prosím o kontrolu logu HJT - format Vyřešeno

[alsl]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:50, on 23.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\netvork\NetworkIndicator.exe
C:\Program Files\365dni\365dniNET.exe
C:\Program Files\FeedReader30\feedreader.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HTC Home2\HTCHome.exe
C:\Program Files\QIP 2010\qip.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\inet\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [NetworkIndicator] C:\Program Files\netvork\NetworkIndicator.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 365dniNET – zastupce.lnk
O4 - Startup: feedreader – zastupce.lnk
O4 - Startup: HTCHome – zastupce.lnk
O4 - Startup: qip – zastupce.lnk
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Stбhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stбhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stбhnout s IDM vљechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D508A778-DA56-45F2-804D-FBA154F75CD8}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D508A778-DA56-45F2-804D-FBA154F75CD8}: NameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D508A778-DA56-45F2-804D-FBA154F75CD8}: NameServer = 192.168.2.1
O20 - AppInit_DLLs:
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe

--
End of file - 5387 bytes

[Reklama]

[memphisto]

Který nástroj používáš z COMODO IS? Jak chybí písma? Kde?

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[alsl]

http://www.pc-help.cz/viewtopic.php?f=4 ... 21#p469721 zde problem ...proto
ta kontrola ´pouzivam comodo antivirus

[album]350[/album]

[alsl]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databбze: 5852

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.2.2011 16:47:30
mbam-log-2011-02-23 (16-47-30).txt

Typ kontroly: Rychlэ test
Testovanй objekty: 133836
Uplynulэ иas: 5 minut, 39 sekund

Infikovanй procesy v pamмti: 0
Infikovanй moduly v pamмti: 0
Infikovanй klниe v registru: 0
Infikovanй hodnoty v registru: 0
Infikovanй datovй poloћky v registru: 0
Infikovanй sloћky: 0
Infikovanй soubory: 0

Infikovanй procesy v pamмti:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)

Infikovanй moduly v pamмti:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)

Infikovanй klниe v registru:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)

Infikovanй hodnoty v registru:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)

Infikovanй datovй poloћky v registru:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)

Infikovanй sloћky:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)

Infikovanй soubory:
(Ћбdnй љkodlivй poloћky nebyly zjiљtмny)


omlouvam se za ten log ale ta zavada stim pismem prave souvisi

[memphisto]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[alsl]

ComboFix 11-02-22.06 - alsl 23.02.2011 17:02:36.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2038.978 [GMT 1:00]
Spuљtмnэ z: c:\inet\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvoшen novэ Bod Obnovenн
.

((((((((((((((((((((((((((((((((((((((( Ostatnн vэmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\alsl\AppData\Local\Temp\sfamcc00001.dll
c:\users\alsl\AppData\Local\Temp\sfareca00001.dll

.
((((((((((((((((((((((((( Soubory vytvoшenй od 2011-01-23 do 2011-02-23 )))))))))))))))))))))))))))))))
.

2011-02-23 16:49 . 2011-02-23 16:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-23 15:40 . 2011-02-23 15:40 -------- d-----w- c:\users\alsl\AppData\Roaming\Malwarebytes
2011-02-23 15:40 . 2011-02-23 15:40 -------- d-----w- c:\programdata\Malwarebytes
2011-02-23 14:26 . 2011-02-23 14:26 -------- d-----w- c:\users\alsl\DoctorWeb
2011-02-23 11:20 . 2011-02-23 11:21 -------- d-----w- c:\program files\blue
2011-02-23 06:59 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 06:59 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 06:59 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 06:59 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-02-21 07:42 . 2011-02-21 07:42 -------- d-----w- c:\program files\Watermark Image
2011-02-20 15:38 . 2011-02-20 15:38 -------- d-----w- c:\programdata\DivX
2011-02-20 08:31 . 2011-02-20 08:39 -------- d-----w- c:\program files\SlimComputer
2011-02-18 10:04 . 2011-02-18 10:06 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-02-14 08:55 . 2011-02-22 11:23 -------- d-----w- C:\fimware
2011-02-11 22:10 . 2011-01-25 10:40 85768 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2011-02-10 20:29 . 2011-02-10 20:34 -------- d-----w- c:\program files\FreshDevices
2011-02-10 16:12 . 2011-02-10 16:30 -------- d-----w- c:\programdata\PC Tools
2011-02-09 19:03 . 2011-02-16 09:02 -------- d-----w- c:\program files\Microsoft Silverlight
2011-02-09 18:33 . 2011-02-09 18:34 -------- d-----w- c:\program files\netvork
2011-02-08 19:53 . 2010-12-18 05:29 860160 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-02-06 10:05 . 2011-02-06 10:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-06 10:05 . 2011-02-06 10:05 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-02-05 14:30 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-02-05 14:30 . 2010-11-26 17:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-01-29 21:28 . 2011-01-29 21:28 -------- d-----w- c:\users\alsl\AppData\Local\RadioSure

.
(((((((((((((((((((((((((((((((((((((((( Find3M vэpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-17 08:10 . 2011-01-18 11:00 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-01-06 16:36 . 2011-01-06 16:36 80064 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-06 16:36 . 2011-01-06 16:36 35768 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-06 16:36 . 2011-01-06 16:36 236600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-06 16:36 . 2011-01-06 16:36 17256 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-02 13:45 . 2011-01-18 13:38 476040 ----a-w- C:\speedyfox.exe
2010-12-29 00:42 . 2010-12-29 00:42 285480 ----a-w- c:\windows\system32\guard32.dll
2010-12-18 11:03 . 2010-12-18 11:03 21696 ----a-w- c:\windows\system32\speedfan.sys
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\UC.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\RAR.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\PKZIP.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\LHA.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\ARJ.PIF
2010-12-16 07:38 . 2011-01-18 11:00 103232 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-12-10 12:24 . 2011-01-18 11:00 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys
.

(((((((((((((((((((((((((((((((((( Spouљtмcн body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznбmka* prбzdnй zбznamy a legitimnн vэchozн ъdaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-01-25 10:40 67680 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2011-02-04 19:41 497664 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
"NetworkIndicator"="c:\program files\netvork\NetworkIndicator.exe" [2010-10-25 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-19 2548552]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2011-02-04 91648]

c:\users\alsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
365dniNET - z stupce.lnk - [N/A]
feedreader - z stupce.lnk - [N/A]
HTCHome - z stupce.lnk - [N/A]
qip - z stupce.lnk - [N/A]
SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2011-1-12 4491456]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-01-06 17256]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-01-06 236600]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2011-01-17 251560]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2010-11-25 160448]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2010-11-24 89192]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [2010-11-25 124992]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
.
------- Doplтkovэ sken -------
.
IE: Stahnout s IDM
IE: Stahnout s IDM obsah FLV videa
IE: Stahnout s IDM vsechny odkazy
IE: Stahnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stahnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stahnout s IDM vsechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stбhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stбhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stбhnout s IDM vљechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: {D508A778-DA56-45F2-804D-FBA154F75CD8} = 192.168.2.1
FF - ProfilePath - c:\users\alsl\AppData\Roaming\Mozilla\Firefox\Profiles\q38zo0vk.default\
FF - prefs.js: browser.startup.homepage - hxxp://cestiny.idnes.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: AutoPager: autopager@mozilla.org - %profile%\extensions\autopager@mozilla.org
FF - Ext: Element Hiding Helper for Adblock Plus: elemhidehelper@adblockplus.org - %profile%\extensions\elemhidehelper@adblockplus.org
FF - Ext: HTML5 Extension for Windows Media Player Plug-in: jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack - %profile%\extensions\jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack
FF - Ext: TryAgain: {992791ee-61dc-7b98-a8fd-dc49b7deeee9} - %profile%\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Classic Compact: {D46E8522-6E86-44b1-A622-58C0668AD78E} - %profile%\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}
FF - Ext: MinimizeToTrayPlus: {de1b245c-de57-11da-ba2d-0050c2490048} - %profile%\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\alsl\AppData\Roaming\IDM\idmmzcc3
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
--------------------- ZAMKNUTЙ KLНИE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navбzanй na bмћнcн procesy ---------------------

- - - - - - - > 'Explorer.exe'(2988)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\igfxrCSY.lrc
.
------------------------ Jinй spuљtenй procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\365dni\365dniNET.exe
c:\program files\FeedReader30\feedreader.exe
c:\program files\HTC Home2\HTCHome.exe
c:\program files\QIP 2010\qip.exe
.
**************************************************************************
.
Celkovэ иas: 2011-02-23 18:04:34 - poинtaи byl restartovбn
ComboFix-quarantined-files.txt 2011-02-23 17:04

Pred spustenim: Volnэch bajtщ: 95 666 196 480
Po spusteni: Volnэch bajtщ: 95 572 086 784

- - End Of File - - E9C7778D60E829F3740E75EE554E8670

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"=-
"EnableLUA"=-
"ConsentPromptBehaviorAdmin"=-
"PromptOnSecureDesktop"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-
"NoFileAssociate"=-

Firefox::
FF - ProfilePath - c:\users\alsl\AppData\Roaming\Mozilla\Firefox\Profiles\q38zo0vk.default\
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?query=

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[alsl]

ComboFix 11-02-22.06 - alsl 24.02.2011 8:38.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2038.995 [GMT 1:00]
Spuљtмnэ z: c:\users\alsl\Desktop\ComboFix.exe
Pouћitй ovlбdacн pшepнnaиe :: c:\users\alsl\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvoшen novэ Bod Obnovenн
.

((((((((((((((((((((((((((((((((((((((( Ostatnн vэmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\alsl\AppData\Local\Temp\sfamcc00001.dll
c:\users\alsl\AppData\Local\Temp\sfareca00001.dll

.
((((((((((((((((((((((((( Soubory vytvoшenй od 2011-01-24 do 2011-02-24 )))))))))))))))))))))))))))))))
.

2011-02-24 07:53 . 2011-02-24 07:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-23 15:40 . 2011-02-23 15:40 -------- d-----w- c:\users\alsl\AppData\Roaming\Malwarebytes
2011-02-23 15:40 . 2011-02-23 15:40 -------- d-----w- c:\programdata\Malwarebytes
2011-02-23 14:26 . 2011-02-23 14:26 -------- d-----w- c:\users\alsl\DoctorWeb
2011-02-23 11:20 . 2011-02-23 11:21 -------- d-----w- c:\program files\blue
2011-02-23 06:59 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 06:59 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 06:59 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 06:59 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-02-21 07:42 . 2011-02-21 07:42 -------- d-----w- c:\program files\Watermark Image
2011-02-20 15:38 . 2011-02-20 15:38 -------- d-----w- c:\programdata\DivX
2011-02-20 08:31 . 2011-02-20 08:39 -------- d-----w- c:\program files\SlimComputer
2011-02-18 10:04 . 2011-02-18 10:06 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-02-14 08:55 . 2011-02-22 11:23 -------- d-----w- C:\fimware
2011-02-11 22:10 . 2011-01-25 10:40 85768 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2011-02-10 20:29 . 2011-02-10 20:34 -------- d-----w- c:\program files\FreshDevices
2011-02-10 16:12 . 2011-02-10 16:30 -------- d-----w- c:\programdata\PC Tools
2011-02-09 19:03 . 2011-02-16 09:02 -------- d-----w- c:\program files\Microsoft Silverlight
2011-02-09 18:33 . 2011-02-09 18:34 -------- d-----w- c:\program files\netvork
2011-02-08 19:53 . 2010-12-18 05:29 860160 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-02-06 10:05 . 2011-02-06 10:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-06 10:05 . 2011-02-06 10:05 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-02-05 14:30 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-02-05 14:30 . 2010-11-26 17:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-01-29 21:28 . 2011-01-29 21:28 -------- d-----w- c:\users\alsl\AppData\Local\RadioSure

.
(((((((((((((((((((((((((((((((((((((((( Find3M vэpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-17 08:10 . 2011-01-18 11:00 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-01-06 16:36 . 2011-01-06 16:36 80064 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-06 16:36 . 2011-01-06 16:36 35768 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-06 16:36 . 2011-01-06 16:36 236600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-06 16:36 . 2011-01-06 16:36 17256 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-02 13:45 . 2011-01-18 13:38 476040 ----a-w- C:\speedyfox.exe
2010-12-29 00:42 . 2010-12-29 00:42 285480 ----a-w- c:\windows\system32\guard32.dll
2010-12-18 11:03 . 2010-12-18 11:03 21696 ----a-w- c:\windows\system32\speedfan.sys
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\UC.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\RAR.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\PKZIP.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\LHA.PIF
2010-12-17 06:56 . 2011-01-18 17:52 545 ----a-w- c:\windows\ARJ.PIF
2010-12-16 07:38 . 2011-01-18 11:00 103232 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-12-10 12:24 . 2011-01-18 11:00 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys
.

(((((((((((((((((((((((((((((((((( Spouљtмcн body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznбmka* prбzdnй zбznamy a legitimnн vэchozн ъdaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-01-25 10:40 67680 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2011-02-04 19:41 497664 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
"NetworkIndicator"="c:\program files\netvork\NetworkIndicator.exe" [2010-10-25 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-19 2548552]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2011-02-04 91648]

c:\users\alsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
365dniNET - z stupce.lnk - [N/A]
feedreader - z stupce.lnk - [N/A]
HTCHome - z stupce.lnk - [N/A]
qip - z stupce.lnk - [N/A]
SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2011-1-12 4491456]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-01-06 17256]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-01-06 236600]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2011-01-17 251560]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2010-11-25 160448]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2010-11-24 89192]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [2010-11-25 124992]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
.
------- Doplтkovэ sken -------
.
IE: Stahnout s IDM
IE: Stahnout s IDM obsah FLV videa
IE: Stahnout s IDM vsechny odkazy
IE: Stahnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stahnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stahnout s IDM vsechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stбhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stбhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stбhnout s IDM vљechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: {D508A778-DA56-45F2-804D-FBA154F75CD8} = 192.168.2.1
FF - ProfilePath - c:\users\alsl\AppData\Roaming\Mozilla\Firefox\Profiles\q38zo0vk.default\
FF - prefs.js: browser.startup.homepage - hxxp://cestiny.idnes.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: AutoPager: autopager@mozilla.org - %profile%\extensions\autopager@mozilla.org
FF - Ext: Element Hiding Helper for Adblock Plus: elemhidehelper@adblockplus.org - %profile%\extensions\elemhidehelper@adblockplus.org
FF - Ext: HTML5 Extension for Windows Media Player Plug-in: jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack - %profile%\extensions\jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack
FF - Ext: TryAgain: {992791ee-61dc-7b98-a8fd-dc49b7deeee9} - %profile%\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Classic Compact: {D46E8522-6E86-44b1-A622-58C0668AD78E} - %profile%\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}
FF - Ext: MinimizeToTrayPlus: {de1b245c-de57-11da-ba2d-0050c2490048} - %profile%\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\alsl\AppData\Roaming\IDM\idmmzcc3
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
--------------------- Knihovny navбzanй na bмћнcн procesy ---------------------

- - - - - - - > 'Explorer.exe'(2272)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\igfxrCSY.lrc
.
------------------------ Jinй spuљtenй procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\taskhost.exe
c:\program files\PC Tools Firewall Plus\FWService.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\365dni\365dniNET.exe
c:\program files\FeedReader30\feedreader.exe
c:\program files\HTC Home2\HTCHome.exe
c:\program files\QIP 2010\qip.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkovэ иas: 2011-02-24 09:00:31 - poинtaи byl restartovбn
ComboFix-quarantined-files.txt 2011-02-24 08:00
ComboFix2.txt 2011-02-23 17:04

Pred spustenim: Volnэch bajtщ: 95 605 846 016
Po spusteni: Volnэch bajtщ: 95 166 705 664

- - End Of File - - 4D52EA1FD2F412D1B98548253383C138

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?