PC-HELP.CZ

Zdravím všechny, prosím o radu ohledně viru z facebooku. Vymazal mi antiviry, nepomáhá ani léčení disku z jiného pc. Koukal jsem na diskuze že už to řešíte ale každý má mít své téma. Posilam log. Moc děkuji za rady...


Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24.9.2011 11:29:44
mbam-log-2011-09-24 (11-29-38).txt

Typ: Rychlá kontrola
Kontrolované objekty: 229124
Uplynulý čas: 6 minut, 15 sekund

Infikované procesy v paměti: 11
Infikované moduly v paměti: 0
Infikované klíče v registru: 13
Infikované hodnoty v registru: 9
Infikované datové položky v registru: 3
Infikované složky: 7
Infikované soubory: 100

Infikované procesy v paměti:
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> 1748 -> No action taken.
c:\WINDOWS\update.tray-10-0\svchost.exe (Trojan.Dropper) -> 3972 -> No action taken.
c:\WINDOWS\update.tray-3-0\svchost.exe (Trojan.Dropper) -> 3980 -> No action taken.
c:\WINDOWS\update.tray-2-0\svchost.exe (Trojan.Dropper) -> 3988 -> No action taken.
c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 4000 -> No action taken.
c:\WINDOWS\systemup.exe (Trojan.FakeAlert) -> 208 -> No action taken.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> 1660 -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 780 -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 2140 -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 596 -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 844 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160F76A-1992-4B17-A32D-0C706D159105} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDBFB47B-58A8-4111-BF95-06178DCE326D} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Delf) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SRVSYSDRIVER32 (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico2 (Trojan.Dropper) -> Value: tray_ico2 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico3 (Trojan.Dropper) -> Value: tray_ico3 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.FakeAlert) -> Value: systemup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Delf) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Delf) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Data (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins (Adware.DoubleD) -> No action taken.

Infikované soubory:
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.tray-10-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.tray-3-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.tray-2-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\services32.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\Temp\6137380.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Setup.exe (Adware.DoubleD) -> No action taken.
c:\WINDOWS\systemup.exe (Trojan.FakeAlert) -> No action taken.
c:\WINDOWS\Temp\339451128.exe (Trojan.FakeAlert.Gen) -> No action taken.
c:\WINDOWS\Temp\973031621.exe (Trojan.FakeAlert.Gen) -> No action taken.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> No action taken.
c:\WINDOWS\sysdriver32_.exe (Trojan.Delf) -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\bg.jpg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\currentversion.xml (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\extractzipfile.zip (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\icon.ico (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\tdf.dat (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Data\productinfo.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\248d6576afce4ee94af42d7350131106.gif (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\24a70fb875fab686b6b3c217612bc07c.gif (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\default1.dat (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\loading.dat (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Cache\loading.gif (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_screensaver.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_cursor.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_dailyvideo.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_game.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_glitter.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_logo.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_option.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_recipe.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_ringtone.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_search.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_smiley.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_smiley_config.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_smiley_tellafriend.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_wallpaper.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\module_web.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\pixel.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\productinfo.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\profile.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\searchenginelist.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\toolbarlayout.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\updatecentre.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\updatecentrebk.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\urldynamic.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Data\urlstatic.mx (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_recipe.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\About.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\component_combobox.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_cursor.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_cursor.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_dailyvideo.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_game.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_glitter.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_glitter.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_logo.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_option.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_ringtone.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_screensaver.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_search.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_smiley.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_smiley.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_wallpaper.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\module_web.mg (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtndefault.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtndisplay.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtndisplay.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtndisplay18.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtndisplay20.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnglitters.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnglitters.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnglitters18.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnglitters20.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnoption.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnsmiley.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnsmiley.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnsmiley18.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnsmiley20.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtntellfd.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtntellfd.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtntellfd18.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtntellfd20.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnwink.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnwink.png (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnwink18.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Icons\tbbtnwink20.bmp (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\tellafriendskin.skf (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\tellafriendskin_s.skf (Adware.DoubleD) -> No action taken.
c:\documents and settings\ladislav hoffmann\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\TDF\Skins\toastskin.skf (Adware.DoubleD) -> No action taken.

Vím, že to sem tak úplně nepatří, ale přesto bych se chtěl zaptat, jestli nevíte o nějakém článku, který by se těm virů co se teď šíří po facebooku? Já jsem našel jen samé staré 2010...
Děkuji.

Něco málo najdeš na Igiho stránce o virech

Peťa: Když víš, že to tu nepatří, tak proč to děláš? Zas abychom to potom moderovali...

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24.9.2011 16:14:44
mbam-log-2011-09-24 (16-14-44).txt

Typ: Rychlá kontrola
Kontrolované objekty: 228870
Uplynulý čas: 6 minut, 32 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Ale ten Combo Fix nikde nemůžu nalézt,,,googlí se mi samé pochybné odkazy....

Promiň, moje chyba, z návodu mi vypadly tagy. Už je to opraveno

Jinak jsem po restartu zkusil Avasta a normálně se mi nainstaloval, našel dva problemy... Trojáka a nějaký robot. vše vymazal.....

Dělej to co radíme a ne nic na vlastní pěst. Pak se nám to bude křížit a maximálně ten počítač dodrbem

Tak tady to je:


ComboFix 11-08-24.02 - Ladislav Hoffmann 24.09.2011 16:46:12.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3062.2231 [GMT 2:00]
Spuštěný z: c:\documents and settings\TEMP\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.50 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ladislav Hoffmann\Local Settings\Temporary Internet Files\_tm21.tmp
c:\documents and settings\Ladislav Hoffmann\Local Settings\Temporary Internet Files\stb06759.tmp
c:\documents and settings\Ladislav Hoffmann\WINDOWS
c:\documents and settings\TEMP\WINDOWS
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\iun6002.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\proc_list1.log
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\update.7.1
c:\windows\update.7.1\svchostdriver.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DDSERVICE
-------\Service_ddservice
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-24 do 2011-09-24 )))))))))))))))))))))))))))))))
.
.
2011-09-24 11:40 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-24 11:40 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-24 11:40 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-24 11:40 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-09-24 11:40 . 2011-09-24 11:40 -------- d-----w- c:\program files\AVAST Software
2011-09-24 11:40 . 2011-09-24 11:40 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-09-24 09:20 . 2011-09-24 09:20 -------- d-----w- c:\documents and settings\TEMP\Data aplikací\Malwarebytes
2011-09-24 09:20 . 2011-09-24 09:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-09-24 09:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-24 09:20 . 2011-09-24 09:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-24 09:20 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-23 20:17 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-10-0
2011-09-23 20:17 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-10-0-lnk
2011-09-23 20:11 . 2011-09-23 20:11 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-09-23 20:11 . 2011-09-23 20:11 126512 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-09-23 20:11 . 2011-09-23 20:11 -------- d-----w- c:\program files\Symantec
2011-09-23 20:11 . 2011-09-23 20:11 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-09-23 20:11 . 2011-09-23 20:11 -------- d-----w- c:\windows\system32\drivers\NIS
2011-09-23 20:11 . 2011-09-23 20:11 -------- d-----w- c:\program files\Windows Sidebar
2011-09-23 20:05 . 2011-09-23 20:05 -------- d-----w- c:\program files\CCleaner
2011-09-23 17:20 . 2011-09-23 17:20 -------- d-----w- c:\windows\ufa
2011-09-23 17:01 . 2011-09-23 17:15 246272 ----a-w- c:\windows\unrar.exe
2011-09-23 16:37 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-2-0
2011-09-23 16:37 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-2-0-lnk
2011-09-23 16:37 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-3-0
2011-09-23 16:37 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-09-23 16:09 . 2011-09-23 16:09 502208 ----a-w- c:\windows\system32\drivers\amon.sys
2011-09-23 16:09 . 2011-09-23 16:09 270336 ----a-w- c:\windows\system32\imon.dll
2011-09-23 16:06 . 2011-09-24 07:34 -------- d-----w- c:\windows\av_ico
2011-09-23 15:45 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-7-0
2011-09-23 15:45 . 2011-09-24 11:11 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-09-23 15:35 . 2011-09-23 15:35 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-09-23 15:30 . 2011-09-23 15:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-22 20:49 . 2011-09-22 20:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2008-04-13 23:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-13 23:27 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-04 11:43 . 2010-11-24 05:59 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:35 . 2010-11-24 05:59 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2010-11-24 05:59 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2010-11-24 05:59 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2010-11-24 05:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-11-24 05:59 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-04 17:01 . 2009-09-04 17:01 525656 -c--a-w- c:\program files\DXSETUP.exe
2009-09-04 17:01 . 2009-09-04 17:01 94024 -c--a-w- c:\program files\DSETUP.dll
2009-09-04 17:01 . 2009-09-04 17:01 1691464 -c--a-w- c:\program files\dsetup32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-04-24 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 148888]
"USB Storage Toolbox"="c:\program files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 65536]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-12-11 417792]
"EPSON Stylus D68 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" [2005-01-25 98304]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\TEMP\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Registration Brothers In Arms.LNK - d:\support\Register\RegistrationReminder.exe [N/A]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
Wireless N-lite USB Adapter Utility.lnk - c:\program files\ZyXEL\NWD-270N\Common\NWD-270N.exe [2009-11-19 1806336]
.
c:\documents and settings\TEMP\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Registration Brothers In Arms.LNK - d:\support\Register\RegistrationReminder.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\Repair.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [24.4.2009 8:23 119808]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.6.2009 9:26 721904]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1201000.025\SymDS.sys [23.9.2011 22:11 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1201000.025\SymEFA.sys [23.9.2011 22:11 666672]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.9.2011 13:40 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24.9.2011 13:40 309848]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.9.2011 13:40 19544]
S1 BHDrvx86;BHDrvx86;\??\c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx86.sys --> c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx86.sys [?]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1201000.025\Ironx86.sys [23.9.2011 22:11 134704]
S2 gupdate1ca7e66463c2f16;Služba Google Update (gupdate1ca7e66463c2f16);c:\program files\Google\Update\GoogleUpdate.exe [16.12.2009 17:41 133104]
S2 NIS;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe" /s "NIS" /m "c:\program files\Norton Internet Security\Engine\18.1.0.37\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [16.12.2009 17:41 133104]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [30.11.2010 20:31 24448]
S3 IDSxpx86;IDSxpx86;\??\c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSxpx86.sys --> c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSxpx86.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [2.6.2009 16:28 51040]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-16 15:41]
.
2011-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-16 15:41]
.
2011-09-24 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: imon.dll
TCP: Interfaces\{FE19647B-F84E-4677-A339-543451B9CDE7}: NameServer = 194.228.110.17,90.183.231.251
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico4 - (no file)
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-TWAIN FieryScan - c:\program files\Electronics for Imaging
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-24 17:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\## aswSnx private storage
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.1.0.37\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1220)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
- - - - - - - > 'explorer.exe'(2004)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Celkový čas: 2011-09-24 17:08:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-24 15:08
.
Před spuštěním: Volných bajtů: 121 209 548 800
Po spuštění: Volných bajtů: 123 117 928 448
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect /usepmtimer
.
- - End Of File - - 251B91678C100769027BEA5F6656EA72

Máš Avast, norton a ESET - který chceš nechat

Mám jen Avast ty ostatní mi mi hlásil ten program ale ten vir je smazal na disku je nemám ani v odstranění softwaru, nevím kde jsou zbytky. Jinak Avast mám už nainstalovaný, jestli je špatnej tak poradte,,, jinak bych si ho nechal. Líbí se mi rozhraní.