VIRY.CZ

1. Nejde mi spustit safe mode. Ked ho chcem spustit tak najprv nacita tie subory, zda sa ze uz sa to ide pustit potom to padne objavi sa modra obrazovka a neco s tym ze mam prejs PC antivirom. Nestihol som to cele precitat. Normalny mod ide . (PC som antivirom presiel nic nenaslo)
2. Ked hram hry (pri normalnej praci to nerobi) a ci hram najmenej narocnu 2D hru alebo super narocnu 3D hru tak v pravdelnych intervaloch mi vzdy zacne tak na 5 s sekat. Potom to zase ide tak 4 min normalne a potom zase. Opakuje sa to pravidelne bez ohladu na to ako sa prave zatazuje PC. Ked dam alt+tab a pozeram zataz processora tak nic zvlastne som neobjavil stale to ide v pohode ale jak pustim tu hru tak to zase zacne. A niekedy ked restartnem PC, proste ked sa utrafi tak to nerobi. Ale väcsinou to robi.

co se tyce nouzoveho rezimu, zkuste tento postup:

stahnete SREng - http://download.kztechs.com/files/sreng2.zip

rozbalte jej treba na plochu

spustte SREng

zvolte zalozku System Repair, zde kliknete na zalozku Advanced Repair a zvolte moznost Repair Safe Mode

takto byste mel opravit bootovani do nouzoveho rezimu




Potom vlozte log z HJT... viz můj podpis---HiJackThis

jj zatial co sa to robi chcem sa ta opytat este jednu vec. Nekedy mi ten notas len tak odrazu prejde to rezimu spanku (ten mesiacik) . A casto nejde dat naspet (zamrzne) nevies cim to je ?
EDIT: tu je ten log :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:10, on 15.10.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\OneStepSearch\onestep.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\OneStepSearch\onestep.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\s3hotkey.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\zeke\LOCALS~1\Temp\Rar$EX00.417\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [BLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-839522115-152049171-1708537768-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd/bo ... oardID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{446D8131-368C-427D-9CA3-EAB03B0B49A4}: NameServer = 213.215.111.137,62.168.122.140
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBA2C198-BEFC-4996-B8B0-0FD27F264142}: NameServer = 192.168.2.1,192.168.11.1
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Program Files\OneStepSearch\onestep.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\windows\System32\x10nets.exe (file missing)

--
End of file - 4360 bytes

Potřebujeme vidět log z HJT... Jinak se nehneme z místa...

uz tam je

Log se zdá ok...



stahnete SDFix http://downloads.andymanchesta.com/Remo ... /SDFix.exe a ulozte jej na plochu

spustte stazeny exe soubor, ten si vybali soubory do vami zadefinovaneho adresare

restartujte pocitac do nouzoveho rezimu, otevrete vyse zmineny adresar a spustte aplikaci RunThis.bat, cimz se odstartuje skript; v dalsim screenu potvrdte klavesou Yes

probehne sken, po jeho ukonceni budete vyzvani ke stisku jakekoli klavesy k restartu windows

po restartu probehne jeste jeden sken, po jehoz ukonceni bude zobrazeno hlaseni Finished, stisknete opet nejakou klavesu k ukonceni a startu windows

pote se vam zobrazi log z SDFixu v samostatnem okne, ulozeny v adresari s SDFixem, nazvany Report.txt; jeho obsah sem vlozte.

nudzovy rezim stale nejde spustit na tej modrej obrazovke to stale pise aj neco ze mam pustit CHKDSK na disk F.: a pritom F mam USB kluc ktory vtedy ani nebol pripojeny.

tak jinak


stahnete a aplikujte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

spustte aplikaci pod uctem s administratorskym opravnenim, postavte na kafe, postupujte dle pokynu na obrazovce, behem skenu neklikejte do otevreneho okna programu; cela akce trva cca. 5-10 minut

behem skenovani nepropadejte panice, vas stroj muze byt restartovan

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt, jeho obsah vlozte sem

Tu je log :
ComboFix 07-10-12.4 - zeke 2007-10-15 21:05:39.2 - FAT32x86
Running from: F:\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-09-15 to 2007-10-15 )))))))))))))))))))))))))))))))
.

2007-10-14 17:46 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-14 17:37 <DIR> d-------- C:\Program Files\S3
2007-10-14 14:07 <DIR> d--hs---- C:\FOUND.000
2007-10-14 13:50 40,960 --a------ C:\WINDOWS\system32\s3hotkey.exe
2007-10-13 22:49 <DIR> d-------- C:\Program Files\Electronic Arts
2007-10-12 19:23 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\ICQ
2007-10-11 12:31 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\Thunderbird
2007-10-06 20:00 <DIR> d-------- C:\Terep
2007-10-05 15:39 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\ACD Systems
2007-10-05 15:37 <DIR> d-------- C:\Program Files\Common Files\ACD Systems
2007-10-05 15:37 <DIR> d-------- C:\Program Files\ACD Systems
2007-10-05 15:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems
2007-10-03 07:41 <DIR> d-------- C:\Program Files\Microprose
2007-10-02 15:42 <DIR> d-------- C:\Documents and Settings\zeke\.xmoto
2007-10-02 13:41 <DIR> d-------- C:\Program Files\ElastoManiaRegistered
2007-09-30 13:35 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\Apple Computer
2007-09-30 13:34 <DIR> d-------- C:\Program Files\iTunes
2007-09-30 13:34 <DIR> d-------- C:\Program Files\iPod
2007-09-30 13:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-30 13:31 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-09-30 13:31 <DIR> d-------- C:\Program Files\Apple Software Update
2007-09-30 13:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-09-30 13:21 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-09-30 13:16 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-09-30 13:16 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-28 16:22 <DIR> d-------- C:\Program Files\FLVPlayer
2007-09-28 11:58 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-09-28 11:42 <DIR> d-------- C:\WINDOWS\EHome
2007-09-27 14:55 <DIR> d-------- C:\Program Files\themexp
2007-09-27 14:55 <DIR> d-------- C:\Program Files\OneStepSearch
2007-09-27 11:28 61,440 --a------ C:\WINDOWS\system32\WMErrSKY.dll
2007-09-27 11:27 <DIR> d-------- C:\WINDOWS\system32\1051
2007-09-27 10:55 2,318,976 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-09-27 10:46 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-09-27 10:46 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\TuneUp Software
2007-09-27 10:46 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-09-27 10:45 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-27 10:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-09-24 21:13 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\Media Player Classic
2007-09-22 12:03 <DIR> d-------- C:\Program Files\Final Fantasy VII
2007-09-20 17:45 <DIR> d-------- C:\DRIVERS
2007-09-18 17:59 <DIR> d-------- C:\Program Files\QIP
2007-09-15 22:13 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\vlc
2007-09-15 21:14 <DIR> d-------- C:\Program Files\XMoto
2007-09-15 21:14 <DIR> d-------- C:\Program Files\ElastoMania111
2007-09-15 20:34 <DIR> d-------- C:\Program Files\CGN
2007-09-15 19:49 708,608 --a------ C:\WINDOWS\system32\Mxicd.dll
2007-09-15 19:49 268,672 --a------ C:\WINDOWS\system32\s3gsavmx.dll
2007-09-15 19:49 69,690 --a------ C:\WINDOWS\system32\S3uninst.exe
2007-09-15 19:27 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-09-15 19:13 2,854,400 --a------ C:\WINDOWS\system32\msi.dll
2007-09-15 18:53 <DIR> d-------- C:\Program Files\DriverScan
2007-09-15 16:28 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\DivX
2007-09-15 15:50 <DIR> d-------- C:\Intel
2007-09-15 15:17 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\Ahead
2007-09-15 14:16 <DIR> d-------- C:\Documents and Settings\zeke\WINDOWS
2007-09-15 13:50 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\Nokia
2007-09-15 12:06 <DIR> d-------- C:\Documents and Settings\zeke\Application Data\PC Suite
2007-09-15 10:45 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-09-15 10:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-09-15 09:10 <DIR> d-------- C:\Documents and Settings\ewa\Application Data\Thunderbird

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-14 19:41 --------- d-----w C:\Documents and Settings\ewa\Application Data\Media Player Classic
2007-09-14 19:39 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-09-14 16:45 --------- d-----w C:\Program Files\PC Wizard 2007
2007-09-14 16:06 --------- d-----w C:\Program Files\MagicISO
2007-09-14 12:52 --------- d-----w C:\Program Files\Valve
2007-09-06 13:55 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2007-09-06 13:55 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2007-09-06 13:55 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2007-09-06 13:45 --------- d-----w C:\Program Files\DAEMON Tools
2007-09-06 12:22 26,056 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-09-06 12:22 --------- d-----w C:\Program Files\Hamachi
2007-09-06 12:22 --------- d-----w C:\Documents and Settings\ewa\Application Data\Hamachi
2007-09-06 04:04 --------- d-----w C:\Program Files\Canon
2007-09-03 18:12 --------- d-----w C:\Program Files\TP
2007-09-03 15:28 --------- d-----w C:\Program Files\Mozilla Thunderbird
2007-09-03 14:09 --------- d-----w C:\Documents and Settings\LocalService\Application Data\X10 Commander
2007-09-01 19:50 --------- d-----w C:\Program Files\3wPlayer
2007-08-31 04:11 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-08-30 14:24 --------- d-----w C:\Program Files\Object Desktop
2007-08-30 14:24 --------- d-----w C:\Program Files\Common Files\Stardock
2007-08-29 22:05 --------- d-----w C:\Documents and Settings\ewa\Application Data\DWMRCMSI
2007-08-29 21:36 --------- d-----w C:\Documents and Settings\ewa\Application Data\DameWare Development
2007-08-29 21:33 --------- d-----w C:\Program Files\DameWare Development
2007-08-28 14:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth
2007-08-28 14:05 --------- d-----w C:\Program Files\IVT Corporation
2007-08-26 00:05 36,864 ----a-w C:\WINDOWS\system32\scio.dll
2007-08-26 00:05 3,072 ----a-w C:\WINDOWS\system32\drivers\scio.sys
2007-08-26 00:04 --------- d-----w C:\Program Files\SoftCollection LED Line
2007-08-26 00:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Protexis
2007-08-23 13:00 65,536 ----a-w C:\WINDOWS\system32\DWRCShell.DLL
2007-08-22 17:42 --------- d-----w C:\Documents and Settings\ewa\Application Data\River Past G5
2007-08-22 17:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\River Past G5
2007-08-22 17:29 796,672 ----a-w C:\WINDOWS\GPInstall.exe
2007-08-22 09:37 --------- d-----w C:\Program Files\ASIO4ALL v2
2007-08-22 08:59 --------- d-----w C:\Program Files\RMAA6
2007-08-22 00:30 --------- d-----w C:\Program Files\Realtek Sound Manager
2007-08-19 14:16 --------- d-----w C:\Documents and Settings\ewa\Application Data\n-Track Studio5
2007-08-19 14:15 --------- d-----w C:\Program Files\FASoft
2007-08-14 14:09 19,178 ----a-w C:\net.reg
2007-08-14 05:30 18,013 ----a-w C:\config.dll
2007-08-08 02:27 456,032 ----a-w C:\WINDOWS\system32\js3250.dll
2007-08-07 12:46 2,893,768 ----a-w C:\WINDOWS\system32\TCMD.EXE
2007-08-06 18:04 230,784 ----a-w C:\WINDOWS\system32\psexec.exe
2007-08-06 00:30 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-07-31 16:33 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-07-31 16:33 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-19 22:57 267,112 ----a-w C:\WINDOWS\system32\xactengine2_9.dll
2007-07-19 22:54 66,408 ----a-w C:\WINDOWS\system32\dxdllreg.exe
2007-07-19 22:54 18,280 ----a-w C:\WINDOWS\system32\x3daudio1_2.dll
2007-07-19 16:14 444,776 ----a-w C:\WINDOWS\system32\d3dx10_35.dll
2007-07-19 16:14 3,727,720 ----a-w C:\WINDOWS\system32\d3dx9_35.dll
2007-07-19 16:14 1,358,192 ----a-w C:\WINDOWS\system32\D3DCompiler_35.dll
.

((((((((((((((((((((((((((((( snapshot@2007-10-14_17.55.54.82 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-03-13 08:57:12 163,328 ----a-w C:\WINDOWS\erdnt\subs\F3M\ERDNT.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundFusion"="cwcprops.cpl" [2001-04-10 11:42 C:\WINDOWS\system32\cwcprops.cpl]
"S3Hotkey"="s3hotkey.exe" [2001-09-12 20:27 C:\WINDOWS\system32\s3hotkey.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-09-06 15:55]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]
"Device Detector"="DevDetect.exe" []
"BMMMONWND"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll" [2005-04-20 01:38]
"BLOG"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2005-04-20 01:38]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]

C:\Documents and Settings\ewa\Start Menu\Programs\Startup\
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [2007-09-06 14:22:20]

R1 scio;scio;C:\WINDOWS\system32\Drivers\scio.sys
R1 TPPWR;TPPWR;C:\WINDOWS\system32\drivers\Tppwr.sys
R2 OneStep Search Service;OneStep Search Service;"C:\Program Files\OneStepSearch\onestep.exe" "C:\Program Files\OneStepSearch\onestep.dll" Service
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 apmbatt;Microsoft APM Legacy Battery Driver;C:\WINDOWS\system32\DRIVERS\apmbatt.sys
R3 EL556;3Com 10/100 Mini PCI Ethernet Adapter NDIS 5.0 Driver;C:\WINDOWS\system32\DRIVERS\EL556ND5.sys
R3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS\system32\DRIVERS\NtApm.sys
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 S3GSavageMX;S3GSavageMX;C:\WINDOWS\system32\DRIVERS\s3gsavm.sys
R3 WDHAALBA;WDHAALBAMiniPCI Winmodem;C:\WINDOWS\system32\DRIVERS\WDHAALBA.sys
S1 ntmcdd;ntmcdd;C:\WINDOWS\system32\drivers\ntmcdd.sys
S1 ntmcmsdd;ntmcmsdd;C:\WINDOWS\system32\drivers\ntmcmsdd.sys
S3 BTCAMDRV;Mobiola Web Camera driver;C:\WINDOWS\system32\DRIVERS\BTCamDrv.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\windows\system32\drivers\BTNetFilter.sys
S3 EL556ND5;3Com 10/100 MiniPCI Ethernet Adapter Driver;C:\WINDOWS\system32\DRIVERS\EL556ND5.sys
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
S3 TPISYSID3;SWI32;\??\C:\windows\_tpi0000.tmp\SWI32.sys
S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2007-10-15 18:09:50 C:\WINDOWS\Tasks\BMMTask.job"
"2007-10-12 15:18:34 C:\WINDOWS\Tasks\1-Click Maintenance.job"
"2007-09-30 11:31:58 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-15 21:08:56
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-15 21:10:26
C:\ComboFix2.txt ... 2007-10-14 17:56
.
--- E O F ---

Prosim pridte aj zajtra poobede potrebujem to vyriesit ale teraz uz musim ist dik za pomoc.

Takze ted zase chvili Vy:

toto prosim otestujte na www.virustotal.com/cs/

(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko send; vysledek sem vlozte)

C:\WINDOWS\system32\scio.dll

C:\WINDOWS\system32\WMErrSKY.dll

Ok budu tu


zatím se mějte

SCIO.DLL :

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2007.10.16.2 2007.10.16 -
AntiVir 7.6.0.23 2007.10.16 -
Authentium 4.93.8 2007.10.16 -
Avast 4.7.1051.0 2007.10.15 -
AVG 7.5.0.488 2007.10.16 -
BitDefender 7.2 2007.10.16 -
CAT-QuickHeal 9.00 2007.10.15 -
ClamAV 0.91.2 2007.10.14 -
DrWeb 4.44.0.09170 2007.10.16 -
eSafe 7.0.15.0 2007.10.15 -
eTrust-Vet 31.2.5214 2007.10.16 -
Ewido 4.0 2007.10.16 -
FileAdvisor 1 2007.10.16 -
Fortinet 3.11.0.0 2007.10.16 -
F-Prot 4.3.2.48 2007.10.15 -
F-Secure 6.70.13030.0 2007.10.16 -
Ikarus T3.1.1.12 2007.10.16 -
Kaspersky 7.0.0.125 2007.10.16 -
McAfee 5141 2007.10.15 -
Microsoft 1.2908 2007.10.16 -
NOD32v2 2594 2007.10.16 -
Norman 5.80.02 2007.10.15 -
Panda 9.0.0.4 2007.10.16 -
Prevx1 V2 2007.10.16 -
Rising 19.45.11.00 2007.10.16 -
Sophos 4.22.0 2007.10.16 -
Sunbelt 2.2.907.0 2007.10.16 -
Symantec 10 2007.10.16 -
TheHacker 6.2.8.093 2007.10.16 -
VBA32 3.12.2.4 2007.10.16 -
VirusBuster 4.3.26:9 2007.10.15 -
Webwasher-Gateway 6.6.1 2007.10.16 -
Rozšiřující informace
File size: 36864 bytes
MD5: b0d05a07baca13672d5c97a9d07667bd
SHA1: b09328dc6d274d731b544cc331391962c1bfdd18

WMErrSKY.dll : v
Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2007.10.16.2 2007.10.16 -
AntiVir 7.6.0.23 2007.10.16 -
Authentium 4.93.8 2007.10.16 -
Avast 4.7.1051.0 2007.10.15 -
AVG 7.5.0.488 2007.10.16 -
BitDefender 7.2 2007.10.16 -
CAT-QuickHeal 9.00 2007.10.15 -
ClamAV 0.91.2 2007.10.14 -
DrWeb 4.44.0.09170 2007.10.16 -
eSafe 7.0.15.0 2007.10.15 -
eTrust-Vet 31.2.5214 2007.10.16 -
Ewido 4.0 2007.10.16 -
FileAdvisor 1 2007.10.16 -
Fortinet 3.11.0.0 2007.10.16 -
F-Prot 4.3.2.48 2007.10.15 -
F-Secure 6.70.13030.0 2007.10.16 -
Ikarus T3.1.1.12 2007.10.16 -
Kaspersky 7.0.0.125 2007.10.16 -
McAfee 5141 2007.10.15 -
Microsoft 1.2908 2007.10.16 -
NOD32v2 2594 2007.10.16 -
Norman 5.80.02 2007.10.15 -
Panda 9.0.0.4 2007.10.16 -
Prevx1 V2 2007.10.16 -
Rising 19.45.11.00 2007.10.16 -
Sophos 4.22.0 2007.10.16 -
Sunbelt 2.2.907.0 2007.10.16 -
Symantec 10 2007.10.16 -
TheHacker 6.2.8.093 2007.10.16 -
VBA32 3.12.2.4 2007.10.16 -
VirusBuster 4.3.26:9 2007.10.15 -
Webwasher-Gateway 6.6.1 2007.10.16 -
Rozšiřující informace
File size: 61440 bytes
MD5: d3980dd9a769877f618b18e7a02e2872
SHA1: 6fed4733df19dd5ea6e67eb79d0f24628abd5cfa


Takze nic to nenaslo.

Prosím o kontrolu logu

Protože mi počítač nešel spustit v safe mode, postupoval jsem podle zdejšího návodu a přikládám sem log a prosím o kontrolu, zda tam mám nějaký problém - koukal, že je tam něco "high dangerous".

Jinak ten safe node jsem chtěl využít, protože mi se mi nechce aktualizovat Framework 3.5, nešlo mi to ani odinstalovat, pak se mi to nějak pomocí Your Uninstaller povedlo, ale zase nešel nainstalovat stažená full verze Frameworku 3.5 SP1, tak jsem zase systém musel vrátit do předcházejícícho stavu.... prostě něco tam asi škodí.

Předem děkuji za pomoc

P.S. Log mi sem nejde překopírovat, že je moc dlouhá, tak jako příloha Edit:: Přestože, mi výše uvedený program dal hlášku, že safe mode opraven, stejně se mi nespustí, pořád dokola mi nabíhá nabídka: Stav nouze, normální start, pak nějaká recovery konzole - ale stejně když vyberu "stav nouze", tak se zase vrátím zpět do téhle nabídky.... až to musím spustit normálním způsobem

Dobrý večer
příště si prosím založte nový topic, tady Vás už není vidět .

Poprosím o log ze Rsitu, viz můj podpis