VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Chyba

https://forum.viry.cz:443/viewtopic.php?t=111706

Stránka 1 z 1

Chyba

Napsal: 12 kvě 2011 08:15
od Tomik6566
Dobrý den,
Mám zase problém s pc , po kontrolu avastem se mě zasekává , spouští se programy.
Prosím o pomoc
Děkuji předem. :)

LOG.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:07:32, on 12.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Tomáš.TOM-C03959D6696\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Tomáš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 5690 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-04-18 818280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-26 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2011-04-26 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-04-18 818280]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-26 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-04-18 3460784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-04-26 39408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutorun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-05-08 20:14:45 ----D---- C:\Program Files\EA Sports
2011-05-08 20:11:51 ----D---- C:\Documents and Settings\Tomáš.TOM-C03959D6696\Data aplikací\Google
2011-05-08 20:11:08 ----D---- C:\Program Files\DAEMON Tools Lite
2011-05-04 22:57:11 ----SHD---- C:\RECYCLER
2011-05-04 17:57:48 ----D---- C:\WINDOWS\temp
2011-05-04 17:57:43 ----A---- C:\ComboFix.txt
2011-04-26 13:08:56 ----D---- C:\Program Files\Google
2011-04-26 13:08:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Google
2011-04-25 18:15:52 ----D---- C:\Documents and Settings\Tomáš.TOM-C03959D6696\Data aplikací\DAEMON Tools Pro
2011-04-25 18:15:52 ----D---- C:\Documents and Settings\Tomáš.TOM-C03959D6696\Data aplikací\DAEMON Tools
2011-04-24 18:49:17 ----RHD---- C:\Documents and Settings\Tomáš.TOM-C03959D6696\Data aplikací\SecuROM
2011-04-24 18:49:16 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2011-04-21 23:08:58 ----D---- C:\rsit
2011-04-15 11:19:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-15 11:19:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-15 11:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-15 11:12:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-15 11:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-15 11:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-15 11:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-15 11:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-15 11:10:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-15 11:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$

======List of files/folders modified in the last 1 months======

2011-05-12 09:07:32 ----D---- C:\Program Files\trend micro
2011-05-12 09:07:31 ----D---- C:\WINDOWS\system32\Drivers
2011-05-12 09:07:31 ----D---- C:\WINDOWS\System32
2011-05-12 09:07:31 ----D---- C:\WINDOWS
2011-05-12 09:06:36 ----D---- C:\WINDOWS\Prefetch
2011-05-12 08:15:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-11 12:27:09 ----D---- C:\WINDOWS\Debug
2011-05-11 12:27:01 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-08 20:24:07 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-08 20:23:27 ----SHD---- C:\WINDOWS\Installer
2011-05-08 20:23:27 ----D---- C:\Config.Msi
2011-05-08 20:14:45 ----RD---- C:\Program Files
2011-05-08 20:14:45 ----D---- C:\WINDOWS\system32\DirectX
2011-05-08 20:14:34 ----HD---- C:\WINDOWS\inf
2011-05-05 19:15:03 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Bluetooth
2011-05-05 19:02:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-04 17:57:50 ----D---- C:\Qoobox
2011-05-04 17:52:41 ----A---- C:\WINDOWS\system.ini
2011-05-04 17:47:00 ----D---- C:\WINDOWS\AppPatch
2011-05-04 17:46:49 ----D---- C:\Program Files\Common Files
2011-05-04 17:18:49 ----D---- C:\WINDOWS\system32\config
2011-04-30 13:30:56 ----A---- C:\WINDOWS\AviSplitter.INI
2011-04-30 08:06:43 ----D---- C:\Program Files\Mozilla Firefox
2011-04-26 13:09:41 ----SD---- C:\WINDOWS\Tasks
2011-04-25 17:22:06 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-25 17:21:47 ----RSD---- C:\WINDOWS\assembly
2011-04-18 19:25:10 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-16 17:51:51 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-15 11:19:29 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-15 11:18:54 ----D---- C:\Program Files\Internet Explorer
2011-04-15 11:18:37 ----D---- C:\WINDOWS\ie8updates
2011-04-15 11:18:12 ----D---- C:\WINDOWS\WinSxS
2011-04-15 11:17:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-14 17:30:10 ----D---- C:\WINDOWS\system32\ReinstallBackups

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-03-24 50176]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-07 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-04-18 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-04-18 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-04-18 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-04-18 307288]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-04-18 49240]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-04-18 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-04-18 102488]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-11-06 755392]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-07 91136]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S3 aveve200;aveve200; C:\WINDOWS\system32\drivers\aveve200.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\TOM~1.TOM\LOCALS~1\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\DOCUME~1\TOM~1.TOM\LOCALS~1\Temp\CFcatchme.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\pcouffin.sys []
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-04-18 42184]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-26 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-26 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]


A ještě MBAM:

Typ kontroly: Rychlý test
Testované objekty: 186801
Uplynulý čas: 6 minut, 22 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


Děkuji moc

Re: Chyba

Napsal: 12 kvě 2011 17:31
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Chyba

Napsal: 12 kvě 2011 18:24
od Tomik6566
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-12 do 2011-05-12 )))))))))))))))))))))))))))))))
.
.
2011-05-08 18:14 . 2011-05-08 18:14 -------- d-----w- c:\program files\EA Sports
2011-05-08 18:11 . 2011-05-08 18:11 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-04-26 11:14 . 2011-04-26 11:14 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY\Local Settings\Data aplikací\Google
2011-04-26 11:09 . 2011-04-26 11:09 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\Google
2011-04-26 11:09 . 2011-05-08 18:11 -------- d-----w- c:\documents and settings\Tomáš.TOM-C03959D6696\Local Settings\Data aplikací\Google
2011-04-26 11:08 . 2011-04-26 11:09 -------- d-----w- c:\program files\Google
2011-04-25 16:15 . 2011-04-25 16:15 -------- d-----w- c:\documents and settings\Tomáš.TOM-C03959D6696\Data aplikací\DAEMON Tools
2011-04-25 16:15 . 2011-04-25 16:15 -------- d-----w- c:\documents and settings\Tomáš.TOM-C03959D6696\Data aplikací\DAEMON Tools Pro
2011-04-24 16:49 . 2011-04-24 16:49 -------- d--h--r- c:\documents and settings\Tomáš.TOM-C03959D6696\Data aplikací\SecuROM
2011-04-24 16:49 . 2011-04-24 16:49 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-04-21 21:08 . 2011-04-21 21:09 -------- d-----w- C:\rsit
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-18 17:25 . 2010-10-13 11:22 40112 ----a-w- c:\windows\avastSS.scr
2011-04-18 17:25 . 2010-10-13 11:22 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-18 17:17 . 2011-02-25 16:53 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-18 17:17 . 2010-10-13 11:22 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-18 17:16 . 2010-10-13 11:22 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-18 17:16 . 2010-10-13 11:22 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-18 17:16 . 2010-10-13 11:22 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-18 17:13 . 2010-10-13 11:22 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-18 17:13 . 2010-10-13 11:22 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-18 17:12 . 2010-10-13 11:22 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-09 17:39 . 2011-04-09 17:39 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-09 17:39 . 2011-04-09 17:39 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-27 19:01 . 2011-03-27 19:02 390144 ----a-w- c:\windows\system32\CF21750.exe
2011-03-07 05:33 . 2010-04-02 15:23 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2004-08-17 14:49 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2004-08-17 14:44 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 2004-08-17 14:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2004-08-17 14:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 23:08 . 2004-08-17 14:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 11:41 . 2004-08-17 14:44 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2004-08-03 22:15 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-03 22:14 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-08-17 14:48 290432 ----a-w- c:\windows\system32\atmfd.dll
2004-03-11 11:27 . 2010-02-20 10:03 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2011-04-30 06:06 . 2011-03-24 16:19 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-05-04_15.52.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-08 18:23 . 2011-05-08 18:23 32038 c:\windows\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe
- 2011-04-28 14:15 . 2011-04-28 14:15 32038 c:\windows\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe
+ 2011-05-08 18:23 . 2011-05-08 18:23 1204736 c:\windows\Installer\a419f.msi
+ 2010-04-04 16:14 . 2011-05-11 10:27 42829768 c:\windows\system32\MRT.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-26 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 61440]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-04-18 3460784]
.
c:\documents and settings\Tom ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CLI.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-6 61440]
DTLite.lnk - c:\program files\DAEMON Tools Lite\DTLite.exe [N/A]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.4.2010 18:36 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.2.2011 18:53 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.10.2010 13:22 307288]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.10.2010 13:22 19544]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\TOM~1.TOM\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\TOM~1.TOM\LOCALS~1\Temp\CFcatchme.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-26 11:09]
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-26 11:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uInternet Settings,ProxyServer = socks=
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\Tomáš.TOM-C03959D6696\Data aplikací\Mozilla\Firefox\Profiles\7tt9owqr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - prefs.js: network.proxy.type - 4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-12 19:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(624)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2520)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll

Re: Chyba

Napsal: 12 kvě 2011 18:41
od Rudy
Log vypadá čistý. Zkuste Avast reinstalovat.

Re: Chyba

Napsal: 12 kvě 2011 19:03
od Tomik6566
Ano , pomohlo to !
Jsem rád že je log čistý.

Děkuji a přeji hezký den.
Prosím zamknout.

Re: Chyba

Napsal: 12 kvě 2011 19:52
od Rudy
Nemáte zač a zamykám. :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz