nový notebook a kontrola

[shearer79]

potřebuji poradit co vše mohu vypnout při spuštění notebooku.mám tam mnoho povolených aplikací a nevím,co jsou zač.Děkuji.

[Damned]

Stáhni si z mého podpisu HijackThis, a podle návodu udělej log a vlož mi ho sem.

[shearer79]

jdu nato,ještě mi to pořád píše přetečení vyrovnávací paměti.je tam od výrobce naistalován mcafee a nemůžu se ho zbavit.byl na zkušební dobu.asi ho odinstaluji.

[shearer79]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:38, on 5.12.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Windows\system32\igfxext.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... ensa_5635z" onclick="window.open(this.href);return false;
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... ensa_5635z" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... ensa_5635z" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q C:\$Recycle.Bin\S-1-5-~2\$RTK66G6.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q C:\$Recycle.Bin\S-1-5-~2\$RTK66G6.SH! (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C" onclick="window.open(this.href);return false;:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C" onclick="window.open(this.href);return false;:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0069601260026834) (0069601260026834mcinstcleanup) - Unknown owner - C:\Windows\TEMP\006960~1.EXE (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

--
End of file - 10622 bytes

[Damned]

Odinstaluj si ICQ6 Toolbar.
Máš tam McAfee a avast! 2 antiviry na jednom PC je jako nemít žádný. Odinstaluj McAfee.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0069601260026834) (0069601260026834mcinstcleanup) - Unknown owner - C:\Windows\TEMP\006960~1.EXE (file missing)
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[shearer79]

tak jdu na to,za chvilku pošlu log.

[Damned]

jasně

[shearer79]

po odinstalování tam zbylo jen k zaškrtnutí R3 URL....no name.
Malwarebytes' Anti-Malware 1.42
Verze databáze: 3289
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

6.12.2009 16:00:23
mbam-log-2009-12-06 (16-00-23).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 94357
Uplynulý čas: 4 minute(s), 46 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[Damned]

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[shearer79]

za chvilku pošlu log.

[shearer79]

ComboFix 09-12-06.07 - Míša 06.12.2009 20:56.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1976.1161 [GMT 1:00]
Spuštěný z: c:\users\Míša\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1324794974-4190842602-2887481159-500
c:\windows\Suyin.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-06 do 2009-12-06 )))))))))))))))))))))))))))))))
.

2009-12-06 14:54 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-06 14:54 . 2009-12-06 14:54 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-06 14:54 . 2009-12-06 14:54 -------- d-----w- c:\programdata\Malwarebytes
2009-12-06 14:54 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-06 14:34 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-05 20:36 . 2009-12-05 20:37 -------- d-----w- c:\windows\system32\ca-ES
2009-12-05 20:36 . 2009-12-05 20:37 -------- d-----w- c:\windows\system32\eu-ES
2009-12-05 20:36 . 2009-12-05 20:37 -------- d-----w- c:\windows\system32\vi-VN
2009-12-05 16:49 . 2009-12-05 16:49 -------- d-----w- c:\program files\Trend Micro
2009-12-05 16:40 . 2009-12-05 16:40 4096 d-----w- c:\windows\system32\EventProviders
2009-12-05 16:31 . 2009-12-05 16:31 -------- d-----w- c:\program files\VS Revo Group
2009-12-05 15:59 . 2009-12-06 15:12 4096 d-----w- c:\program files\Wise Disk Cleaner
2009-12-05 15:53 . 2009-12-05 15:57 4096 d-----w- c:\program files\Wise Registry Cleaner
2009-12-05 13:07 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-12-05 12:56 . 2009-12-05 12:56 -------- d-----w- c:\program files\CCleaner
2009-12-05 12:53 . 2009-12-05 12:53 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1314.tmp.exe
2009-11-27 17:21 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 13:34 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 13:34 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-20 09:54 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-11-20 09:54 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-11-19 20:45 . 2009-11-19 20:28 20038136 ----a-w- c:\program files\AVSDVDPlayer.exe
2009-11-19 20:37 . 2009-11-19 20:37 -------- d-----w- c:\programdata\AVS4YOU
2009-11-19 20:36 . 2009-11-19 20:36 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-11-19 20:36 . 2008-11-24 11:00 638976 ----a-w- c:\windows\system32\divx.dll
2009-11-19 20:36 . 2008-11-24 11:00 524288 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-19 20:36 . 2008-11-24 11:00 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2009-11-19 20:36 . 2008-11-24 11:00 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2009-11-19 20:36 . 2008-11-24 11:00 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-19 20:36 . 2008-11-24 11:00 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2009-11-19 20:36 . 2008-11-24 11:00 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-11-19 20:36 . 2008-11-24 11:00 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-11-19 20:36 . 2008-11-24 11:00 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-11-19 20:36 . 2009-11-19 20:37 4096 d-----w- c:\program files\AVS4YOU
2009-11-19 20:22 . 2009-04-11 06:28 1589248 ----a-w- c:\windows\system32\msjet40.dll
2009-11-19 20:21 . 2009-04-11 06:28 524288 ----a-w- c:\windows\system32\sqlsrv32.dll
2009-11-19 20:20 . 2009-04-11 06:28 29184 ----a-w- c:\windows\system32\wsepno.dll
2009-11-19 20:19 . 2009-04-11 06:28 47104 ----a-w- c:\windows\system32\wbem\WmiPerfInst.dll
2009-11-19 20:18 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-11-19 20:18 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-11-19 20:18 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-11-19 20:18 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-11-19 20:18 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-11-19 20:18 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-11-19 20:18 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-11-19 20:17 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-11-19 20:17 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-11-19 20:17 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-11-19 20:15 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-11-15 19:30 . 2009-11-15 19:30 8192 d-----w- c:\windows\SQL9_KB970892_ENU
2009-11-14 11:20 . 2009-11-14 11:20 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-14 10:51 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-13 15:32 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-13 15:32 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-13 15:32 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-11-13 15:32 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-13 15:32 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-13 15:32 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-13 15:32 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-13 15:32 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-13 15:32 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-13 15:32 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-13 15:32 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-11-13 15:30 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-13 15:30 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-13 15:30 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-13 15:30 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-13 15:30 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-13 15:30 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-13 15:29 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-13 15:29 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-11-13 15:29 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-13 15:29 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-11-13 15:29 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-13 15:29 . 2009-04-11 06:28 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-13 15:29 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-11-13 15:29 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-13 15:29 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-13 15:29 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-11-13 15:29 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-11-13 15:29 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-11-13 15:24 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-11-13 15:24 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\mfps.dll
2009-11-13 15:24 . 2009-04-11 06:27 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-13 15:24 . 2009-04-11 06:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-13 15:24 . 2009-04-11 04:54 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-13 15:23 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-13 15:23 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-13 15:23 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-11-13 15:23 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-13 15:22 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-11-13 15:22 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-13 15:22 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-13 15:18 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-11-13 15:18 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-11-13 15:16 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-13 14:48 . 2009-12-06 14:34 4096 d-----w- c:\program files\ICQ6Toolbar
2009-11-13 14:48 . 2009-11-13 14:48 -------- d-----w- c:\programdata\ICQ
2009-11-13 14:45 . 2009-11-13 14:50 12288 d-----w- c:\program files\ICQ6.5
2009-11-13 14:42 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-11-13 14:42 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-11-13 14:42 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-11-13 14:42 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-11-13 14:38 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-11-13 14:38 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-11-13 14:38 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-11-13 14:38 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-13 14:32 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-11-13 14:31 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-11-13 14:31 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-11-13 14:31 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-11-13 14:31 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-13 14:21 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-13 14:21 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-13 14:21 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-13 14:21 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-13 14:21 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-13 14:20 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-13 14:20 . 2009-09-15 10:55 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-13 14:20 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-13 14:20 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-13 14:20 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-11-13 14:20 . 2009-11-13 14:20 -------- d-----w- c:\program files\Alwil Software
2009-11-13 13:42 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-11-13 13:42 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-06 19:55 . 2008-01-21 06:46 645540 ----a-w- c:\windows\system32\perfh005.dat
2009-12-06 19:55 . 2008-01-21 06:46 132514 ----a-w- c:\windows\system32\perfc005.dat
2009-12-06 14:32 . 2009-05-16 16:08 4096 d-----w- c:\programdata\McAfee
2009-12-05 20:37 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-12-05 20:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-12-05 20:37 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-12-05 20:37 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-12-05 20:37 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-12-05 20:37 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-12-05 20:37 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-12-05 20:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-19 14:24 . 2009-11-19 14:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-11-15 19:39 . 2009-05-16 15:47 12288 d-----w- c:\programdata\Microsoft Help
2009-11-15 19:36 . 2009-05-16 15:49 4096 d-----w- c:\program files\Microsoft Works
2009-11-15 19:31 . 2009-05-16 15:50 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-13 14:48 . 2009-05-16 15:38 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-11-13 14:02 . 2009-05-16 16:00 4096 d-----w- c:\program files\Google
2009-11-06 22:11 . 2009-05-16 16:27 4096 d-----w- c:\program files\Acer
2009-11-06 22:03 . 2009-11-06 22:03 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-11-06 21:49 . 2009-05-16 15:35 -------- d-----w- c:\program files\Intel
2009-11-06 21:45 . 2009-11-06 21:45 -------- d-sh--we c:\programdata\Plocha
2009-11-06 21:45 . 2009-11-06 21:45 -------- d-sh--we c:\programdata\Oblíbené položky
2009-11-06 21:45 . 2009-11-06 21:45 -------- d-sh--we c:\programdata\Šablony
2009-11-06 21:45 . 2009-11-06 21:45 -------- d-sh--we c:\programdata\Nabídka Start
2009-11-06 21:45 . 2009-11-06 21:45 -------- d-sh--we c:\programdata\Dokumenty
2009-11-06 21:45 . 2009-11-06 21:45 -------- d-sh--we c:\programdata\Data aplikací
2009-09-30 05:53 . 2009-09-30 05:53 1184768 ----a-w- c:\windows\system32\drivers\athr.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-06 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-25 150552]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2008-11-05 474168]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-05 1434920]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-04-03 698912]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-5-16 565248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
c:\program files\ICQ6.5\ICQ.exe silent [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 00:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-05-16 16:00 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-03-05 07:43 805384 ----a-w- c:\program files\Launch Manager\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2009-12-03 15:14 429392 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
2008-07-29 18:29 200704 ----a-w- c:\windows\PLFSetI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-11-06 21:49 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):45,c3,f7,83,eb,75,ca,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [13.11.2009 15:21 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [13.11.2009 15:21 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [13.11.2009 15:20 53328]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [6.11.2009 23:06 723488]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [23.9.2008 13:11 144632]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17.4.2007 20:09 11032]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [16.5.2009 17:27 237568]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\System32\drivers\L1C60x86.sys [4.9.2009 5:34 53248]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [16.5.2009 17:00 30192]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17.5.2009 0:06 4232704]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [23.9.2008 13:11 50424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/" onclick="window.open(this.href);return false;
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=1109&m=extensa_5635z" onclick="window.open(this.href);return false;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-GridVista - c:\windows\GVUni.exe GridV.UNI
AddRemove-LManager - c:\windows\UnInst32.exe LManager.UNI



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Rootkit scan 2009-12-06 21:10
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2009-12-06 21:13
ComboFix-quarantined-files.txt 2009-12-06 20:13

Před spuštěním: Volných bajtů: 194 583 621 632
Po spuštění: Volných bajtů: 194 531 573 760

- - End Of File - - 39CD27B57657F51966E87F46F70D6121

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\programdata\Google\Google Toolbar\Update\gtb1314.tmp.exe
C:\Windows\TEMP\006960~1.EXE
C:\Windows\*.tmp
C:\Windows\System32\*.tmp

Folder::
c:\program files\ICQ6Toolbar
c:\programdata\McAfee
C:\Program Files\mcafee




Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače