pls o pomoc

caute ,vedel by mi niekto pomoct ,moj comp zamrza hlavne pri hrach hudbe atd.log sim vam uz zaslala ale problem pretrvava nadalej,spustila som prog-doktor web nacita 35 %a dalej uz nemoze ,tiez spybot nejde aktualizovat ani otvorit .RAM mam 512MB.DIK

skus este raz log + stiahni si memtest...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:50, on 14.2.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\TBPanel.exe
C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Biba\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{35E14677-B6CA-44E4-950C-B0BD52E41730}: NameServer = 195.146.132.58 195.146.128.60
O17 - HKLM\System\CS1\Services\Tcpip\..\{35E14677-B6CA-44E4-950C-B0BD52E41730}: NameServer = 195.146.132.58 195.146.128.60
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 4133 bytes

..log je O.K..
..skus si stiahnut memtest a otestovat ramku...

mwav program po 10.minutach sam vypne.alebo zamrzne,je to strasne.ale tune up mi dáva hlasku ze active x invalid a treba ho odinstalovat ale neviem ako .

skus este ComboFix =>
http://download.bleepingcomputer.com/sU ... mboFix.exe

Riaď sa inštrukciami na obrazovke, neklikaj, počítač môže byť reštartovaný. Vlož sem obsah súbora C:\ComboFix.txt

klikla som na link zrejme je nefunkcny hlasi no found

..oops. zrusili link, skus tento..
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

nedari sa odoslat
.log

ComboFix 08-02-14.2 - Biba 2008-02-14 10:44:05.1 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1033.18.246 [GMT 1:00]
Running from: C:\Documents and Settings\Biba\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\regedit.com
C:\WINDOWS\system32\acbfaaac_g.dll
C:\WINDOWS\system32\taskmgr.com

.
((((((((((((((((((((((((( Files Created from 2008-01-14 to 2008-02-14 )))))))))))))))))))))))))))))))
.

2008-02-14 05:34 . 2008-02-14 05:34 <DIR> d-------- C:\Documents and Settings\Biba\DoctorWeb
2008-02-14 04:27 . 2008-02-14 04:27 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-09 16:17 . 2008-02-09 16:17 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-02-09 13:29 . 2008-02-09 13:29 <DIR> d--hs---- C:\Documents and Settings\Biba\Phone Browser
2008-02-09 13:18 . 2008-02-09 13:18 <DIR> d-------- C:\Program Files\DIFX
2008-02-09 13:18 . 2008-02-09 13:18 <DIR> d-------- C:\Documents and Settings\Biba\Application Data\PC Suite
2008-02-09 13:18 . 2008-02-09 13:19 <DIR> d-------- C:\Documents and Settings\Biba\Application Data\Nokia
2008-02-09 13:18 . 2008-02-09 13:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-09 13:17 . 2008-02-10 10:17 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-09 13:17 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-02-09 13:10 . 2008-02-09 13:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-02-09 13:09 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-03 14:12 . 2008-02-05 09:23 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-02-03 14:12 . 2008-02-03 14:13 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-02-03 14:12 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-01-30 17:05 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-30 17:05 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-30 17:05 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-30 17:05 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-30 17:05 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-30 17:05 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-30 17:05 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-30 17:05 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-29 13:08 . 2008-01-29 13:08 <DIR> d-------- C:\Program Files\Innovative Solutions
2008-01-29 13:08 . 2008-01-29 13:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
2008-01-29 12:42 . 2008-01-29 12:44 <DIR> d-------- C:\Program Files\nLite
2008-01-29 12:32 . 2000-01-24 09:01 2,023,424 --a------ C:\WINDOWS\system32\vcl50.bpl
2008-01-29 12:32 . 2003-12-25 22:00 1,873,920 --a------ C:\WINDOWS\system32\Rz30Ctls50.bpl
2008-01-29 12:32 . 2000-01-31 08:00 1,496,064 --a------ C:\WINDOWS\system32\cc3250mt.dll
2008-01-29 12:32 . 2000-01-24 09:01 248,832 --a------ C:\WINDOWS\system32\vclx50.bpl
2008-01-29 12:32 . 2001-08-11 20:50 158,720 --a------ C:\WINDOWS\system32\DM15_50.bpl
2008-01-29 12:32 . 2000-01-31 01:00 147,456 --a------ C:\WINDOWS\system32\Bcbsmp50.bpl
2008-01-29 12:32 . 2000-01-24 08:01 101,888 --a------ C:\WINDOWS\system32\vcljpg50.bpl
2008-01-29 12:32 . 2000-01-31 09:00 25,600 --a------ C:\WINDOWS\system32\BORLNDMM.DLL
2008-01-29 12:32 . 2000-01-31 08:00 9,087 --a------ C:\WINDOWS\system32\wininet.lib
2008-01-28 15:56 . 2008-01-28 15:56 <DIR> d-------- C:\WINDOWS\PIF
2008-01-28 12:52 . 2008-01-28 12:52 <DIR> d-------- C:\Documents and Settings\Biba\Application Data\GlarySoft
2008-01-28 12:41 . 2008-01-30 16:30 <DIR> d-------- C:\Program Files\Absolute Uninstaller
2008-01-27 14:58 . 2008-01-27 15:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-01-27 14:40 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx
2008-01-24 22:12 . 2008-01-24 22:12 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-24 22:12 . 2008-01-24 22:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-23 13:10 . 2008-01-23 13:10 <DIR> d-a------ C:\WINDOWS\zts2.exe
2008-01-23 13:10 . 2008-01-23 13:10 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-01-23 13:10 . 2008-01-23 13:10 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-01-23 13:10 . 2008-01-23 13:10 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-01-23 13:10 . 2008-01-23 13:10 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2008-01-23 13:10 . 2008-01-23 13:10 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2008-01-23 13:09 . 2008-02-03 21:52 50 --a------ C:\WINDOWS\Lic.xxx
2008-01-23 13:07 . 2004-08-04 13:00 146,432 --a------ C:\WINDOWS\R.COM
2008-01-23 13:07 . 2004-08-04 13:00 135,680 --a------ C:\WINDOWS\system32\T.COM
2008-01-22 09:00 . 2008-01-22 09:00 <DIR> d-------- C:\Documents and Settings\Biba\Application Data\Pointstone
2008-01-22 08:57 . 2008-01-23 20:49 <DIR> d-------- C:\Program Files\Pointstone
2008-01-22 08:57 . 2008-01-24 03:58 <DIR> d-------- C:\Program Files\Common Files\Pointstone

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-13 14:22 --------- d-----w C:\Program Files\Ford Racing 3
2008-02-05 08:24 --------- d-----w C:\Documents and Settings\Biba\Application Data\SpinTop
2008-02-03 13:12 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-03 13:07 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-01-29 13:25 --------- d-----w C:\Documents and Settings\Biba\Application Data\TV JOJ Media Player
2008-01-29 11:39 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-29 04:47 --------- d-----w C:\Program Files\TV JOJ Media Player
2007-12-27 17:32 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-25 13:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-12-25 08:37 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-23 19:00 --------- d-----w C:\Program Files\Cimaware
2007-12-23 18:57 --------- d-----w C:\Documents and Settings\Biba\Application Data\Cimaware
2007-12-21 07:21 71,176 ----a-w C:\WINDOWS\system32\drivers\epfw.sys
2007-12-21 07:21 53,768 ----a-w C:\WINDOWS\system32\drivers\epfwtdi.sys
2007-12-21 07:19 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-15 09:01 155,648 ----a-w C:\WINDOWS\system32\libssl32.dll
2007-12-15 06:54 --------- d-----w C:\Program Files\7-Zip
2007-12-14 09:30 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-12-07 00:44 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-02 09:17 356,352 ----a-w C:\WINDOWS\eSellerateEngine.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="C:\WINDOWS\TBPanel.exe" [2005-07-25 09:39 2043904]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-20 14:07 7110656]
"CnxDslTaskBar"="C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" [2004-06-16 10:55 233472]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24 32768]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 13:00]
R3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-06-16 10:51]
R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-06-16 10:51]
R3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys [2004-06-16 10:51]
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-04 13:00]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-03 14:13]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e06086bc-d707-11dc-8cab-001333c27746}]
\Shell\AutoRun\command - E:\Web'n'walk_Helper.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-02-08 16:16:18 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-14 10:45:15
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-14 10:45:42
ComboFix-quarantined-files.txt 2008-02-14 09:45:33
.
2008-02-14 03:28:08 --- E O F ---

tiahnite Avenger -–>
http://swandog46.geekstogo.com/avenger.exe

Spustiť – „Input script manually“ – Lupa – Skopírovať kód – „Done“ – Semafor – Potvrdiť – Nasleduje reštart PC



potom sem vloz log z avengera

momentalne musim prec ,budem to tu mat vecer este raz moc dik

vypise mi toto:error:selected file doesnot app to be a valid script

uz tu to mas opravene.
potom sem vloz log z avengera

idem na to:-)

vypisuje stale tu istu hlasku

skusila si aj to druhe, co som slal?

vypisuje stale tu istu chybu

ano prepisala som to

neprepisuj to, ale skopiruj z prvej stranky, kde som to opat poslal uplne dole

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\ulkgvixb

*******************

Script file located at: \??\C:\Documents and Settings\fksracga.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\imsins.BAK deleted successfully.


Error: C:\WINDOWS\zts2.exe is a folder, not a file!
Deletion of file C:\WINDOWS\zts2.exe failed!

Could not process line:
C:\WINDOWS\zts2.exe
Status: 0xc00000ba



Error: C:\WINDOWS\system32\vcmgcd32.dll is a folder, not a file!
Deletion of file C:\WINDOWS\system32\vcmgcd32.dll failed!

Could not process line:
C:\WINDOWS\system32\vcmgcd32.dll
Status: 0xc00000ba



Error: C:\WINDOWS\system32\iifgfgf.dll is a folder, not a file!
Deletion of file C:\WINDOWS\system32\iifgfgf.dll failed!

Could not process line:
C:\WINDOWS\system32\iifgfgf.dll
Status: 0xc00000ba



Error: C:\WINDOWS\rundll16.exe is a folder, not a file!
Deletion of file C:\WINDOWS\rundll16.exe failed!

Could not process line:
C:\WINDOWS\rundll16.exe
Status: 0xc00000ba



Error: C:\WINDOWS\rundl132.dll is a folder, not a file!
Deletion of file C:\WINDOWS\rundl132.dll failed!

Could not process line:
C:\WINDOWS\rundl132.dll
Status: 0xc00000ba



Error: C:\WINDOWS\logo1_.exe is a folder, not a file!
Deletion of file C:\WINDOWS\logo1_.exe failed!

Could not process line:
C:\WINDOWS\logo1_.exe
Status: 0xc00000ba

File C:\WINDOWS\Lic.xxx deleted successfully.
File C:\WINDOWS\R.COM deleted successfully.
File C:\WINDOWS\system32\T.COM deleted successfully.


File uz tu to mas opravene. not found!
Deletion of file uz tu to mas opravene. failed!

Could not process line:
uz tu to mas opravene.
Status: 0xc0000034



File potom sem vloz log z avengera not found!
Deletion of file potom sem vloz log z avengera failed!

Could not process line:
potom sem vloz log z avengera
Status: 0xc0000034



File _________________ not found!
Deletion of file _________________ failed!

Could not process line:
_________________
Status: 0xc0000034



File AMD Athlon 64 X2 4600+ EE 2400@3000 6000+, ARCTIC Freezer 64 PRO l MB: Asus M2N-E l 4x1GB RAM Kingmax Dual l Sapphire x1950xt 256MB DDR3 620/1800@729/2088 + Accelero S1 + Primecooler Fan controller l Tv karta: Winfast TV 2000 XP l Fortron 400W, Genius HT..Sony Ericsson W600i..Peugeot 307 2.0 HDi 79kw, 108koni:)..7-micky nohy a asik vsetko:))) OS: Ubuntu 7.10 GG - legalny not found!
Deletion of file AMD Athlon 64 X2 4600+ EE 2400@3000 6000+, ARCTIC Freezer 64 PRO l MB: Asus M2N-E l 4x1GB RAM Kingmax Dual l Sapphire x1950xt 256MB DDR3 620/1800@729/2088 + Accelero S1 + Primecooler Fan controller l Tv karta: Winfast TV 2000 XP l Fortron 400W, Genius HT..Sony Ericsson W600i..Peugeot 307 2.0 HDi 79kw, 108koni:)..7-micky nohy a asik vsetko:))) OS: Ubuntu 7.10 GG - legalny failed!

