VIRY.CZ

Pěkně zdravím,
můžu poprosit o kontrolu logu? Při každém spuštění AV kontroly nedoběhne do konce a PC se restartuje..
Děje se tak při kontrole pomocí NODu32 i MarwareBytes.
Poradíte, co s tím?
Díky moc








ComboFix 11-12-12.02 - Filip 14.12.2011 11:39:06.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.259 [GMT 1:00]
Spuštěný z: c:\documents and settings\Filip\Plocha\abc288.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-14 do 2011-12-14 )))))))))))))))))))))))))))))))
.
.
2011-12-14 08:15 . 2011-12-14 08:15 -------- d-----w- c:\documents and settings\Filip\Data aplikací\Malwarebytes
2011-12-14 08:13 . 2011-07-06 18:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-12-14 08:12 . 2011-12-14 08:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-12-14 08:12 . 2011-07-06 18:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-14 08:12 . 2011-12-14 08:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-13 18:24 . 2011-12-13 18:24 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2011-12-13 17:02 . 2011-12-13 17:02 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2011-12-13 14:15 . 2011-12-13 14:15 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\TeamViewer
2011-12-13 13:52 . 2011-12-13 13:52 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2011-12-13 13:29 . 2011-10-28 18:35 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-12-13 12:01 . 2011-12-13 12:04 2528 ----a-w- c:\windows\system32\tmp.reg
2011-12-13 12:01 . 2009-06-02 10:17 75776 ----a-w- c:\windows\system32\WS2Fix.exe
2011-12-13 12:01 . 2008-12-12 00:57 78336 ----a-w- c:\windows\system32\Agent.OMZ.Fix.exe
2011-12-13 12:01 . 2008-11-29 17:58 82944 ----a-w- c:\windows\system32\IEDFix.C.exe
2011-12-13 12:01 . 2008-10-01 14:51 87552 ----a-w- c:\windows\system32\VACFix.exe
2011-12-13 12:01 . 2008-09-20 11:45 80384 ----a-w- c:\windows\system32\o4Patch.exe
2011-12-13 12:01 . 2008-08-18 11:19 82432 ----a-w- c:\windows\system32\404Fix.exe
2011-12-13 12:01 . 2008-05-18 20:40 82944 ----a-w- c:\windows\system32\IEDFix.exe
2011-12-13 12:01 . 2007-09-05 23:22 289144 ----a-w- c:\windows\system32\VCCLSID.exe
2011-12-13 12:01 . 2006-04-27 16:49 288417 ----a-w- c:\windows\system32\SrchSTS.exe
2011-12-13 12:01 . 2004-07-31 17:50 51200 ----a-w- c:\windows\system32\dumphive.exe
2011-12-13 12:01 . 2003-06-05 20:13 53248 ----a-w- c:\windows\system32\Process.exe
2011-12-13 11:52 . 2011-12-13 12:12 -------- d-----w- c:\documents and settings\Filip\Data aplikací\TeamViewer
2011-12-13 08:44 . 2011-12-13 08:44 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\ESET
2011-12-12 22:10 . 2011-12-12 22:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-12-12 20:58 . 2011-12-12 22:30 -------- d-----w- c:\program files\ESET
2011-12-12 20:34 . 2011-12-12 20:34 -------- d-----w- c:\documents and settings\Filip\Local Settings\Data aplikací\ESET
2011-12-12 20:34 . 2011-12-12 20:34 -------- d-----w- c:\documents and settings\Filip\Data aplikací\ESET
2011-12-12 19:28 . 2011-12-14 10:01 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2011-12-12 19:16 . 2011-12-12 20:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2011-12-10 18:14 . 2009-03-27 00:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2011-12-10 18:14 . 2011-12-10 18:14 -------- d-----w- c:\program files\CPUID
2011-12-10 18:00 . 2011-12-10 18:00 -------- d-----w- c:\windows\system32\wbem\Framework
2011-12-10 17:30 . 2011-12-10 17:30 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-12-10 16:45 . 2011-12-10 16:45 -------- d-----w- c:\program files\GDS
2011-12-10 16:45 . 2011-12-10 16:45 249856 ------w- c:\windows\Setup1.exe
2011-12-10 16:45 . 2011-12-10 16:45 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-12-07 20:22 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-12-07 20:22 . 2011-12-07 20:22 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-26 23:13 . 2011-11-26 23:13 -------- d-----w- c:\program files\Conduit
2011-11-26 23:13 . 2011-11-26 23:21 -------- d-----w- c:\documents and settings\Filip\Local Settings\Data aplikací\FLVService
2011-11-26 23:08 . 2011-11-26 23:08 -------- d-----w- c:\documents and settings\Filip\Local Settings\Data aplikací\vdownloader
2011-11-26 16:48 . 2011-11-26 16:48 -------- d-----w- c:\program files\BlazeVideo
2011-11-26 16:45 . 2011-11-26 16:45 -------- d-----w- c:\windows\OvtCam
2011-11-26 16:45 . 2011-11-26 16:45 -------- d-----w- c:\program files\OVT
2011-11-26 15:29 . 2011-11-26 15:29 -------- d-----w- C:\BlazeTemp
2011-11-26 15:18 . 2011-11-26 15:18 -------- d-----w- c:\windows\OVT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 17:21 . 2010-03-20 17:51 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-10-10 14:21 . 2005-11-15 10:55 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:05 . 2004-08-18 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2007-10-09 12:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
1999-06-25 09:55 . 2006-02-09 10:37 149504 -c--a-w- c:\program files\UNWISE.EXE
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-13_10.53.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-14 10:19 . 2011-12-14 10:19 16384 c:\windows\temp\Perflib_Perfdata_628.dat
+ 2004-08-18 12:00 . 2004-08-18 12:00 18944 c:\windows\system32\oleaccrc.dll
+ 2011-12-13 13:29 . 2011-10-28 18:35 64512 c:\windows\system32\DRVSTORE\lbd_69523D0F7F903BDB477CD80CFD35086362532B23\Lbd.sys
- 2005-11-15 11:03 . 2011-12-12 21:49 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2005-11-15 11:03 . 2011-12-13 22:34 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2005-11-15 11:03 . 2011-12-13 22:34 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2005-11-15 11:03 . 2011-12-12 21:49 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-07-11 21:11 . 2009-07-11 21:11 624448 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcr90.dll
+ 2009-07-11 21:11 . 2009-07-11 21:11 853312 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcp90.dll
+ 2009-07-11 21:14 . 2009-07-11 21:14 245760 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcm90.dll
+ 2009-07-11 21:11 . 2009-07-11 21:11 176456 c:\windows\WinSxS\amd64_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_673f7fa2\atl90.dll
+ 2004-08-18 12:00 . 2004-08-18 12:00 163328 c:\windows\system32\oleacc.dll
+ 2011-12-14 07:51 . 2011-12-14 07:51 224816 c:\windows\system32\FNTCACHE.DAT
- 2005-11-15 11:29 . 2011-10-13 11:43 224816 c:\windows\system32\FNTCACHE.DAT
+ 2011-12-13 13:30 . 2011-12-13 13:30 7251968 c:\windows\Installer\25f4de.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-09-20 1404928]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"nwiz"="nwiz.exe" [2008-09-17 1657376]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\filipk\Nabídka Start\Programy\Po spuštění\
Button Manager.lnk - c:\program files\SHARP\Button Manager A\btnman.exe [N/A]
.
c:\documents and settings\Filip\Nabídka Start\Programy\Po spuštění\
Zástupce - ESET_Vzdalena_Pomoc.lnk - c:\documents and settings\Filip\Plocha\ESET_Vzdalena_Pomoc.exe [2011-12-14 2060856]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1766551154-2057517892-1221738049-1513\Scripts\Logon\0\0]
"Script"=\\prumstav.local\sysvol\prumstav.local\scripts\DB3.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-07-06 18:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-02-04 20:54 198160 -c--a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2007-01-05 18:57 204288 -c----w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ahead\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [13.12.2011 14:29 64512]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22.9.2011 12:03 974944]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2.10.2009 19:33 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [28.10.2011 19:35 2152152]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [30.7.2006 21:44 580992]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys [24.3.2009 14:39 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys [24.3.2009 14:39 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys [24.3.2009 14:39 38784]
S3 CTSFSYN;Creative SoundFont Synth;c:\windows\system32\drivers\ctsfsyn.sys [15.11.2005 15:28 155904]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2.10.2009 19:33 133104]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [25.5.2007 13:55 65024]
S3 motccgp;Motorola USB Composite Device Driver; [x]
S3 motccgpfl;MotCcgpFlService; [x]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-28 18:35]
.
2011-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-02 18:33]
.
2011-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-02 18:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.14.10.14 10.14.14.50
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-14 11:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\InterBaseServer]
"ImagePath"="c:\program files\Firebird\bin\ibserver -s"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2100)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-12-14 11:52:43
ComboFix-quarantined-files.txt 2011-12-14 10:52
ComboFix2.txt 2011-12-13 15:02
ComboFix3.txt 2011-12-13 10:56
.
Před spuštěním: 9 854 980 096
Po spuštění: 9 884 708 864
.
- - End Of File - - C75434D39E62C5E757B64B1DF167880F

Mno...
Už jsem si s tím fakt nevěděl rady a obrátil se na vás. ..
Vysvětlení: Ten chlápek si to tam spustil víckrát, prý to napoprvé ani napodruhé neproběhlo..
Ale pak mi poslal ještě log z CF datovaný o den dříve..? Můžu ho přidat, bude-li třeba.
Poradíte..?

Tak se moc omlouvám za utacenej čas....

Synek jim prej před chvilkou vyměnil RAMky a všechno šlape jak má, HW chyba..

Ale stejně MOC děkuju za pomoc...