Mallware - zmrazuje se win

[AndrejDrozd]

Tak dneska se ozval hned několikrát.

[AndrejDrozd]

a tohle je ten druhý.

[vyosek]

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :files
  ipconfig /flushdns /c
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

[AndrejDrozd]

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
D:\dOwNLoAd\cmd.bat deleted successfully.
D:\dOwNLoAd\cmd.txt deleted successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ONEILL
->Temp folder emptied: 28535251 bytes
->Temporary Internet Files folder emptied: 60785856 bytes
->FireFox cache emptied: 62494423 bytes
->Flash cache emptied: 5677 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15740 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50467 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 145,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: ONEILL
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 11232011_224334

Files moved on Reboot...
C:\Users\ONEILL\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ONEILL\AppData\Local\Temp\SafeQClientUI.log moved successfully.

Registry entries deleted on Reboot...

[vyosek]

Jeste tam pustte CureIt http://www.viry.cz/forum/viewtopic.php?f=29&t=47721

Sledujte co PC

[AndrejDrozd]

Bohužel mi to nejde spustit, neustále mě to hází na domácí stránky a ani po zaregistrování free trial verze se mi neumožní spustit program, vždycky naběhne internetová stránka...

[vyosek]

Tak zkusime avp tool http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

[AndrejDrozd]

Tak se mi bohužel nepovedlo uložit log z avp tool. Najdu ho někde dodatečně? Nebo ho musím spustit znovu?

[vyosek]

Bohuzel log se nikam neuklada Jake nalezy tam byly si asi nepamatujete, ze? Pripadne jak se chova PC nyni

[AndrejDrozd]

Pořád stejné, avast hlásí to samé.
Omlouvám se že se to semnou takhle protahuje, ale mám do toho mraky práce.

[vyosek]

Udelejte krok dle navodu kolegyne

Smažte cache Opery/Firefoxu bud ručně nebo ATF Cleanerem
http://www.slunecnice.cz/sw/atf-cleaner/

- v menu nahoře vyberte záložku Firefox / Opera a klikněte na ni
- zatrhněte Select All a pak klikněte na Empty Selected

pozor - přijdete o všechna hesla uložená ve FF /Opere!

- Na záložce main zaškrtněte All users temp a potvrdte Empty selected

Spustte znovu ComboFix (bez skriptu) - pokud bude chtit aktualizovat na novejsi verzi, tak povolte

[AndrejDrozd]

