
2010-07-25 00:53:16 ----D---- C:\WINDOWS\Prefetch
2010-07-25 00:53:07 ----D---- C:\Program Files
2010-07-25 00:03:06 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
2010-07-24 23:51:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-24 23:50:36 ----D---- C:\Program Files\Common Files
2010-07-24 23:34:23 ----D---- C:\WINDOWS
2010-07-24 15:58:17 ----SHD---- C:\WINDOWS\Installer
2010-07-24 15:58:12 ----SHD---- C:\Config.Msi
2010-07-24 15:57:47 ----RSD---- C:\WINDOWS\Fonts
2010-07-24 15:57:14 ----D---- C:\WINDOWS\WinSxS
2010-07-24 15:57:12 ----D---- C:\WINDOWS\system32
2010-07-21 18:47:30 ----D---- C:\Shoty
2010-07-21 00:49:34 ----HD---- C:\WINDOWS\inf
2010-07-14 04:21:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-14 04:21:07 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-14 04:20:05 ----D---- C:\WINDOWS\Debug
2010-07-12 23:34:57 ----D---- C:\WINDOWS\Help
2010-07-09 19:17:59 ----D---- C:\Program Files\BS_Player
2010-07-06 20:07:10 ----SD---- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
2010-07-06 20:07:10 ----D---- C:\WINDOWS\system32\drivers
2010-07-06 20:06:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-30 15:20:03 ----A---- C:\AUTOEXEC.BAT
2010-06-30 15:13:55 ----D---- C:\Program Files\WinRAR
2010-06-28 22:57:12 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-28 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-17 5026816]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-08-28 111104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 apkflgmm;apkflgmm; C:\WINDOWS\system32\drivers\apkflgmm.sys []
S3 AX88172;ASIX AX88172 USB2 to Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\ax88172.sys [2003-05-26 11264]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-03-16 75064]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf []
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-07 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

SorryToHereToKillYou

a moc děkuji za bleskovou odpověd vřele doporučím svím známím sem ohromen

a omlouvam se že sem zkopiroval vse ale poznal sem par kroku co sem udelal na PC ale projistotu abych si nenechal neco potrebneho nevedomky doma sem nakopcil vse tak se omlouvam :S sem opravdu laik

#6 Příspěvek od **motji** » 25 črc 2010 00:13

To je v pořádku, neomlouvejte se

.
Nejdřív mrkneme na breberky, pročistíme a uvidíme co pc na to

.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Já už dnes končím, pokračování zítra..sem tam nakouknu, budu tu hlavně večer

SorryToHereToKillYou

Snad sem udělal vse zpravne vsechno sem vypnul a dokud mi nevijel log ani sem nehnul mysi

snad sem tomuhle sikovnemu programku nak nepletl do cesty

ComboFix 10-07-24.01 - Uživatel 25.07.2010 1:30.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1015.682 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Ijl11.dll
c:\windows\system32\mxpvct22.dat
c:\windows\system32\mxpvct25.dat
c:\windows\system32\vbpng1.dll
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-24 do 2010-07-24 )))))))))))))))))))))))))))))))
.

2010-07-24 22:53 . 2010-07-24 22:58 -------- d-----w- c:\program files\trend micro
2010-07-24 22:53 . 2010-07-24 22:53 -------- d-----w- C:\rsit
2010-07-24 13:57 . 2010-07-24 13:57 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-07-21 17:34 . 2010-07-23 18:23 -------- d-----w- c:\program files\Valve
2010-07-20 12:08 . 2010-07-20 12:08 -------- d-----w- c:\program files\DsNET Corp
2010-07-14 01:03 . 2010-06-14 14:30 743936 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-30 19:55 . 2010-06-30 19:55 -------- d-----w- c:\program files\GIMP-2.0
2010-06-30 13:26 . 2010-07-24 13:59 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2010-06-30 13:20 . 2004-07-02 14:28 89088 ----a-w- c:\windows\system32\atl71.dll
2010-06-30 13:20 . 2004-07-02 14:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2010-06-30 13:17 . 2005-02-09 09:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys
2010-06-30 11:08 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-24 22:57 . 2010-03-28 17:51 -------- d-----w- c:\program files\DNA
2010-07-09 17:17 . 2010-06-10 19:04 -------- d-----w- c:\program files\BS_Player
2010-07-06 18:06 . 2009-07-02 12:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-28 20:57 . 2009-07-02 12:05 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2009-07-02 12:05 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2009-07-02 12:05 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2009-07-02 12:05 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2009-07-02 12:05 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2009-07-02 12:05 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2009-07-02 12:05 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2009-07-02 12:05 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-24 15:04 . 2010-06-24 15:04 -------- d-----w- c:\program files\Rockstar Games
2010-06-24 15:01 . 2010-06-24 15:01 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-24 13:43 . 2010-06-24 13:24 -------- d-----w- c:\program files\VstPlugins
2010-06-24 13:42 . 2010-06-24 13:20 -------- d-----w- c:\program files\Image-Line
2010-06-24 08:23 . 2001-10-25 14:00 79220 ----a-w- c:\windows\system32\perfc005.dat
2010-06-24 08:23 . 2001-10-25 14:00 432272 ----a-w- c:\windows\system32\perfh005.dat
2010-06-14 14:30 . 2009-07-02 11:35 743936 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-11 11:56 . 2010-02-10 19:27 -------- d-----w- c:\program files\ICQ7.0
2010-06-10 19:16 . 2009-07-05 20:57 -------- d-----w- c:\program files\Nero
2010-06-10 19:03 . 2010-06-10 19:03 -------- d-----w- c:\program files\Webteh
2010-05-28 10:45 . 2009-09-21 18:57 -------- d-----w- c:\program files\Seznam.cz
2010-05-06 10:35 . 2002-09-20 18:05 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:27 . 2002-09-20 17:41 1850880 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-07-09 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-07-09 17:18 2515552 ----a-w- c:\program files\BS_Player\tbBS_1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-07-09 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-07-09 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-05-05 462104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-07 39408]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-03-28 323392]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-06-08 133368]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-21 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"adsnwi"="c:\windows\system32\adsnwi.exe" [2007-04-04 20480]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.7.2009 14:05 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.7.2009 14:05 17744]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7.3.2010 14:32 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.7.2009 14:11 1684736]
S3 AX88172;ASIX AX88172 USB2 to Fast Ethernet Adapter;c:\windows\system32\drivers\ax88172.sys [2.7.2009 13:59 11264]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2010 20:07 691696]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 12:32]

2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 12:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = socks=
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ro9tom20.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - BS Player Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\Zynga\tbZyng.dll
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\AskBarDis\bar\bin\askBar.dll
BHO-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\Zynga\tbZyng.dll
Toolbar-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\Zynga\tbZyng.dll
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\AskBarDis\bar\bin\askBar.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - c:\program files\Zynga\tbZyng.dll
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\AskBarDis\bar\bin\askBar.dll
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-AtomicLog 2.3 - c:\progra~1\ATOMIC~1\UNWISE.EXE
AddRemove-Zynga Toolbar - c:\progra~1\Zynga\UNWISE.EXE
AddRemove-{03492c98-8406-471d-967a-7e22e6899221} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-25 01:38
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2010-07-25 01:40:38
ComboFix-quarantined-files.txt 2010-07-24 23:40

Před spuštěním: Volných bajtů: 282 781 208 576
Po spuštění: Volných bajtů: 283 422 855 168

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 22AC7E67681E1F1ABB6394001EEF3900

snad je vše v poradku hned po zkopirovani sem vse zapl do puvodni pozice pokud to nevadi? myslim že by nemelo test už byl u konce ale jen sem chtel upozornit že jestli nevadi že po stvrzeni smluvnich podminek mi vyzkocilo okno a pocitac se restartoval :S snad to nevadi myslim že to byl učel ale jen abys ste vedeli jak to probyhalo což asi vite ale proste se snažim byt napomocny

moc dekuji za vse a tesim se na radu Mam pocit když na to koukam že je tam naka mrcha

#8 Příspěvek od **motji** » 25 črc 2010 10:39

Udělal jste to dobře.

Otestujte na www.virustotal.com

c:\windows\system32\adsnwi.exe
c:\windows\system32\drivers\Pclepci.sys

-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.

SorryToHereToKillYou

děkuji kdyby nebylo vas tak sem tam kde sem byl bohužel do toho okenka se mi to odmita nakopirovat ctrl + v nic tak to hledam manualne podle nazvu

SorryToHereToKillYou

<a href='http://info.prevx.com/aboutprogramtext. ... 003E7AB933' target='_blank'>http://info.prevx.com/aboutprogramtext. ... E7AB933</a>

#11 Příspěvek od **motji** » 25 črc 2010 11:27

Počkejte, co jste mi to sem dal? Já chci výsledky z virustotalu.
Normálně myšítkem označíte tu cerstu k osuboru - právým tlačítkem klik - zkopírovat, a nakopírujete to do tohoto okénka

SorryToHereToKillYou

Bužel link je nefunkcni tak to musim prekopirovat neprehledne ale link nefunguje

Soubor adsnwi.exe přijatý 2010.07.25 09:53:27 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 27/42 (64.29%)

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.07.24.01 2010.07.23 Win-Trojan/Xema.variant
AntiVir 8.2.4.26 2010.07.23 SPR/PowerSpy.F.1
Antiy-AVL 2.0.3.7 2010.07.23 Monitor/Win32.PowerSpy.gen
Authentium 5.2.0.5 2010.07.24 W32/Monitor.BAB
Avast 4.8.1351.0 2010.07.25 -
Avast5 5.0.332.0 2010.07.25 -
AVG 9.0.0.851 2010.07.25 Logger.DAB
BitDefender 7.2 2010.07.25 Trojan.Generic.704104
CAT-QuickHeal 11.00 2010.07.24 -
ClamAV 0.96.0.3-git 2010.07.24 -
Comodo 5533 2010.07.25 Application.Win32.PowerSpy.~F
DrWeb 5.0.2.03300 2010.07.25 -
Emsisoft 5.0.0.34 2010.07.25 Riskware.Monitor.Win32.PowerSpy!IK
eSafe 7.0.17.0 2010.07.22 -
eTrust-Vet 36.1.7734 2010.07.24 -
F-Prot 4.6.1.107 2010.07.24 W32/Monitor.BAB
F-Secure 9.0.15370.0 2010.07.25 Trojan.Generic.704104
Fortinet 4.1.143.0 2010.07.24 -
GData 21 2010.07.24 Trojan.Generic.704104
Ikarus T3.1.1.84.0 2010.07.25 not-a-virus:Monitor.Win32.PowerSpy
Jiangmin 13.0.900 2010.07.25 -
Kaspersky 7.0.0.125 2010.07.25 not-a-virus:Monitor.Win32.PowerSpy.f
McAfee 5.400.0.1158 2010.07.25 Spyware-PowerSpy
McAfee-GW-Edition 2010.1 2010.07.25 Spyware-PowerSpy
Microsoft 1.6004 2010.07.25 MonitoringTool:Win32/Powerspy.A
NOD32 5309 2010.07.24 a variant of Win32/PowerSpy
Norman 6.05.11 2010.07.25 W32/Powerspy.AN
nProtect 2010-07-25.02 2010.07.25 Trojan/W32.Agent.20480.ACY
Panda 10.0.2.7 2010.07.25 Application/PowerSpy PCTools 7.0.3.5 2010.07.25 Spyware.PowerSpy
Prevx 3.0 2010.07.25 High Risk Worm
Rising 22.57.03.08 2010.07.23 -
Sophos 4.55.0 2010.07.25 -
Sunbelt 6634 2010.07.25 ICQ Spy Monitor
SUPERAntiSpyware 4.40.0.1006 2010.07.25 -
Symantec 20101.1.1.7 2010.07.25 Spyware.PowerSpy
TheHacker 6.5.2.1.324 2010.07.25 -
TrendMicro 9.120.0.1004 2010.07.25 GRAY_Gen.4X1539
TrendMicro-HouseCall 9.120.0.1004 2010.07.25 GRAY_Gen.4X1539
VBA32 3.12.12.6 2010.07.23 MAS.Trojan.VB.0359
ViRobot 2010.7.23.3956 2010.07.24 -
VirusBuster 5.0.27.0 2010.07.24 -

Rozšiřující informace
File size: 20480 bytes
MD5...: 8a9f8dadbbca557ca8cf084633690b19
SHA1..: 50184fcde245848bab02343485f5ac2c47b42a32
SHA256: 3ffca94587a66789963a44eadd7585c25318df84806478f2a94824f9941f6a8b
ssdeep: 96:/lx4Wvuh8c/cgZjHZmifBPVADGej1elWIS6+a4V2kKYD304A0uOWgZxq2:/TU
8c/cgnZSqej1S3+a4DfD304DWKq

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1298
timedatestamp.....: 0x4614786c (Thu Apr 05 04:17:48 2007)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1fb4 0x2000 4.78 7b2b9ed796d12c8f0832d4c5f5f07ec7
.data 0x3000 0x9f4 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x4000 0xc40 0x1000 2.16 1984a090b8fc5a0e56793af3684e0d82

( 1 imports )
> MSVBVM60.DLL: _CIcos, _adj_fptan, __vbaFreeVar, __vbaStrVarMove, __vbaLenBstr, __vbaFreeVarList, __vbaEnd, _adj_fdiv_m64, _adj_fprem1, __vbaStrCat, __vbaSetSystemError, __vbaHresultCheckObj, _adj_fdiv_m32, __vbaExitProc, __vbaOnError, _adj_fdiv_m16i, _adj_fdivr_m16i, _CIsin, -, __vbaChkstk, EVENT_SINK_AddRef, __vbaStrCmp, DllFunctionCall, _adj_fpatan, EVENT_SINK_Release, -, _CIsqrt, EVENT_SINK_QueryInterface, __vbaExceptHandler, __vbaStrToUnicode, -, _adj_fprem, _adj_fdivr_m64, -, -, __vbaFPException, __vbaStrVarVal, __vbaVarCat, __vbaI2Var, -, _CIlog, __vbaErrorOverflow, __vbaNew2, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaI4Str, __vbaFreeStrList, _adj_fdivr_m32, _adj_fdiv_r, -, __vbaVarDup, __vbaStrToAnsi, -, _CIatan, __vbaStrMove, _allmul, _CItan, _CIexp, __vbaFreeStr, __vbaFreeObj

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Microsoft Visual Basic 6 (90.9%)
Win32 Executable Generic (6.1%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: n/a
product......: svchost
description..: Generic Host Process for Win32 Services
original name: adsnwi.exe
internal name: adsnwi
file version.: 1.00.0004
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

SorryToHereToKillYou

a druhy testovany

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.07.24.01 2010.07.23 -
AntiVir 8.2.4.26 2010.07.23 -
Antiy-AVL 2.0.3.7 2010.07.23 -
Authentium 5.2.0.5 2010.07.24 -
Avast 4.8.1351.0 2010.07.25 -
Avast5 5.0.332.0 2010.07.25 -
AVG 9.0.0.851 2010.07.25 -
BitDefender 7.2 2010.07.25 -
CAT-QuickHeal 11.00 2010.07.24 -
ClamAV 0.96.0.3-git 2010.07.24 -
Comodo 5533 2010.07.25 -
DrWeb 5.0.2.03300 2010.07.25 -
Emsisoft 5.0.0.34 2010.07.25 -
eSafe 7.0.17.0 2010.07.22 Win32.TrojanHorse
eTrust-Vet 36.1.7734 2010.07.24 -
F-Prot 4.6.1.107 2010.07.24 -
F-Secure 9.0.15370.0 2010.07.25 -
Fortinet 4.1.143.0 2010.07.24 -
GData 21 2010.07.24 -
Ikarus T3.1.1.84.0 2010.07.25 -
Jiangmin 13.0.900 2010.07.25 -
Kaspersky 7.0.0.125 2010.07.25 -
McAfee 5.400.0.1158 2010.07.25 -
McAfee-GW-Edition 2010.1 2010.07.25 -
Microsoft 1.6004 2010.07.25 -
NOD32 5309 2010.07.24 -
Norman 6.05.11 2010.07.25 -
nProtect 2010-07-25.02 2010.07.25 -
Panda 10.0.2.7 2010.07.25 -
PCTools 7.0.3.5 2010.07.25 -
Prevx 3.0 2010.07.25 -
Rising 22.57.03.08 2010.07.23 -
Sophos 4.55.0 2010.07.25 -
Sunbelt 6634 2010.07.25 -
SUPERAntiSpyware 4.40.0.1006 2010.07.25 -
Symantec 20101.1.1.7 2010.07.25 -
TheHacker 6.5.2.1.324 2010.07.25 -
TrendMicro 9.120.0.1004 2010.07.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.25 -
VBA32 3.12.12.6 2010.07.23 -
ViRobot 2010.7.23.3956 2010.07.24 -
VirusBuster 5.0.27.0 2010.07.24 -

Rozšiřující informace
File size: 14165 bytes
MD5...: 1bebe7de8508a02650cdce45c664c2a2
SHA1..: f9642134d06d7557aef6658e7f6d0547900d7ba2
SHA256: 67841ea7f1f6b7f19abd38a004b23610a21ad5bd5e508eed16cc7856cbe44d9c
ssdeep: 192:MKpjipm7WcrpgVJZ78yVXnyDLk0LunDSNn6G0/+Q+WR5istKyhM9ONSmeOv:
vgiVpgVJZ78y1nABpQRiaKx9ONZv

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x289c
timedatestamp.....: 0x3b988ed3 (Fri Sep 07 09:09:39 2001)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x2e0 0x1584 0x15a0 6.29 67a2eff7303ad2ef4d037b257148b8cb
.data 0x1880 0x4e9 0x500 0.68 9ce1d2feee203025f7f620e39a15c45f
.CRT 0x1d80 0xc 0x20 0.60 591d9c1890ac4fd20bbbe94fab6c0d8e
PAGE 0x1da0 0x9dc 0x9e0 6.15 5336c0f880671c4e693024cb1ce9de2d
INIT 0x2780 0x7be 0x7c0 6.13 c171e97e244594a7ca58d4ed7130bf5f
.rsrc 0x2f40 0x3c0 0x3c0 3.28 dcf66f99ec83bd9e333296faeb750ed5
.reloc 0x3300 0x410 0x420 4.64 c3ea300584fe7c6869bdd6263e2a466c

( 2 imports )
> ntoskrnl.exe: IofCompleteRequest, _purecall, ZwClose, MmMapLockedPages, RtlInitUnicodeString, RtlInitAnsiString, ObfDereferenceObject, InterlockedIncrement, DbgBreakPoint, DbgPrint, _vsnprintf, InterlockedDecrement, RtlAppendUnicodeStringToString, IoDeleteDevice, IoDeleteSymbolicLink, IoCreateSymbolicLink, IoCreateDevice, ExAllocatePoolWithTag, ExFreePool, IoUnregisterShutdownNotification, memmove, RtlIntegerToUnicodeString, ZwOpenKey, ZwCreateKey, ExQueueWorkItem, IoAcquireCancelSpinLock, InterlockedExchange, IoReleaseCancelSpinLock, KeInitializeSpinLock, IoGetDeviceObjectPointer, KeWaitForSingleObject, IofCallDriver, IoBuildDeviceIoControlRequest, KeInitializeEvent, IoRegisterShutdownNotification
> HAL.dll: KfLowerIrql, KeGetCurrentIrql, WRITE_PORT_ULONG, READ_PORT_ULONG, KfReleaseSpinLock, KfAcquireSpinLock

( 0 exports )

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: Pinnacle Systems GmbH
copyright....: Copyright (c) Pinnacle Systems GmbH 2001
product......: PCLEPCI
description..: PCLEPCI
original name: PCLEPCI.sys
internal name: PCLEPCI.sys
file version.: 1.06
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

snad je to ono co chcete

#14 Příspěvek od **motji** » 25 črc 2010 11:42

Já teď musím od počítače a přijdu asi večer a pak to smažeme

Zatím můžete ještě udělat mbam.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

SorryToHereToKillYou

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4345

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

25.7.2010 21:17:33
mbam-log-2010-07-25 (21-17-33).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 192482
Uplynulý čas: 51 minuta(y), 45 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

VIRY.CZ

po zapnutí PC naběhne ERROR

po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR

Re: po zapnutí PC naběhne ERROR