VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nejde načíst seznam a občas ani google

https://forum.viry.cz:443/viewtopic.php?t=103457

Stránka 1 z 1

Nejde načíst seznam a občas ani google

Napsal: 07 srp 2010 10:49
od Kutiltr
Zdravím, poslední dobou se mi vyskytl problém že nenačtu seznam vůbec a google jen někdy, trvá to asi 14 dní, jinak internet jede v pohodě, nic jsem už delší dobu (3 měsíce) neměnil ani neinstaloval, jen aktualizoval podle potřeby. Dělal jsem kompletní test v avastu i ve spyware terminatoru a nic. tak nevím jestli se mi tady něco neschovává nebo co.
Předem děkuji za rady.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kutil at 2010-08-07 19:08:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 35 GB (42%) free of 82 GB
Total RAM: 1015 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:37, on 7.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Elantech\ETDDect.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Kutil\Dokumenty\Download\RSIT.exe
C:\Program Files\trend micro\Kutil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - ashDisp.exe.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {447F8438-8124-4369-905B-A249E13CBBFC} (LgbContent Control) - http://pickles.liveglobalbid.com/install/new/lgbkc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 7395 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-26 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-20 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-20 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-20 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872]
"ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-23 204800]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-03 106496]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-03 593920]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-09 2176512]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-03-02 1800464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-26 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kutil^Nabídka Start^Programy^Po spuštění^wwwpos32.exe]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\Kutil\Nabídka Start\Programy\Po spuštění
Zástupce - ashDisp.exe.lnk - C:\Program Files\Alwil Software\Avast4\ashDisp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-20 208896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2013-08-26 07:57:58 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-08-26 07:57:58 ----A---- C:\WINDOWS\SkyTel.exe
2013-08-26 07:57:58 ----A---- C:\WINDOWS\RtlUpd.exe
2013-08-26 07:57:57 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2013-08-26 07:57:57 ----A---- C:\WINDOWS\RTLCPL.EXE
2013-08-26 07:57:55 ----A---- C:\WINDOWS\RTHDCPL.EXE
2013-08-26 07:57:55 ----A---- C:\WINDOWS\MicCal.exe
2013-08-26 07:57:54 ----D---- C:\Program Files\Realtek
2013-08-26 07:57:54 ----A---- C:\WINDOWS\ALCWZRD.EXE
2013-08-26 07:57:54 ----A---- C:\WINDOWS\ALCMTR.EXE
2013-08-26 07:57:39 ----A---- C:\WINDOWS\RtlExUpd.dll
2013-08-18 05:52:50 ----AC---- C:\WINDOWS\system32\DetectDevice.txt
2013-08-12 07:44:29 ----AC---- C:\WINDOWS\system32\wmpns.dll
2013-08-12 07:43:05 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2013-08-12 07:43:02 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2013-08-12 07:43:01 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2013-08-12 07:42:59 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2013-08-12 07:42:57 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2013-08-12 07:42:55 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2013-08-12 07:42:53 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2013-08-12 07:42:48 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2013-08-12 07:42:48 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-08-12 07:42:46 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-09-18 17:41:00 ----AC---- C:\WINDOWS\system32\btw_ci.dll
2012-09-18 17:41:00 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys
2012-09-18 17:41:00 ----A---- C:\WINDOWS\system32\drivers\btwdndis.sys
2012-09-18 17:40:59 ----A---- C:\WINDOWS\system32\drivers\btport.sys
2012-09-18 17:40:59 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys
2012-09-18 17:40:59 ----A---- C:\WINDOWS\system32\drivers\btaudio.sys
2012-09-18 17:40:54 ----D---- C:\Program Files\WIDCOMM
2011-09-12 01:29:53 ----D---- C:\Program Files\EeePC
2011-09-12 01:29:53 ----A---- C:\WINDOWS\system32\drivers\ASUSACPI.SYS
2011-09-12 00:47:29 ----D---- C:\Program Files\Elantech
2010-08-07 19:08:45 ----D---- C:\rsit
2010-08-03 18:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-02 21:17:19 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-01 13:55:57 ----D---- C:\Program Files\Common Files\Skype
2010-07-14 17:19:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2013-08-26 07:58:10 ----D---- C:\WINDOWS\system32\RTCOM
2013-08-26 07:57:39 ----A---- C:\WINDOWS\HideWin.exe
2013-08-13 11:59:47 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-09-18 19:02:30 ----D---- C:\WINDOWS\repair
2012-09-18 17:48:16 ----AC---- C:\WINDOWS\oemver.txt
2011-09-12 01:29:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-07 19:09:36 ----D---- C:\Program Files\trend micro
2010-08-07 19:01:16 ----D---- C:\Program Files\Mozilla Thunderbird
2010-08-07 19:00:35 ----A---- C:\WINDOWS\wincmd.ini
2010-08-07 18:44:17 ----D---- C:\WINDOWS\Temp
2010-08-07 18:43:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-07 18:42:08 ----D---- C:\WINDOWS
2010-08-07 18:17:13 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-08-07 17:49:38 ----RD---- C:\Program Files
2010-08-07 17:35:03 ----D---- C:\WINDOWS\Network Diagnostic
2010-08-07 17:34:30 ----D---- C:\Documents and Settings\Kutil\Data aplikací\Skype
2010-08-07 17:34:26 ----D---- C:\Documents and Settings\Kutil\Data aplikací\vlc
2010-08-07 15:57:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-08-05 09:48:44 ----D---- C:\Documents and Settings\Kutil\Data aplikací\Spyware Terminator
2010-08-04 17:28:25 ----D---- C:\Documents and Settings\Kutil\Data aplikací\dvdcss
2010-08-03 19:15:36 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 18:40:26 ----D---- C:\Program Files\Mozilla Firefox
2010-08-03 18:28:02 ----D---- C:\WINDOWS\system32
2010-08-03 18:17:45 ----HD---- C:\WINDOWS\inf
2010-08-03 18:17:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-03 18:16:06 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-01 13:58:06 ----SHD---- C:\Config.Msi
2010-08-01 13:56:04 ----SHD---- C:\WINDOWS\Installer
2010-08-01 13:55:57 ----D---- C:\Program Files\Common Files
2010-07-28 20:26:58 ----D---- C:\Documents and Settings\Kutil\Data aplikací\OpenOffice.org2
2010-07-27 16:00:31 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 18:49:19 ----D---- C:\Documents and Settings\Kutil\Data aplikací\XnView
2010-07-14 18:22:57 ----D---- C:\WINDOWS\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-03-02 87104]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-21 43872]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-03-02 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-03-02 25160]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-05 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-20 991656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-20 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-12 36864]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-29 625024]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-25 156816]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-20 47272]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-03-02 723632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-09 488960]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Nejde načíst seznam a občas ani google