Could not process line:
AMD Athlon 64 X2 4600+ EE 2400@3000 6000+, ARCTIC Freezer 64 PRO l MB: Asus M2N-E l 4x1GB RAM Kingmax Dual l Sapphire x1950xt 256MB DDR3 620/1800@729/2088 + Accelero S1 + Primecooler Fan controller l Tv karta: Winfast TV 2000 XP l Fortron 400W, Genius HT..Sony Ericsson W600i..Peugeot 307 2.0 HDi 79kw, 108koni:)..7-micky nohy a asik vsetko:))) OS: Ubuntu 7.10 GG - legalny
Status: 0xc0000034



File Naposledy upravil yaJohny dňa Št 14.02.08 19:57, celkom upravené 1 krát. not found!
Deletion of file Naposledy upravil yaJohny dňa Št 14.02.08 19:57, celkom upravené 1 krát. failed!

Could not process line:
Naposledy upravil yaJohny dňa Št 14.02.08 19:57, celkom upravené 1 krát.
Status: 0xc0000034



File Zobraziť informácie o autoroviOdoslať súkromnú správuICQ not found!
Deletion of file Zobraziť informácie o autoroviOdoslať súkromnú správuICQ failed!

Could not process line:
Zobraziť informácie o autoroviOdoslať súkromnú správuICQ
Status: 0xc0000034



File biba5 not found!
Deletion of file biba5 failed!

Could not process line:
biba5
Status: 0xc0000034



File Užívateľ not found!
Deletion of file Užívateľ failed!

Could not process line:
Užívateľ
Status: 0xc0000034



File Užívateľ not found!
Deletion of file Užívateľ failed!

Could not process line:
Užívateľ
Status: 0xc0000034



File Založený: 11.01.2008 not found!
Deletion of file Založený: 11.01.2008 failed!

Could not process line:
Založený: 11.01.2008
Status: 0xc0000034



File PríspevokZaslal: Št 14.02.08 19:57 Odpovedať s citátomNávrat hore not found!
Deletion of file PríspevokZaslal: Št 14.02.08 19:57 Odpovedať s citátomNávrat hore failed!

Could not process line:
PríspevokZaslal: Št 14.02.08 19:57 Odpovedať s citátomNávrat hore
Status: 0xc0000034



File idem na to:-) not found!
Deletion of file idem na to:-) failed!

Could not process line:
idem na to:-)
Status: 0xc0000034



File Zobraziť informácie o autoroviOdoslať súkromnú správu not found!
Deletion of file Zobraziť informácie o autoroviOdoslať súkromnú správu failed!

Could not process line:
Zobraziť informácie o autoroviOdoslať súkromnú správu
Status: 0xc0000034



File Zobraziť príspevky z predchádzajúcich: not found!
Deletion of file Zobraziť príspevky z predchádzajúcich: failed!

Could not process line:
Zobraziť príspevky z predchádzajúcich:
Status: 0xc0000034



File Zaslať odpoveď Obsah fóra » Antivíry, bezpečnosť a internet » Antivíry a antispywary Choď na stránku 1, 2 Ďalšia not found!
Deletion of file Zaslať odpoveď Obsah fóra » Antivíry, bezpečnosť a internet » Antivíry a antispywary Choď na stránku 1, 2 Ďalšia failed!

Could not process line:
Zaslať odpoveď Obsah fóra » Antivíry, bezpečnosť a internet » Antivíry a antispywary Choď na stránku 1, 2 Ďalšia
Status: 0xc0000034



File Nemôžete pridávať nové témy do tohto fóra. not found!
Deletion of file Nemôžete pridávať nové témy do tohto fóra. failed!

Could not process line:
Nemôžete pridávať nové témy do tohto fóra.
Status: 0xc0000034



File Nemôžete odpovedať na témy v tomto fóre. not found!
Deletion of file Nemôžete odpovedať na témy v tomto fóre. failed!

Could not process line:
Nemôžete odpovedať na témy v tomto fóre.
Status: 0xc0000034



File Nemôžete upravovať svoje príspevky v tomto fóre. not found!
Deletion of file Nemôžete upravovať svoje príspevky v tomto fóre. failed!

Could not process line:
Nemôžete upravovať svoje príspevky v tomto fóre.
Status: 0xc0000034



File Nemôžete mazať svoje príspevky v tomto fóre. not found!
Deletion of file Nemôžete mazať svoje príspevky v tomto fóre. failed!

Could not process line:
Nemôžete mazať svoje príspevky v tomto fóre.
Status: 0xc0000034



File Nemôžete hlasovať v tomto fóre. not found!
Deletion of file Nemôžete hlasovať v tomto fóre. failed!

Could not process line:
Nemôžete hlasovať v tomto fóre.
Status: 0xc0000034



File Powered by phpBB 2.x.x & phpBB SEO © 2008 phpBB Group, edited by JanoF not found!
Deletion of file Powered by phpBB 2.x.x & phpBB SEO © 2008 phpBB Group, edited by JanoF failed!

Could not process line:
Powered by phpBB 2.x.x & phpBB SEO © 2008 phpBB Group, edited by JanoF
Status: 0xc0000034



File Hosting zaisťuje WebSupport.sk, monitoring WebMonitor.sk, pripojené cez VNET.sk not found!
Deletion of file Hosting zaisťuje WebSupport.sk, monitoring WebMonitor.sk, pripojené cez VNET.sk failed!

Could not process line:
Hosting zaisťuje WebSupport.sk, monitoring WebMonitor.sk, pripojené cez VNET.sk
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.

teraz urob to iste, ale skopiruj tam len toto v bielom

ale ako neda sa vybrat ,to co si mi poslal

myskou to v kode oznacis, prave tlacitko, das kopirovat, potom Spustiť avenger– „Input script manually“ – Lupa – vlozit to, co si skopirovala – „Done“ – Semafor – Potvrdiť – Nasleduje reštart PC

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\nduelnaj

*******************

Script file located at: \??\C:\WINDOWS\hdmxqnfp.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\imsins.BAK not found!
Deletion of file C:\WINDOWS\imsins.BAK failed!

Could not process line:
C:\WINDOWS\imsins.BAK
Status: 0xc0000034



Error: C:\WINDOWS\zts2.exe is a folder, not a file!
Deletion of file C:\WINDOWS\zts2.exe failed!

Could not process line:
C:\WINDOWS\zts2.exe
Status: 0xc00000ba



Error: C:\WINDOWS\system32\vcmgcd32.dll is a folder, not a file!
Deletion of file C:\WINDOWS\system32\vcmgcd32.dll failed!

Could not process line:
C:\WINDOWS\system32\vcmgcd32.dll
Status: 0xc00000ba



Error: C:\WINDOWS\system32\iifgfgf.dll is a folder, not a file!
Deletion of file C:\WINDOWS\system32\iifgfgf.dll failed!

Could not process line:
C:\WINDOWS\system32\iifgfgf.dll
Status: 0xc00000ba



Error: C:\WINDOWS\rundll16.exe is a folder, not a file!
Deletion of file C:\WINDOWS\rundll16.exe failed!

Could not process line:
C:\WINDOWS\rundll16.exe
Status: 0xc00000ba



Error: C:\WINDOWS\rundl132.dll is a folder, not a file!
Deletion of file C:\WINDOWS\rundl132.dll failed!

Could not process line:
C:\WINDOWS\rundl132.dll
Status: 0xc00000ba



Error: C:\WINDOWS\logo1_.exe is a folder, not a file!
Deletion of file C:\WINDOWS\logo1_.exe failed!

Could not process line:
C:\WINDOWS\logo1_.exe
Status: 0xc00000ba



File C:\WINDOWS\Lic.xxx not found!
Deletion of file C:\WINDOWS\Lic.xxx failed!

Could not process line:
C:\WINDOWS\Lic.xxx
Status: 0xc0000034



File C:\WINDOWS\R.COM not found!
Deletion of file C:\WINDOWS\R.COM failed!

Could not process line:
C:\WINDOWS\R.COM
Status: 0xc0000034



File C:\WINDOWS\system32\T.CO not found!
Deletion of file C:\WINDOWS\system32\T.CO failed!

Could not process line:
C:\WINDOWS\system32\T.CO
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.

bibi ale skopiruj tam ten posledny kod co som slal, nie to iste co predtym...
toto som myslel:

chvilocku

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\iwqpklol

*******************

Script file located at: \??\C:\idnxwsvp.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Folder C:\WINDOWS\zts2.exe deleted successfully.
Folder C:\WINDOWS\system32\vcmgcd32.dll deleted successfully.
Folder C:\WINDOWS\system32\iifgfgf.dll deleted successfully.
Folder C:\WINDOWS\rundll16.exe deleted successfully.
Folder C:\WINDOWS\rundl132.dll deleted successfully.
Folder C:\WINDOWS\logo1_.exe deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

podarilo sa teraz restart PC a novy hjt log + combofix log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:18:20, on 14.2.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\TBPanel.exe
C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Biba\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Microcom\ADSL DeskPorte USB\CnxDslTb.exe" "Microcom\ADSL DeskPorte USB"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 3975 bytes