akutny problem (casovo obmedzeny) problemy s pocitacom

[Dendo]

zdravim mam docela velke problemy s PC kamos je v amerike a zajtra pride domov, tak nemam moc casu nato a ten
pocitac tam nehava.. nebere ho naspet na SR..

nejdu otvarat okna, instalovat normalne bez safe modu programy, odinstalovavat, maximalne cez safe mod nejaky ten program..
nemal tam doteraz antivirus, a je to zevraj totalne zavirene..

prosim o pomoc, dakujem.. vsetkym ktory v case pomozu (a budem publikovat toto forum dalej)

Logfile of random's system information tool 1.08 (written by random/random)
Run by Otto at 2011-01-14 14:59:07
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 29 GB (20%) free of 147 GB
Total RAM: 2010 MB (75% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158186697-3134061598-867993071-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158186697-3134061598-867993071-1000UA.job
C:\Windows\tasks\Norton Security Scan for Otto.job
C:\Windows\tasks\User_Feed_Synchronization-{77A4097C-7F8C-4A17-9250-B8758F37D42E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1555968]
"Google Update"=C:\Users\Otto\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-13 26192168]
"ktsnevww"=C:\Users\Otto\AppData\Local\Temp\srmloqnsp\clfybkvusbs.exe [2011-01-14 322048]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

C:\Users\Otto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
ZooskMessenger.lnk - C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-14 14:59:08 ----D---- C:\Program Files (x86)\trend micro
2011-01-14 14:59:07 ----D---- C:\rsit
2011-01-14 14:39:06 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-14 14:39:06 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-01-14 14:24:25 ----A---- C:\Windows\ntbtlog.txt
2011-01-11 16:23:49 ----A---- C:\Windows\SysWOW64\odbc32.dll
2010-12-15 21:13:58 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-12-15 21:13:57 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-12-15 21:13:57 ----A---- C:\Windows\SysWOW64\atmlib.dll
2010-12-15 21:13:50 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-12-15 21:13:49 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-12-15 21:13:48 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-12-15 21:13:48 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-12-15 21:13:47 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-12-15 21:13:47 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-12-15 21:13:47 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-12-15 21:13:47 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2010-12-15 21:13:47 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-12-15 21:13:47 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\occache.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\iesetup.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\iernonce.dll
2010-12-15 21:13:45 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-12-15 21:13:36 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-12-15 21:13:27 ----A---- C:\Windows\SysWOW64\taskschd.dll
2010-12-15 21:13:27 ----A---- C:\Windows\SysWOW64\taskeng.exe
2010-12-15 21:13:27 ----A---- C:\Windows\SysWOW64\taskcomp.dll

======List of files/folders modified in the last 1 months======

2011-01-14 14:59:08 ----RD---- C:\Program Files (x86)
2011-01-14 14:58:15 ----D---- C:\Windows\System32
2011-01-14 14:58:15 ----D---- C:\Windows\inf
2011-01-14 14:44:38 ----D---- C:\Users\Otto\AppData\Roaming\Skype
2011-01-14 14:43:33 ----D---- C:\Windows\Temp
2011-01-14 14:40:34 ----D---- C:\Windows
2011-01-14 14:39:27 ----D---- C:\Windows\Prefetch
2011-01-14 14:39:06 ----HD---- C:\ProgramData
2011-01-14 14:17:13 ----D---- C:\Windows\Minidump
2011-01-14 14:17:13 ----D---- C:\Windows\Debug
2011-01-14 14:13:20 ----RD---- C:\Program Files
2011-01-14 11:54:17 ----SHD---- C:\Windows\Installer
2011-01-14 11:53:47 ----SHD---- C:\System Volume Information
2011-01-14 11:11:01 ----D---- C:\Users\Otto\AppData\Roaming\skypePM
2011-01-14 01:02:56 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
2011-01-14 00:40:46 ----D---- C:\Users\Otto\AppData\Roaming\vlc
2011-01-12 03:01:36 ----D---- C:\Windows\winsxs
2011-01-12 03:01:36 ----D---- C:\Windows\SysWOW64
2010-12-16 03:37:44 ----D---- C:\Windows\rescache
2010-12-16 03:19:41 ----D---- C:\Windows\SysWOW64\migration
2010-12-16 03:19:41 ----D---- C:\Windows\SysWOW64\en-US
2010-12-16 03:19:41 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-16 03:19:41 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe []
S2 yksvc;Marvell Yukon Service; ykx64coinst,serviceStartProc []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]

-----------------EOF-----------------

[motji]

Dobrý večer
ještě tu chvilku budu, mrkneme na to

Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný

Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com

Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr

Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif

-spusťte ho a nechejte pracovat. Sám se ukončí.

- Ted nerestartujte počítač!


Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[Dendo]

dobre rano, a taktiez dobry vecer.. dal som restore system.. a vypada ze uz to ide v poriadku.. uz ide aj nainstalovat NOD
uz sa zapol aj SCAN teraz to instalujem..

vratil som to dozadu o 3 dni

[motji]

Ok. Já už budu za chvilku končit, pokračování asi v poledne

[Dendo]

ok, dakujem i tak velmi za ochotu.. vazim si to..

vypada to lepsie

[motji]

Fajn, poprosím o nový log ze Rsitu, napište jestli Nod něco našel a jak to ted s pc vypadá