Napsal: 07 srp 2010 13:01
od Rudy
1. V PC máte ativir Avast a Comodo IS, které rovněž obsahuje antivir. Avast odinstalujte, nebo alespoň vypněte rezidentní štít.
2. Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Nejde načíst seznam a občas ani google

Napsal: 07 srp 2010 14:56
od Kutiltr
od comoda mám nainstalovaný jenom firewall, tuším že antivir ve free verzi není

ComboFix 10-08-06.03 - Kutil 07.08.2010 23:16:44.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.427 [GMT 9,5:30]
Spuštěný z: c:\documents and settings\Kutil\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100807-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-07-07 do 2010-08-07 )))))))))))))))))))))))))))))))
.

2013-08-25 22:27 . 2008-08-06 13:51 1200128 ----a-w- c:\windows\RtlUpd.exe
2013-08-25 22:27 . 2008-06-18 16:01 77824 ----a-w- c:\windows\SOUNDMAN.EXE
2013-08-25 22:27 . 2007-11-20 16:15 1826816 ----a-w- c:\windows\SkyTel.exe
2013-08-25 22:27 . 2008-08-12 14:10 4751360 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2013-08-25 22:27 . 2008-06-19 14:27 9715200 ----a-w- c:\windows\RTLCPL.EXE
2013-08-25 22:27 . 2008-07-31 13:05 16806912 ----a-w- c:\windows\RTHDCPL.EXE
2013-08-25 22:27 . 2007-06-28 14:44 2165760 ----a-w- c:\windows\MicCal.exe
2013-08-25 22:27 . 2013-08-25 22:27 -------- d-----w- c:\program files\Realtek
2013-08-25 22:27 . 2008-06-19 14:42 2808832 ----a-w- c:\windows\ALCWZRD.EXE
2013-08-25 22:27 . 2008-06-19 14:20 57344 ----a-w- c:\windows\ALCMTR.EXE
2013-08-25 22:27 . 2008-07-29 13:42 528384 ----a-w- c:\windows\RtlExUpd.dll
2013-08-11 22:14 . 2008-04-14 12:00 221184 -c--a-w- c:\windows\system32\wmpns.dll
2013-08-11 22:13 . 2008-04-13 22:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2013-08-11 22:13 . 2008-04-13 22:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2013-08-11 22:13 . 2008-04-13 22:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2013-08-11 22:12 . 2008-04-13 22:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2013-08-11 22:12 . 2008-04-13 22:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2013-08-11 22:12 . 2008-04-13 22:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2013-08-11 22:12 . 2008-04-13 22:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2013-08-11 22:12 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2013-08-11 22:12 . 2008-04-13 22:16 121984 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-08-11 22:12 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-09-18 08:11 . 2008-08-19 20:16 47272 ----a-w- c:\windows\system32\drivers\btwusb.sys
2012-09-18 08:11 . 2008-07-24 15:37 156816 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2012-09-18 08:11 . 2007-09-20 09:59 106557 -c--a-w- c:\windows\system32\btw_ci.dll
2012-09-18 08:10 . 2008-08-19 20:16 991656 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2012-09-18 08:10 . 2008-05-30 09:46 534568 ----a-w- c:\windows\system32\drivers\btaudio.sys
2012-09-18 08:10 . 2008-02-04 15:57 37160 ----a-w- c:\windows\system32\drivers\btport.sys
2012-09-18 08:10 . 2012-09-18 08:10 -------- d-----w- c:\program files\WIDCOMM
2011-09-11 15:59 . 2011-09-11 15:59 -------- d-----w- c:\program files\EeePC
2011-09-11 15:59 . 2008-04-08 13:59 10752 ----a-w- c:\windows\system32\drivers\ASUSACPI.SYS
2011-09-11 15:17 . 2011-09-11 15:17 -------- d-----w- c:\program files\Elantech
2010-08-07 09:38 . 2010-08-07 09:39 -------- d-----w- C:\rsit
2010-08-02 11:47 . 2010-08-02 11:47 -------- d-----w- c:\windows\system32\NtmsData
2010-08-01 04:25 . 2010-08-01 04:25 -------- d-----w- c:\program files\Common Files\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-25 22:27 . 2008-08-07 21:52 319488 ----a-w- c:\windows\HideWin.exe
2010-08-07 10:11 . 2009-04-08 16:50 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-08-07 09:39 . 2010-02-26 14:14 -------- d-----w- c:\program files\trend micro
2010-06-27 06:42 . 2010-02-26 02:38 -------- d-----w- c:\program files\Spyware Terminator
2010-06-22 23:31 . 2008-08-07 03:50 82750 ----a-w- c:\windows\system32\perfc005.dat
2010-06-22 23:31 . 2008-08-07 03:50 438070 ----a-w- c:\windows\system32\perfh005.dat
2010-06-14 14:31 . 2008-08-07 02:06 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2008-05-07 14:34 . 2008-08-07 22:20 15523560 -c--a-w- c:\program files\U1 Setup.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-31 16806912]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2008-09-03 335872]
"ETDWareDetect"="c:\program files\Elantech\ETDDect.exe" [2008-08-22 204800]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-09-02 106496]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-09-02 593920]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-09 2176512]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-03-01 1800464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Kutil\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Z stupce - ashDisp.exe.lnk - c:\program files\Alwil Software\Avast4\ashDisp.exe [2009-3-25 81000]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2011-9-12 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Kutil^Nabídka Start^Programy^Po spuštění^wwwpos32.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 05:27 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-21 15:27 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-09-26 11:59 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [25.8.2009 2:09 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2.3.2010 9:10 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2.3.2010 9:10 25160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [26.2.2010 12:08 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.8.2009 2:09 20560]
S3 gupdate;Služba Google Update (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [8.8.2008 7:24 625024]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://google.cz
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\documents and settings\Kutil\Data aplikací\Mozilla\Firefox\Profiles\npfsy889.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?source=gama&hl=cs
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - plugin: c:\program files\Common-Use Signing Interface\bin\npCsiPlugin.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-07 23:22
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3086602011-2446779318-483012309-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{47B76923-84E8-F23B-7977-E2D4667596FF}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oalmadilpopbabkngjabmflplcphlk"=hex:61,69,6e,66,64,66,62,67,6b,6c,6d,62,65,6d,
62,6e,6a,70,6e,67,6e,69,63,6d,6e,6b,67,68,6b,6d,6e,6f,65,61,6b,6c,63,68,64,\
"iaonkddjihekmkphml"=hex:6a,61,63,70,6f,6e,6d,66,67,6b,69,62,63,64,61,64,6b,6f,
62,65,00,88
"haimacaebccgepdk"=hex:6a,61,63,70,6f,6e,6d,66,66,6b,66,61,6a,6c,69,70,65,70,
6d,66,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(816)
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(2708)
c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
c:\program files\eee storage\xpclient.dll
c:\program files\eee storage\logicnp.eznamespaceextensions.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2010-08-07 23:24:23
ComboFix-quarantined-files.txt 2010-08-07 13:54
ComboFix2.txt 2010-02-28 21:52

Před spuštěním: Volných bajtů: 42 030 718 976
Po spuštění: Volných bajtů: 41 999 822 848

- - End Of File - - 41FF700E3C2E3BEA00469FE46D407840

Re: Nejde načíst seznam a občas ani google

Napsal: 07 srp 2010 17:06
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Regnull::
[HKEY_USERS\S-1-5-21-3086602011-2446779318-483012309-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{47B76923-84E8-F23B-7977-E2D4667596FF}*]
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Obrázek

Re: Nejde načíst seznam a občas ani google

Napsal: 08 srp 2010 11:54
od Kutiltr
udělal jsem vše podle instrukcí a je to lepší = google šlape normálně ale seznam naběhne jen někdy.

Jen bych se zeptal, čím to že se to takhle stane, to jsem měl nějakou havěť nebo můžu vinu hodit na windows? Dá se tomu nějak předejít?

Každopádně pokud řeknete že PC je čistý tak budu klidný.

Re: Nejde načíst seznam a občas ani google

Napsal: 08 srp 2010 11:59
od Rudy
Byl tam zamčený fake klíč v registry, který jsme odstranili. V prvním skenu ještě možná CF něco opravil v registry (to nevypisuje). Pokud máte aktualizovaný antivir a firewall, můžete udělat jen to, že nebudete chodit do "temných zákoutí" internetu a 2x si rozmyslíte, než na něco kliknete. PC by nyní měl být čistý.

Re: Nejde načíst seznam a občas ani google

Napsal: 08 srp 2010 12:20
od Kutiltr
tak moc děkuji

Re: Nejde načíst seznam a občas ani google

Napsal: 08 srp 2010 16:59
od Rudy
Nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz