VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zavirovaný počítač

https://forum.viry.cz:443/viewtopic.php?t=111446

Stránka 1 z 1

Zavirovaný počítač

Napsal: 30 dub 2011 09:18
od harry150
Dobrý den
Mám dost zasviněný počítač, stahují se mi do něj stále nové viry, některé programy nejdou ani spustit zde je log z Rlist, můžete mi pomoci?

Logfile of random's system information tool 1.08 (written by random/random)
Run by jurgen at 2011-04-30 10:07:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 48 GB (16%) free of 305 GB
Total RAM: 1023 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL [2009-12-23 54608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{07B18EA9-A523-4961-B6BB-170DE4475CCA}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"Skype"=C:\Documents and Settings\jurgen\Plocha\programy\Phone\Skype.exe [2011-04-18 15146376]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-02-28 427008]

C:\Documents and Settings\jurgen\Nabídka Start\Programy\Po spuštění
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-08-23 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\War 3\Warcraft III.exe"="D:\War 3\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\hry\War 3\lancraft.exe"="C:\hry\War 3\lancraft.exe:*:Enabled:lancraft"
"C:\hry\War 3\Warcraft III.exe"="C:\hry\War 3\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\hry\crysis\Bin32\Crysis.exe"="C:\hry\crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\hry\crysis\Bin32\CrysisDedicatedServer.exe"="C:\hry\crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\hry\swat 4\ContentExpansion\System\Swat4X.exe"="C:\hry\swat 4\ContentExpansion\System\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
"C:\hry\swat 4\ContentExpansion\System\Swat4XDedicatedServer.exe"="C:\hry\swat 4\ContentExpansion\System\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate dedikovaný server"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\hry\battlefield 1942\hra\BF1942.exe"="C:\hry\battlefield 1942\hra\BF1942.exe:*:Enabled:BF1942"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\hry\stalker cop\hra\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="C:\hry\stalker cop\hra\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"C:\hry\stalker cop\hra\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="C:\hry\stalker cop\hra\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\hry\stronghold 2\Stronghold2.exe"="C:\hry\stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Half-Life 2\hl2.exe"="C:\Program Files\Half-Life 2\hl2.exe:*:Enabled:hl2"
"C:\hry\age of wonders\AoW.exe"="C:\hry\age of wonders\AoW.exe:*:Enabled:AoW"
"C:\Program Files\Skype\Phone\skype .exe"="C:\Program Files\Skype\Phone\skype .exe:*:Enabled:Skype"
"C:\Documents and Settings\jurgen\Plocha\programy\Plugin Manager\skypePM.exe"="C:\Documents and Settings\jurgen\Plocha\programy\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\hry\Age of empires II conquers\Age of empires II\age2_x1.exe"="C:\hry\Age of empires II conquers\Age of empires II\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Documents and Settings\jurgen\Plocha\programy\skype .exe"="C:\Documents and Settings\jurgen\Plocha\programy\skype .exe:*:Enabled:skype "
"C:\Documents and Settings\jurgen\Plocha\programy\Phone\Skype.exe"="C:\Documents and Settings\jurgen\Plocha\programy\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-04-30 09:28:32 ----D---- C:\Program Files\Babylon
2011-04-30 09:24:58 ----D---- C:\extensions
2011-04-30 09:23:48 ----D---- C:\Documents and Settings\jurgen\Data aplikací\uTorrent
2011-04-17 01:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-04-17 01:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2011-04-15 23:06:15 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-04-15 19:23:29 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-04-15 19:22:46 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-04-15 19:22:38 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-04-15 19:06:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
2011-04-15 19:03:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-04-15 19:03:06 ----D---- C:\Program Files\Sony Ericsson
2011-04-15 19:03:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2011-04-14 17:44:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-14 17:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-14 17:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-14 17:40:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-14 17:39:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-14 17:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-14 17:39:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-14 17:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-14 17:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-14 17:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-14 17:21:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-04-14 17:20:54 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2011-04-30 10:07:48 ----D---- C:\rsit
2011-04-30 10:05:44 ----A---- C:\WINDOWS\ntbtlog.txt
2011-04-30 10:04:29 ----RD---- C:\Program Files
2011-04-30 09:39:29 ----SD---- C:\WINDOWS\Tasks
2011-04-30 09:31:28 ----D---- C:\WINDOWS\Prefetch
2011-04-30 09:30:50 ----D---- C:\WINDOWS\Temp
2011-04-30 09:26:11 ----D---- C:\Documents and Settings\jurgen\Data aplikací\Skype
2011-04-30 09:25:03 ----D---- C:\WINDOWS\system32
2011-04-30 08:43:58 ----D---- C:\Documents and Settings\jurgen\Data aplikací\Hamachi
2011-04-30 08:24:21 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-30 08:23:52 ----D---- C:\WINDOWS