ComboFix 11-11-29.04 - ONEILL 29.11.2011 17:00:37.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4092.2331 [GMT 1:00]
Spuštěný z: c:\users\ONEILL\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\~.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-28 do 2011-11-29 )))))))))))))))))))))))))))))))
.
.
2011-11-29 16:10 . 2011-11-29 16:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-29 16:10 . 2011-11-29 16:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-29 13:22 . 2011-11-29 13:22 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B9D719A-84CB-4084-9127-E0AAD0BCEAAE}\offreg.dll
2011-11-29 07:57 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B9D719A-84CB-4084-9127-E0AAD0BCEAAE}\mpengine.dll
2011-11-25 17:03 . 2011-11-25 17:03 280778 ----a-w- c:\windows\SysWow64\~.tmp
2011-11-25 14:17 . 2011-11-25 14:17 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-25 14:06 . 2011-11-25 14:06 -------- d-----w- c:\program files (x86)\CleanUp!
2011-11-21 22:53 . 2011-11-21 22:53 -------- d-----w- C:\rsit
2011-11-21 22:53 . 2011-11-21 22:53 -------- d-----w- c:\program files\trend micro
2011-11-21 17:41 . 2011-11-21 17:41 -------- d-----w- c:\windows\system32\Macromed
2011-11-16 19:25 . 2011-11-16 19:26 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-11-16 11:12 . 2011-11-16 11:12 -------- d-----w- c:\program files (x86)\Microsoft Games
2011-11-16 10:44 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2011-11-16 10:43 . 2011-11-16 10:43 -------- d-----w- c:\users\ONEILL\AppData\Local\Microsoft Game Studios
2011-11-16 10:43 . 2011-11-16 10:43 -------- d-----w- c:\programdata\Microsoft Games
2011-11-15 16:26 . 2011-11-15 16:28 -------- d-----w- c:\program files (x86)\AutoCAD Civil 3D 2012
2011-11-15 16:23 . 2011-11-15 16:23 -------- d-----w- C:\Civil 3D Project Templates
2011-11-13 14:00 . 2011-11-13 14:20 -------- d-----w- C:\Civil 3D Projects
2011-11-13 13:57 . 2011-11-13 13:57 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-11-13 13:57 . 2011-11-13 13:57 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-11-13 13:57 . 2011-11-13 13:57 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-11-13 13:57 . 2011-11-13 13:57 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-13 13:57 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-11-13 13:57 . 2009-03-09 14:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll
2011-11-13 13:57 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-11-13 13:57 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll
2011-11-13 13:57 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-11-13 13:57 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-11-09 12:12 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-11-09 12:12 . 2009-09-04 16:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-11-08 19:44 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-08 19:44 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-08 19:43 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-08 19:43 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-25 13:14 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-25 13:14 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-07-25 13:14 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-07-25 13:14 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-25 13:14 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-25 13:14 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-25 13:14 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-25 13:14 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-07-25 13:14 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-21 17:41 . 2011-07-25 14:05 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-01 05:24 . 2011-10-12 21:05 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-12 21:05 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-12 21:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-12 21:05 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-12 21:05 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-12 21:05 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-22_18.46.19 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-11-22 18:46 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-29 15:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-22 18:46 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-29 15:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-22 18:46 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-29 15:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-25 09:26 . 2011-11-29 13:21 35452 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-29 13:22 41650 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-07-25 09:26 . 2011-11-29 13:22 13790 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2409509077-1001860068-3401829439-1000_UserData.bin
+ 2011-07-25 15:10 . 2011-11-29 13:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-07-25 15:10 . 2011-11-22 18:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-09-14 11:02 . 2011-11-29 00:09 1739 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-09-14 11:02 . 2011-11-21 00:37 1739 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-11-22 18:44 . 2011-11-22 18:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-29 13:09 . 2011-11-29 13:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-22 18:44 . 2011-11-22 18:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-11-29 13:09 . 2011-11-29 13:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-11-22 18:08 652360 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-29 15:22 652360 c:\windows\system32\perfh009.dat
- 2011-07-26 08:20 . 2011-11-22 18:08 666678 c:\windows\system32\perfh005.dat
+ 2011-07-26 08:20 . 2011-11-29 15:22 666678 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-11-29 15:22 121292 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-11-22 18:08 121292 c:\windows\system32\perfc009.dat
- 2011-07-26 08:20 . 2011-11-22 18:08 140328 c:\windows\system32\perfc005.dat
+ 2011-07-26 08:20 . 2011-11-29 15:22 140328 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:01 . 2011-11-29 12:41 445904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-11-22 18:43 445904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-03 20:50 . 2011-11-29 12:41 2696672 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-10-03 20:50 . 2011-11-22 12:39 2696672 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-07-26 10:27 . 2011-11-29 12:41 6028124 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2409509077-1001860068-3401829439-1000-8192.dat
+ 2011-08-10 10:07 . 2011-11-25 14:09 3323152 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2409509077-1001860068-3401829439-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Flexlm Service 1;Flexlm Service 1;c:\program files (x86)\SCIA\Engineer2008\Flexlm\Lmgrd -c license.dat [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-09-21 1431888]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 147.32.110.2 147.32.1.20
FF - ProfilePath - c:\users\ONEILL\AppData\Roaming\Mozilla\Firefox\Profiles\cq6apmw6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
Celkový čas: 2011-11-29 17:14:55
ComboFix-quarantined-files.txt 2011-11-29 16:14
ComboFix2.txt 2011-11-22 20:16
ComboFix3.txt 2011-11-22 18:52
.
Před spuštěním: Volných bajtů: 13 793 304 576
Po spuštění: Volných bajtů: 15 614 799 872
.
- - End Of File - - F5749C1E9E23A238EE20617050A74F77

[vyosek]

Avast stale krici

[AndrejDrozd]

Pořád beze změny

[vyosek]

Asi bych napsal na jejich support co konkretne se mu nelibi...