Prosím o pomoc s logem

[Radkoff]

Notebook HP dv6580 s Vistama Home Premium

ComboFix 07-12-21.4 - Jiří 2005-12-01 0:16:15.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.1.1029.18.365 [GMT 1:00]
Running from: C:\Users\Jiří\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-11-20 to 2007-12-20 )))))))))))))))))))))))))))))))
.

2007-12-25 23:49 . 2007-12-25 23:49 <DIR> d-------- C:\Program Files\Common Files\LightScribe
2007-12-25 23:42 . 2007-12-25 23:42 <DIR> d-------- C:\Users\All Users\Nero
2007-12-25 23:42 . 2007-12-25 23:42 <DIR> d-------- C:\ProgramData\Nero
2007-12-25 23:42 . 2007-12-25 23:42 <DIR> d-------- C:\Program Files\Nero
2007-12-25 23:27 . 2007-12-25 23:27 <DIR> d-------- C:\Program Files\CCleaner
2007-12-22 01:35 . 2007-12-22 01:36 <DIR> d-------- C:\Users\All Users\OrbNetworks
2007-12-22 01:35 . 2007-12-22 01:36 <DIR> d-------- C:\ProgramData\OrbNetworks
2007-12-22 01:35 . 2007-12-22 01:35 <DIR> d-------- C:\Program Files\Winamp Remote
2007-12-22 01:32 . 2007-12-25 23:33 <DIR> d-------- C:\Program Files\Winamp
2007-12-22 01:13 . 2007-12-22 01:13 <DIR> d-------- C:\temp
2007-12-17 21:19 . 2007-12-17 21:19 3,814,939 --a------ C:\Program Files\InstallDesetiPrstyXP.exe
2007-12-17 19:59 . 2007-12-18 08:31 <DIR> d-------- C:\Program Files\DesetiPrsty
2007-12-12 20:48 . 2007-12-12 20:48 1,327,104 --a------ C:\WINDOWS\System32\quartz.dll
2007-12-12 20:48 . 2007-12-12 20:48 223,232 --a------ C:\WINDOWS\System32\WMASF.DLL
2007-12-12 20:48 . 2007-12-12 20:48 9,728 --a------ C:\WINDOWS\System32\LAPRXY.DLL
2007-12-12 20:48 . 2007-12-12 20:48 2,048 --a------ C:\WINDOWS\System32\asferror.dll
2007-12-12 20:46 . 2007-12-12 20:46 130,048 --a------ C:\WINDOWS\System32\drivers\srv2.sys
2007-12-12 20:46 . 2007-12-12 20:46 101,888 --a------ C:\WINDOWS\System32\drivers\mrxsmb.sys
2007-12-12 20:46 . 2007-12-12 20:46 84,992 --a------ C:\WINDOWS\System32\drivers\srvnet.sys
2007-12-12 20:46 . 2007-12-12 20:46 58,368 --a------ C:\WINDOWS\System32\drivers\mrxsmb20.sys
2007-12-12 20:44 . 2007-12-12 20:44 3,504,824 --a------ C:\WINDOWS\System32\ntkrnlpa.exe
2007-12-12 20:44 . 2007-12-12 20:44 3,470,520 --a------ C:\WINDOWS\System32\ntoskrnl.exe
2007-12-12 20:44 . 2007-12-12 20:44 2,048 --a------ C:\WINDOWS\System32\tzres.dll
2007-12-02 16:19 . 2007-12-02 16:19 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-01 18:11 . 2007-12-01 18:11 <DIR> d-------- C:\WINDOWS\2007_uax Uninstaller
2007-11-29 21:32 . 2007-11-29 21:32 9,216 --a------ C:\WINDOWS\System32\avgwlntf.dll
2007-11-29 21:31 . 2007-11-29 21:31 <DIR> d-------- C:\Users\All Users\Grisoft
2007-11-29 21:31 . 2007-11-29 21:31 <DIR> d-------- C:\ProgramData\Grisoft
2007-11-29 20:53 . 2007-11-29 21:29 30,422,984 --a------ C:\Program Files\avg75free_503a1171.exe
2007-11-20 23:01 . 2007-11-20 23:01 <DIR> d-------- C:\Program Files\Autodesk
2007-11-20 22:54 . 2007-11-20 22:54 <DIR> d-------- C:\Program Files\AnswerWorks 4.0
2007-11-20 22:52 . 2007-11-20 22:54 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2007-11-20 22:52 . 2007-11-20 22:59 <DIR> d-------- C:\Program Files\AutoCAD LT 2004

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-25 22:51 --------- d-----w C:\Program Files\Google
2007-12-25 22:43 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-25 22:35 --------- d-----w C:\Program Files\ICQToolbar
2007-12-24 22:52 --------- d-----w C:\Users\Jitka\AppData\Roaming\AVG7
2007-12-21 22:39 --------- d-----w C:\Users\Jitka\AppData\Roaming\Skype
2007-12-15 12:19 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-13 11:15 --------- d-----w C:\ProgramData\Sonic
2007-12-12 19:47 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-07 17:03 --------- d-----w C:\Program Files\CONEXANT
2007-11-29 20:30 --------- d-----w C:\ProgramData\avg7
2007-11-29 19:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-11-29 19:14 --------- d-----w C:\ProgramData\Symantec
2007-11-19 12:30 --------- d-----w C:\Program Files\Progetto Italiano 1
2007-11-15 14:58 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-11-15 14:58 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-11-15 14:58 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-11-15 14:58 2,923,520 ----a-w C:\Windows\explorer.exe
2007-11-15 14:58 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-11-15 14:58 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2007-11-15 14:55 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
2007-11-15 14:55 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
2007-11-15 14:55 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
2007-11-15 14:55 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
2007-11-15 14:55 193,536 ----a-w C:\Windows\system32\drivers\usbhub.sys
2007-11-15 14:55 19,456 ----a-w C:\Windows\system32\drivers\usbohci.sys
2007-11-15 14:55 --------- d-----w C:\Program Files\Windows Mail
2007-11-13 19:42 --------- d-----w C:\Program Files\ProfiCAD
2007-11-13 09:20 --------- d-----w C:\Users\Jitka\AppData\Roaming\GHISLER
2007-11-13 09:20 --------- d-----w C:\Program Files\totalcmd
2007-11-13 09:19 2,156,192 ----a-w C:\Program Files\tcmdr702.exe
2007-11-11 14:26 --------- d-----w C:\Program Files\MSBuild
2007-11-11 14:26 --------- d-----w C:\Program Files\Microsoft Works
2007-11-11 14:22 --------- d-----w C:\Program Files\Microsoft.NET
2007-11-11 14:18 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2007-11-11 13:57 --------- d-----w C:\Program Files\Ahead
2007-11-11 13:40 --------- d-----w C:\Program Files\OpenOffice.org 2.2
2007-11-11 13:39 --------- d-----w C:\Users\Jitka\AppData\Roaming\OpenOffice.org2
2007-11-11 09:16 --------- d-----w C:\Users\Jitka\AppData\Roaming\ICQ Toolbar
2007-11-11 09:15 --------- d-----w C:\Program Files\ICQ6
2007-11-11 09:14 --------- d-----w C:\Users\Jitka\AppData\Roaming\ICQ
2007-11-05 17:09 --------- d-----w C:\Program Files\Java
2007-11-02 10:06 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-02 09:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-02 09:04 --------- d-----w C:\Users\Jitka\AppData\Roaming\InstallShield
2007-11-02 08:56 28,556,584 ----a-w C:\Program Files\avg75free_488a1138.exe
2007-11-01 18:41 174 --sha-w C:\Program Files\desktop.ini
2007-11-01 18:37 --------- d-----w C:\Program Files\Windows Calendar
2007-11-01 18:31 12,695,208 ----a-w C:\Program Files\Install_ICQ6.exe
2007-11-01 16:59 --------- d-----w C:\ProgramData\Skype
2007-11-01 16:59 --------- d-----w C:\Program Files\Skype
2007-11-01 16:59 --------- d-----w C:\Program Files\Common Files\Skype
2007-11-01 16:57 23,876,904 ----a-w C:\Program Files\SkypeSetup.exe
2007-11-01 16:34 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys
2007-11-01 16:34 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2007-11-01 16:34 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys
2007-11-01 16:34 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys
2007-11-01 16:34 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys
2007-09-23 10:04 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2007-09-23 10:04 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2007-09-23 10:04 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2007-09-23 10:04 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2007-06-08 20:14 60,806,850 ----a-w C:\Program Files\openofficeorg3.cab
2007-06-08 20:14 3,107,693 ----a-w C:\Program Files\openofficeorg4.cab
2007-06-08 20:11 15,262,531 ----a-w C:\Program Files\openofficeorg2.cab
2007-06-08 20:10 4,847,104 ----a-w C:\Program Files\openofficeorg22.msi
2007-06-08 20:10 319,488 ----a-w C:\Program Files\setup.exe
2007-06-08 20:10 217 ----a-w C:\Program Files\setup.ini
2007-06-08 20:10 18,071,211 ----a-w C:\Program Files\openofficeorg1.cab
2007-06-08 20:10 1,821,008 ----a-w C:\Program Files\instmsiw.exe
2007-06-08 20:10 1,707,856 ----a-w C:\Program Files\instmsia.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutoCAD Digital Signatures Icon Overlay Handler]
@={36A21736-36C2-4C11-8ACB-D4136F2B57BD}

[HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}]
2003-02-14 13:45 136352 --a------ C:\Windows\system32\AcSignIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-23 11:07]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 15:12]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 12:18]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 10:54]
"MSConfig"="C:\WINDOWS\System32\msconfig.exe" [2006-11-02 10:45]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 16:45]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-29 21:31]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2007-11-29 21:32 9216 C:\WINDOWS\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders credssp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jiří^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 19:51 39792 --a------ C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-01 10:21 153136 --a------ C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 07:00 33648 --a------ C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 15:57 153136 --a------ C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Program Files\Winamp Remote\bin\OrbTray.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-04-23 17:11 176128 --a------ C:\Program Files\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-09-25 01:11 132496 --a------ C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-12-20 16:16 37376 --a------ C:\Program Files\Winamp\winampa.exe

R1 PSched;Plánovač paketů technologie QoS;C:\Windows\system32\DRIVERS\pacer.sys [2007-11-01 17:34]
R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-16 00:38]
R3 nvsmu;nvsmu;C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 00:50]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 16:43]
S3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2007-04-18 09:51]
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2007-04-18 09:51]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-04-18 09:51]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
GPSvcGroup REG_MULTI_SZ GPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8bfbebff-6a92-11dc-a0c6-001a6bad9b5a}]
\shell\AutoRun\command - D:\Install.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
"2007-12-25 23:10:00 C:\Windows\Tasks\User_Feed_Synchronization-{5B0584BC-5769-4DC8-8CA8-6819D2E07E70}.job"
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-21 00:22:51
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-21 0:24:40 - machine was rebooted
.
2007-12-19 18:59:21 --- E O F ---

[Radkoff]

up... problém je stále aktuální, symptomy se zhoršují. moc prosím!!!

[BUBINO]

Skuste odinstalovat jeden Antivir.

Ake problemy mate?

[Radkoff]

díky.. už sem to nevydržel a celý to naformátoval