2011-04-29 23:35:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-29 18:48:01 ----D---- C:\Documents and Settings\jurgen\Data aplikací\skypePM
2011-04-28 18:00:25 ----D---- C:\Documents and Settings\jurgen\Data aplikací\ICQ
2011-04-27 17:30:40 ----SHD---- C:\WINDOWS\Installer
2011-04-27 17:30:40 ----D---- C:\Config.Msi
2011-04-18 15:46:44 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-17 19:31:47 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-17 09:47:32 ----D---- C:\Documents and Settings\jurgen\Data aplikací\dBpoweramp
2011-04-17 01:07:18 ----HD---- C:\WINDOWS\inf
2011-04-17 01:07:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-17 01:07:03 ----A---- C:\WINDOWS\imsins.BAK
2011-04-16 22:08:47 ----D---- C:\Program Files\VDownloader
2011-04-15 23:06:24 ----D---- C:\WINDOWS\system32\CatRoot
2011-04-15 19:23:40 ----D---- C:\WINDOWS\system32\drivers
2011-04-15 19:23:39 ----D---- C:\Program Files\Windows Media Player
2011-04-15 19:22:46 ----D---- C:\WINDOWS\system32\LogFiles
2011-04-15 19:21:20 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-14 20:54:19 ----RSD---- C:\WINDOWS\assembly
2011-04-14 20:51:03 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-14 17:45:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-14 17:44:07 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-14 17:43:08 ----D---- C:\Program Files\Internet Explorer
2011-04-14 17:42:32 ----D---- C:\WINDOWS\WinSxS
2011-04-14 17:42:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-14 17:20:54 ----D---- C:\Program Files\Common Files
2011-04-14 17:20:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-04-12 21:16:20 ----D---- C:\Program Files\Opera
2011-04-01 09:23:52 ----D---- C:\Program Files\ICQ7.2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [2006-06-02 43264]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-08-03 685816]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
S1 MpKsl01b7771a;MpKsl01b7771a; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C74B69D0-0BFE-4037-A47D-3A61D971FF33}\MpKsl01b7771a.sys []
S1 MpKsl08dd160a;MpKsl08dd160a; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E065C382-3229-44B5-ACA6-11AF9F9E0D37}\MpKsl08dd160a.sys []
S1 MpKsl15fefda0;MpKsl15fefda0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{85DF432C-010A-47D2-85A3-BA351EABF3F1}\MpKsl15fefda0.sys []
S1 MpKsl2cba4a88;MpKsl2cba4a88; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C949C3C-04D4-4D6B-8B66-E2A2E01E47CD}\MpKsl2cba4a88.sys []
S1 MpKsl475a53f8;MpKsl475a53f8; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E2CB08B4-9A06-45E7-8B2A-AECAE38C3080}\MpKsl475a53f8.sys []
S1 MpKsl5a8d12ec;MpKsl5a8d12ec; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E983D178-2C62-4EC7-8CEC-BDFB6BD891CB}\MpKsl5a8d12ec.sys []
S1 MpKsl6ffdce18;MpKsl6ffdce18; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{85DF432C-010A-47D2-85A3-BA351EABF3F1}\MpKsl6ffdce18.sys []
S1 MpKsl70ee9a89;MpKsl70ee9a89; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1B8CDA6-F52F-4CE2-AB7E-D2D538987B2E}\MpKsl70ee9a89.sys []
S1 MpKsl7f9e10c0;MpKsl7f9e10c0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{91EA8705-2737-4668-AB7D-E97CA02D2574}\MpKsl7f9e10c0.sys []
S1 MpKsl8839249a;MpKsl8839249a; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4A2312A3-204A-48B6-9F5B-E28AD8A0A8E0}\MpKsl8839249a.sys []
S1 MpKsl929a211a;MpKsl929a211a; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1B8CDA6-F52F-4CE2-AB7E-D2D538987B2E}\MpKsl929a211a.sys []
S1 MpKsla4aaf101;MpKsla4aaf101; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CD5A5F7C-92D9-453E-9726-94D0FF6211FD}\MpKsla4aaf101.sys []
S1 MpKslaef1e20d;MpKslaef1e20d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3AF11B08-29E3-4217-9D0C-1633088F3BBD}\MpKslaef1e20d.sys []
S1 MpKslba23ce5e;MpKslba23ce5e; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6E0AF34B-6815-4B5E-8C57-BE73113B7211}\MpKslba23ce5e.sys []
S1 MpKsld8796462;MpKsld8796462; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40DE8874-48FC-492C-99B8-444DB2513D7F}\MpKsld8796462.sys []
S1 MpKslf72cd90c;MpKslf72cd90c; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8CCFEC62-9B8B-4509-BB51-DE7054D17A69}\MpKslf72cd90c.sys []
S1 MpKslffca5a05;MpKslffca5a05; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1018433B-F235-4315-A132-E4DBCD80E889}\MpKslffca5a05.sys []
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-06-28 278984]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-06-28 25416]
S3 asnzswy9;asnzswy9; C:\WINDOWS\system32\drivers\asnzswy9.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-08-23 1723904]
S3 ATIAVAIW;ATI T200 Unified AVStream service; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [2006-05-02 166528]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-12-30 25280]
S3 hamachi_oem;PlayLinc Adapter; C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-29 10664]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-26 4279296]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\System32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [2006-03-15 244608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-08-23 413696]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-27 593920]
S2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe []
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-10-04 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-11 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Zavirovaný počítač

Napsal: 30 dub 2011 11:07
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz