trojský kůn Vyřešeno

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
SecCenter::
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

Folder::
c:\programdata\ESET(1)
c:\program files\ESET(0)
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=-
"EnableUIADesktopToggle"=-

DDS::
uStart Page = my.daemon-search.com
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmdt


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Reklama]

[Dokyxxx]

udělal sem t oa najednou mi to ukázalo tabulku varonáví!! Combofix zjistil,že následující bezpečnostní programy mají zapnuté rezidentní štíty:
antivirus: ESET NOD32 Antivirus 4.2
antispyware: ESET NOD32 Antivirus 4.2

vůbec netušim jak to vypnout

[memphisto]

Klidně potvrď a nech dokončit sken. Ve skriptu je pak příkaz na vymazání této chyby...

[Dokyxxx]

ComboFix 11-08-22.03 - Standard 22.08.2011 18:01:02.2.4 - x86 NETWORK
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3582.2926 [GMT 2:00]
Spuštěný z: c:\users\Standard\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Standard\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\ESET(0)
c:\program files\ESET(0)\ESET NOD32 Antivirus\em000_32.dat
c:\program files\ESET(0)\ESET NOD32 Antivirus\em001_32.dat
c:\programdata\ESET(1)
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 14:35 . 2011-08-22 14:35 -------- d-----w- c:\users\Standard\AppData\Roaming\Malwarebytes
2011-08-22 14:35 . 2011-08-22 14:35 -------- d-----w- c:\programdata\Malwarebytes
2011-08-22 14:35 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 14:35 . 2011-08-22 14:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-22 14:35 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-21 19:13 . 2011-08-21 19:13 -------- d-----w- c:\program files\CCleaner
2011-08-21 18:55 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-21 18:55 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-21 18:55 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-21 18:55 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-21 18:55 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-21 18:55 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-21 18:55 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-21 18:27 . 2011-08-21 18:27 -------- d-----w- c:\programdata\AVAST Software
2011-08-21 18:27 . 2011-08-21 18:27 -------- d-----w- c:\program files\AVAST Software
2011-08-19 09:36 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F00D1812-29AB-4960-8374-A2652EF258F8}\mpengine.dll
2011-08-10 14:28 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 14:28 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 14:28 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 14:28 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 14:28 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 14:28 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-07-24 12:29 . 2011-07-24 12:29 -------- d-----w- c:\users\Standard\AppData\Local\GIANTS Editor 4.1.7
2011-07-24 12:29 . 2011-07-24 12:29 -------- d-----w- c:\program files\GIANTS Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 15:40 . 2011-07-01 10:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-07 17:42 . 2011-07-07 17:42 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-07-07 13:22 . 2011-07-07 13:22 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-07-07 13:22 . 2011-07-07 13:22 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-07-07 13:22 . 2011-07-07 13:22 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-07-02 12:18 . 2011-07-02 12:18 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-30 16:31 . 2011-06-30 16:31 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-06-30 16:26 . 2011-06-30 16:26 32768 ----a-w- c:\windows\system32\drivers\cs-CZ\volsnap.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\battc.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\acpi.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\sermouse.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\mouclass.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\mouhid.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\i8042prt.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\tpm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 7168 ----a-w- c:\windows\system32\drivers\cs-CZ\luafv.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\e100b325.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdhid.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\viac7.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\processr.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\intelppm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\crusoe.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\amdk8.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\amdk7.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\e1e6032.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 17920 ----a-w- c:\windows\system32\drivers\cs-CZ\E1G60I32.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 9216 ----a-w- c:\windows\system32\drivers\cs-CZ\pci.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\b57nd60x.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\isapnp.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\mssmbios.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\VIAAGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ULIAGPKX.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\SISAGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\NV_AGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\AMDAGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\AGP440.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 27648 ----a-w- c:\windows\system32\drivers\cs-CZ\mpio.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\qwavedrv.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ati2mtag.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\wacompen.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\SCR111.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\scmstcs.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\pscr.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\grserial.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\stcusb.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\gpr400.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\cxbp0wdm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\cmbp0wdm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\serial.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\rndismpx.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\pnpmem.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wd.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 7168 ----a-w- c:\windows\system32\drivers\cs-CZ\IPMIDrv.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\pcmcia.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\pacer.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\msdsm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\BrSerId.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\modem.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\ipnat.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\serscan.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\ltmdmnt.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\afd.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\yk60x86.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\hidbth.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 65536 ----a-w- c:\windows\system32\drivers\cs-CZ\ntfs.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\srv.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ati2mpad.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\ntrigdigi.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
2011-06-30 16:25 . 2011-06-30 16:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\parport.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\RNDISMP.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\parvdm.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\umbus.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\UAGP35.SYS.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2011-06-30 16:25 . 2011-06-30 16:25 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\BrParwdm.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 12288 ----a-w- c:\windows\system32\drivers\cs-CZ\ohci1394.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\bcm4sbxp.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\fltmgr.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\bthpan.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\Dot4usb.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\amdide.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\nv4_mini.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\scsiport.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\atikmdag.sys.mui
2011-06-30 13:57 . 2011-06-30 13:57 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-30 13:57 . 2011-06-30 13:57 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-30 13:57 . 2011-06-30 13:57 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-30 13:57 . 2011-06-30 13:57 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-30 13:57 . 2011-06-30 13:57 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-30 13:57 . 2011-06-30 13:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-30 13:57 . 2011-06-30 13:57 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-30 13:57 . 2011-06-30 13:57 367104 ----a-w- c:\windows\system32\html.iec
2011-06-30 13:57 . 2011-06-30 13:57 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-30 13:57 . 2011-06-30 13:57 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-30 13:57 . 2011-06-30 13:57 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-30 13:57 . 2011-06-30 13:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-30 13:57 . 2011-06-30 13:57 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-03 13:52 . 2011-07-01 10:37 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-04-07 318488]
"SetRefresh"="c:\program files\HP\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-626282612-4174701310-2186174446-1003]
"EnableNotificationsRef"=dword:00000001
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 FSLX;FSLX;c:\windows\system32\drivers\fslx.sys [2008-07-11 191872]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-04-07 576024]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2008-06-13 225920]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-07-07 13224]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-02 218688]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\wi2e3bgs.default\
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-22 18:06
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\helppane.exe
.
**************************************************************************
.
Celkový čas: 2011-08-22 18:08:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-22 16:08
ComboFix2.txt 2011-08-22 15:20
.
Před spuštěním: Volných bajtů: 332 767 031 296
Po spuštění: Volných bajtů: 333 440 856 064
.
- - End Of File - - C0CD2D6E05C92B658B4575089B063EA6




tak co ted s tim?

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\fslx.sys

Driver::
FSLX

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Dokyxxx]

log z ComboFix

ComboFix 11-08-23.03 - Standard 23.08.2011 15:12:10.2.4 - x86 NETWORK
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3582.3070 [GMT 2:00]
Spuštěný z: c:\users\Standard\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Standard\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\fslx.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\fslx.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FSLX
-------\Service_FSLX
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-23 do 2011-08-23 )))))))))))))))))))))))))))))))
.
.
2011-08-22 14:35 . 2011-08-22 14:35 -------- d-----w- c:\users\Standard\AppData\Roaming\Malwarebytes
2011-08-22 14:35 . 2011-08-22 14:35 -------- d-----w- c:\programdata\Malwarebytes
2011-08-22 14:35 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 14:35 . 2011-08-22 14:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-22 14:35 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-21 19:13 . 2011-08-21 19:13 -------- d-----w- c:\program files\CCleaner
2011-08-21 18:55 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-21 18:55 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-21 18:55 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-21 18:55 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-21 18:55 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-21 18:55 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-21 18:55 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-21 18:27 . 2011-08-21 18:27 -------- d-----w- c:\programdata\AVAST Software
2011-08-21 18:27 . 2011-08-21 18:27 -------- d-----w- c:\program files\AVAST Software
2011-08-19 09:36 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F00D1812-29AB-4960-8374-A2652EF258F8}\mpengine.dll
2011-08-10 14:28 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 14:28 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 14:28 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 14:28 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 14:28 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 14:28 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 15:40 . 2011-07-01 10:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-07 17:42 . 2011-07-07 17:42 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-07-07 13:22 . 2011-07-07 13:22 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-07-07 13:22 . 2011-07-07 13:22 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-07-07 13:22 . 2011-07-07 13:22 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-07-02 12:18 . 2011-07-02 12:18 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-30 16:31 . 2011-06-30 16:31 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-06-30 16:26 . 2011-06-30 16:26 32768 ----a-w- c:\windows\system32\drivers\cs-CZ\volsnap.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\battc.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\acpi.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\sermouse.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\mouclass.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\mouhid.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\i8042prt.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\tpm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 7168 ----a-w- c:\windows\system32\drivers\cs-CZ\luafv.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\e100b325.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdhid.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\viac7.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\processr.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\intelppm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\crusoe.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\amdk8.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 21504 ----a-w- c:\windows\system32\drivers\cs-CZ\amdk7.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 20992 ----a-w- c:\windows\system32\drivers\cs-CZ\e1e6032.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 17920 ----a-w- c:\windows\system32\drivers\cs-CZ\E1G60I32.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 9216 ----a-w- c:\windows\system32\drivers\cs-CZ\pci.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\b57nd60x.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\isapnp.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\mssmbios.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\VIAAGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ULIAGPKX.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\SISAGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\NV_AGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\AMDAGP.SYS.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\AGP440.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 27648 ----a-w- c:\windows\system32\drivers\cs-CZ\mpio.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\qwavedrv.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ati2mtag.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\wacompen.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\SCR111.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\scmstcs.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\pscr.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\grserial.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\stcusb.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\gpr400.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\cxbp0wdm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\cmbp0wdm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\serial.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\rndismpx.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\pnpmem.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wd.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 7168 ----a-w- c:\windows\system32\drivers\cs-CZ\IPMIDrv.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\pcmcia.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\pacer.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\msdsm.sys.mui
2011-06-30 16:26 . 2011-06-30 16:26 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\BrSerId.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\modem.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\ipnat.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\serscan.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\ltmdmnt.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 9728 ----a-w- c:\windows\system32\drivers\cs-CZ\afd.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\yk60x86.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\hidbth.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 65536 ----a-w- c:\windows\system32\drivers\cs-CZ\ntfs.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\srv.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\ati2mpad.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\ntrigdigi.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
2011-06-30 16:25 . 2011-06-30 16:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\parport.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\RNDISMP.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\parvdm.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\umbus.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\UAGP35.SYS.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2011-06-30 16:25 . 2011-06-30 16:25 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\BrParwdm.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 12288 ----a-w- c:\windows\system32\drivers\cs-CZ\ohci1394.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\bcm4sbxp.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\fltmgr.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\bthpan.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\Dot4usb.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\amdide.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 5120 ----a-w- c:\windows\system32\drivers\cs-CZ\nv4_mini.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\scsiport.sys.mui
2011-06-30 16:25 . 2011-06-30 16:25 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\atikmdag.sys.mui
2011-06-30 13:57 . 2011-06-30 13:57 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-30 13:57 . 2011-06-30 13:57 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-30 13:57 . 2011-06-30 13:57 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-30 13:57 . 2011-06-30 13:57 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-30 13:57 . 2011-06-30 13:57 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-30 13:57 . 2011-06-30 13:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-30 13:57 . 2011-06-30 13:57 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-30 13:57 . 2011-06-30 13:57 367104 ----a-w- c:\windows\system32\html.iec
2011-06-30 13:57 . 2011-06-30 13:57 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-30 13:57 . 2011-06-30 13:57 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-30 13:57 . 2011-06-30 13:57 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-30 13:57 . 2011-06-30 13:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-30 13:57 . 2011-06-30 13:57 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-03 13:52 . 2011-07-01 10:37 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-04-07 318488]
"SetRefresh"="c:\program files\HP\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-626282612-4174701310-2186174446-1003]
"EnableNotificationsRef"=dword:00000001
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-04-07 576024]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-07-07 13224]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-02 218688]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2008-06-13 225920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\wi2e3bgs.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-23 15:20
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\helppane.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-08-23 15:22:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-23 13:22
ComboFix2.txt 2011-08-22 16:08
ComboFix3.txt 2011-08-22 15:20
.
Před spuštěním: Volných bajtů: 333 405 216 768
Po spuštění: Volných bajtů: 333 092 868 096
.
- - End Of File - - 190D2D9402168C325F5DE43FDBD8B3A8


a tady z HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:23, on 23.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
L:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\HP\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

--
End of file - 4446 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Dokyxxx]

při výběru JAVA tam neni moje Vista 32 bit..co mam vybrat??

[memphisto]

Dej verzi Windows x86

[Dokyxxx]

v přidat nebo odebrat programy nemužu odinstalovat starou javu..v nouzáku to neni možný..

[memphisto]

Další možnost jak aktualizovat je najet do Ovládacích panelů a tam uvidíš položku Java a tu otevřeš a na záložce Update klikneš na kontrolu nových aktualizací a samo si to najde a nainstaluje

[Dokyxxx]

nic takovýho tam nemam..je nmužu dít upgrade systému windows vista a to neni v panelech ale v tento počítač,a pořád mi to jede jen v nouzáku