pro Bledulku Vyřešeno

[Karty]

download vysledky v txt dokumentu http://leteckaposta.cz/862224458

[Reklama]

[bledulka]

Díky.
Miliness měl pravdu, máš tam pravděpodobně tdl4 rootkita, což je taková hodně vychytaná Mbr potvora.Ted to bude chtít od Tebe trošku trpělivosti, máš zašvihané MBR sektory na disku, než to vyčistíme. Některé ty skeny jsou zdlouhavé.
A prosím tě logy vkládej sem, je to přehlednější


Otestuj na http://www.virustotal.com
mtbjfghn.xbe
-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.

*********************


Stáhni TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- ulož ho na plochu a 2x klikni na ikonu programu a spusť
- dej volbu Spustit kontrolu - pak potvrd start sken
- pokud program najde infikovaný soubor, ukáže se předvolená akce Cure, v tom případě potvrd tlačítko Continue
- když bude chtít program restartovat počítač, klikni na tlačítko Reboot Now
- pokud si restart nevyžádá, klikni na tlačítko Report. Měl by vyskočit log, zkopíruj ho zde.

[Karty]

http://www.virustotal.com/file-scan/rep ... 1299147488


A ten TDSSKiller neco nasel a chtelo to reboot. Po rebootu sem dal znova proverit a uz tam nic neni :)

[bledulka]

A nějaký log na Tebe nevypadl? Zkus se podívat na disk C, měl by tam být log s označení tdsskiler..

Bude pro Tebe problém odinstalovat AVG? Combofix se s ním nesnáší .

[Karty]

Promin bledulko logy sou dokonce 3 sem zapomel :) . AVG mam odninsteny myslim uz. A tady je ten Log http://leteckaposta.cz/191304263

[bledulka]

Fajn, spustíš combofix a Mbr.exe, pak dočistíme ještě některé sektory. Do BSOD už pc nepadá?

Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano

- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna

- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.



Stáhni MBR
http://www2.gmer.net/mbr/mbr.exe
-ulož ho na plochu a spusť

-na ploše se vytvoří log s názvem mbr.log, vlož ho sem

[Karty]

http://leteckaposta.cz/703261777 tady to mas. a zatim mi to nespadlo doufam ze to ani nespadne :)

[bledulka]

Hodím si sem log z combofixu, ať je to přehlednější. Mbr.exe je ok. Prosím tě zopakuj velký gmer, pak dočistíme ty sektory .
Ten program c:\program files\AutocompletePro jsi používal?




ComboFix 11-03-02.05 - Karty 03.03.2011 14:49:05.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.2526.1489 [GMT 1:00]
Spuštěný z: c:\users\Karty\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AutocompletePro
c:\program files\AutocompletePro\64\AutocompletePro64.dll
c:\program files\AutocompletePro\AutocompletePro.dll
c:\program files\AutocompletePro\FireFoxExtension.exe
c:\program files\AutocompletePro\chrome\autocompleteprochrome.crx
c:\program files\AutocompletePro\ChromeSetSearchInBrowser.exe
c:\program files\AutocompletePro\InstTracker.exe
c:\program files\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js
c:\program files\AutocompletePro\support@predictad.com\chrome.manifest
c:\program files\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul
c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.js
c:\program files\AutocompletePro\support@predictad.com\chrome\content\options.xul
c:\program files\AutocompletePro\support@predictad.com\chrome\content\utils.js
c:\program files\AutocompletePro\support@predictad.com\install.rdf
c:\program files\AutocompletePro\unins000.dat
c:\program files\AutocompletePro\unins000.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-03 do 2011-03-03 )))))))))))))))))))))))))))))))
.

2011-03-03 13:55 . 2011-03-03 13:56 -------- d-----w- c:\users\Karty\AppData\Local\temp
2011-03-03 13:55 . 2011-03-03 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-02 13:01 . 2011-03-03 10:38 -------- d-----w- c:\program files\ICQ7.4
2011-03-01 23:01 . 2011-03-01 23:09 -------- d-----w- c:\program files\Condition Zero
2011-03-01 16:01 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D522DAFC-B0D2-4B91-A868-5D020E2C90FF}\mpengine.dll
2011-03-01 11:28 . 2009-03-27 00:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2011-03-01 11:28 . 2011-03-01 11:49 -------- d-----w- c:\program files\HWMonitor
2011-02-26 10:57 . 2011-02-26 10:58 -------- d-----w- c:\users\Karty\AppData\Roaming\TS3Client
2011-02-26 10:57 . 2011-02-26 10:57 -------- d-----w- c:\program files\TeamSpeak 3 Client
2011-02-22 14:06 . 2011-02-22 14:06 -------- d-----w- c:\program files\Rockstar Games
2011-02-22 14:06 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-02-22 14:06 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-02-22 14:06 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-02-22 14:06 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-02-22 14:06 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-02-22 14:06 . 2011-02-22 14:06 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-02-22 14:06 . 2011-02-22 14:06 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-02-22 13:37 . 2011-02-22 13:37 -------- d-----w- c:\users\Karty\AppData\Roaming\Carambis
2011-02-20 18:20 . 2011-02-20 18:20 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2011-02-20 13:44 . 2011-02-20 13:44 -------- d-----w- c:\program files\Vypínač na dobrou noc
2011-02-19 15:14 . 2011-02-19 15:14 -------- d-----w- c:\users\Karty\AppData\Roaming\360desktop
2011-02-19 14:57 . 2011-02-19 14:57 -------- d-----w- c:\program files\xRay
2011-02-19 14:53 . 2011-02-19 14:53 -------- d-----w- c:\program files\BMI
2011-02-19 13:36 . 2011-02-19 13:36 -------- d-----w- c:\programdata\Martau
2011-02-19 13:35 . 2011-02-19 13:36 -------- d-----w- c:\program files\Total Uninstall 5
2011-02-19 13:33 . 2011-02-19 13:33 -------- d-----w- c:\windows\lhsp
2011-02-16 19:20 . 2004-10-22 01:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-02-16 19:20 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-02-16 19:20 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-02-16 19:20 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-02-16 19:20 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-02-16 19:20 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-02-16 19:20 . 2011-02-16 19:20 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-02-16 19:20 . 2011-02-16 19:20 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-02-16 17:56 . 2011-02-16 17:56 -------- d-----w- c:\program files\Common Files\Steam
2011-02-16 17:22 . 2011-02-19 20:37 -------- d-----w- c:\program files\Valve
2011-02-16 15:40 . 2011-02-16 15:40 -------- d-----w- c:\program files\Driver-Soft
2011-02-15 19:46 . 2011-02-15 19:46 -------- d-----w- c:\program files\HD Tune
2011-02-15 18:55 . 2011-02-15 18:55 -------- d-----w- c:\program files\Crawler
2011-02-15 18:55 . 2011-02-15 18:55 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-02-15 18:55 . 2011-02-27 11:17 -------- d-----w- c:\users\Karty\AppData\Roaming\Spyware Terminator
2011-02-15 18:55 . 2011-03-03 10:13 -------- d-----w- c:\programdata\Spyware Terminator
2011-02-15 18:55 . 2011-02-27 12:12 -------- d-----w- c:\program files\Spyware Terminator
2011-02-13 13:02 . 2011-02-13 13:03 -------- d-----w- c:\users\Karty\AppData\Local\Axialis
2011-02-13 11:39 . 2011-02-13 11:39 -------- d-----w- c:\program files\PrintScreen
2011-02-13 11:23 . 2011-02-13 11:31 -------- d-----w- c:\users\Karty\AppData\Roaming\IrfanView
2011-02-13 11:21 . 2011-02-13 11:21 -------- d-----w- c:\users\Karty\AppData\Roaming\DonationCoder
2011-02-12 19:26 . 2011-02-12 19:26 -------- d-----w- c:\users\Karty\AppData\Local\Google Translator
2011-02-12 19:17 . 2011-02-12 19:29 -------- d-----w- c:\users\Karty\AppData\Local\Opera
2011-02-12 19:17 . 2011-02-12 19:17 -------- d-----w- c:\program files\Opera
2011-02-12 18:14 . 2011-02-12 18:14 -------- d-----w- c:\users\Karty\AppData\Roaming\Ahead
2011-02-12 11:58 . 2011-02-12 11:58 -------- d-----w- c:\program files\CamStudio
2011-02-12 11:17 . 2011-02-12 11:17 -------- d-----w- c:\program files\Microsoft FrontPage
2011-02-12 11:11 . 2011-02-12 11:12 -------- d-----w- c:\windows\Msagent
2011-02-12 11:07 . 2011-02-12 11:07 -------- d-----w- c:\users\Karty\AppData\Roaming\Microsoft Web Folders
2011-02-08 20:46 . 2011-03-02 19:29 -------- d-----w- c:\users\Karty\AppData\Local\Pinnacle
2011-02-08 20:41 . 2004-03-29 16:23 90112 ----a-w- c:\windows\unvise32.exe
2011-02-08 20:41 . 2011-02-08 20:41 -------- d-----w- c:\program files\LooksBuilderSE
2011-02-08 20:38 . 2011-02-08 20:38 -------- d-----w- c:\program files\Common Files\Pinnacle
2011-02-08 20:37 . 2011-02-08 20:37 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2011-02-08 20:29 . 2011-02-08 20:29 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2011-02-08 20:29 . 2011-02-08 20:29 -------- d-----w- c:\programdata\Studio 14
2011-02-08 20:29 . 2011-02-08 20:29 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2011-02-08 20:29 . 2011-02-08 20:29 -------- d-----w- c:\program files\Common Files\Yahoo!
2011-02-08 18:05 . 2011-02-08 20:40 -------- d-----w- c:\program files\Pinnacle
2011-02-08 17:35 . 2011-02-08 20:36 -------- d-----w- c:\programdata\Pinnacle
2011-02-07 17:27 . 2011-02-07 17:27 -------- d-----w- c:\programdata\Yahoo! Companion
2011-02-06 20:30 . 2004-03-08 22:00 131856 ----a-w- c:\windows\system32\MSADODC.ocx
2011-02-06 18:53 . 2011-02-06 18:53 -------- d-----w- C:\$AVG
2011-02-06 18:22 . 2011-02-06 18:22 -------- d-----w- c:\users\Karty\AppData\Local\AVG Security Toolbar
2011-02-06 18:16 . 2011-02-06 18:16 -------- d--h--w- c:\programdata\Common Files
2011-02-06 18:10 . 2011-02-21 18:52 -------- d-----w- c:\programdata\AVG10
2011-02-06 18:10 . 2011-02-20 12:54 -------- d-----w- c:\windows\system32\drivers\AVG
2011-02-06 18:09 . 2011-02-06 18:09 -------- d-----w- c:\program files\AVG
2011-02-06 17:57 . 2011-02-06 18:09 -------- d-----w- c:\programdata\MFAData
2011-02-05 22:23 . 2011-03-03 10:12 -------- d-----w- c:\users\Karty\AppData\Roaming\skypePM
2011-02-05 22:22 . 2011-02-05 22:22 -------- d-----w- c:\program files\Common Files\Skype
2011-02-05 22:22 . 2011-02-05 22:22 -------- d-----r- c:\program files\Skype
2011-02-05 22:22 . 2011-03-03 10:38 -------- d-----w- c:\users\Karty\AppData\Roaming\Skype
2011-02-05 22:22 . 2011-02-05 22:22 -------- d-----w- c:\programdata\Skype
2011-02-04 16:40 . 2011-02-26 01:29 -------- d-----w- c:\users\Karty\AppData\Local\Google
2011-02-04 15:35 . 2011-02-04 15:35 -------- d-----w- c:\windows\system32\zh-CHS
2011-02-04 15:35 . 2011-02-04 15:35 -------- d-----w- c:\windows\system32\drivers\UMDF\zh-CN
2011-02-04 15:35 . 2011-02-04 15:35 -------- d-----w- c:\windows\system32\drivers\zh-CN
2011-02-04 15:34 . 2011-02-04 15:34 -------- d-----w- c:\windows\system32\wbem\zh-CN
2011-02-04 15:34 . 2011-02-04 15:34 -------- d-----w- c:\windows\zh-CN
2011-02-04 13:06 . 2011-02-19 14:33 -------- d-----w- c:\program files\Common Files\Ahead
2011-02-04 13:06 . 2011-02-04 13:06 -------- d-----w- c:\program files\Nero
2011-02-04 13:06 . 2009-07-13 18:51 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\zh-CN\LXKPTPRC.DLL.mui
2011-02-04 13:05 . 2009-07-13 17:15 27136 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\imchxlm.dll
2011-02-04 13:05 . 2009-07-13 17:15 378368 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mshwchs.dll
2011-02-04 13:05 . 2009-07-13 17:06 12607488 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\mshwchsr.dll
2011-02-04 13:03 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-02-04 12:59 . 2011-02-04 12:59 -------- d-----w- c:\program files\Yahoo!
2011-02-03 22:53 . 2011-02-03 22:53 -------- d-----w- c:\program files\PowerISO
2011-02-03 16:24 . 2011-02-03 16:24 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-02 15:14 . 2011-02-02 15:14 -------- d-----w- c:\program files\Managed DirectX (0901)
2011-02-01 16:06 . 2011-02-01 16:06 -------- d-----w- c:\programdata\Sony Corporation
2011-02-01 16:06 . 2011-02-01 16:06 -------- d-----w- c:\users\Karty\AppData\Roaming\Sony Corporation
2011-02-01 16:05 . 2011-02-01 16:05 -------- d-----w- c:\program files\Common Files\Sony Shared
2011-02-01 16:00 . 2011-02-01 16:05 -------- d-----w- c:\program files\Sony

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-14 20:42 . 2011-01-14 20:42 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-01-06 21:19 . 2011-01-06 21:19 1110 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-01-03 19:31 . 2010-12-05 15:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-31 11:43 . 2010-12-29 12:14 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-12-31 11:43 . 2010-12-29 12:14 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-12-31 11:43 . 2010-12-29 12:14 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-12-29 12:33 . 2010-12-29 12:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-12-26 14:18 . 2010-12-26 14:18 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-26 14:18 . 2010-12-26 14:18 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-25 14:37 . 2010-12-25 14:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-08 03:12 . 2010-12-08 03:12 251728 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-12-05 15:20 . 2010-12-05 15:20 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-02-10 03:18 . 2010-12-07 13:06 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2008-07-27 20:11 1606680 ----a-w- c:\program files\TorrentMan\tbTorr.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-07-27 1606680]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-07-27 1606680]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FVDSuite"="c:\program files\FVD Suite\fvdbox.exe" [2010-02-18 43520]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Gadwin PrintScreen"="c:\program files\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-02-15 3318784]
"Steam"="c:\program files\Valve\Steam\steam.exe" [2011-02-16 1242448]
"Google Update"="c:\users\Karty\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-26 136176]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-03-01 119608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-03 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-03 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-03 21072]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-05 1343400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-02-15 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-13 172032]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-06-05 27320]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - klmd25
.
Obsah adresáře 'Naplánované úlohy'

2011-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3026045114-3363892907-3697162385-1000Core.job
- c:\users\Karty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-26 01:28]

2011-03-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3026045114-3363892907-3697162385-1000UA.job
- c:\users\Karty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-26 01:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10206&bi=400
IE: Crawler Search - tbr:iemenu
IE: FVDToolbar Add Page - c:\program files\FVD Suite\addons\IE\FVDToolbar.dll/IECONTEXT.DLL.HTM
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-AutocompletePro3_is1 - c:\program files\AutocompletePro\unins000.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Nero\Nero 7\\nero\uninstall\UNNERO.exe
AddRemove-NeroMediaHome!UninstallKey - c:\windows\UNNeroMediaHome.exe
AddRemove-NeroRecode!UninstallKey - c:\windows\UNRecode.exe
AddRemove-NeroShowTime!UninstallKey - c:\windows\UNNeroShowTime.exe
AddRemove-NeroVision!UninstallKey - c:\windows\UNNeroVision.exe


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-03 14:58:14
ComboFix-quarantined-files.txt 2011-03-03 13:58

Před spuštěním: Volných bajtů: 85 562 490 880
Po spuštění: Volných bajtů: 88 422 334 464

- - End Of File - - 6D00CCF2774E76C6308242B5991672D7

[Karty]

http://leteckaposta.cz/480617797
a jeste to ten AutocompletePro sem nepouzival ani nvm co to je xD xD

[bledulka]

Fajn, ani nic čistit nemusíme, je to ok.
Jak je na tom počítač?

Tuto složku znáš?
c:\program files\LooksBuilderSE

[Karty]

Jo pocitac je zatim v poho dekuju moc hrozne :) a nn neznam co sni??

[bledulka]

Prosím tě koukni do ní, co v ní je