viry worms

[Aneta87]

vypada to, že je vše v pořádku. uživatelské účty jsou zapnuté a trojani nevyskakují:))

moc vám děkuju za pomoc:). Ještě se chci zeptat, jestli mám všechny programy, které jsem instalovala během dneška kvůli skenování a jiným věcem vymazat nebo nechat (Malwarebytes, Combofix, RSIT)??

a můžu ještě požádat o proskenování stolního počítače, kde ty viry byly také, neboť jsme je přetáhly nejspíš pomocí flashky? nebo se mám ozvat jindy?

ještě jednou děkuji

[stell]

ok
1:Combofix odinstalovat-start-spustit-skopiruj prikaz do okna combofix /uninstall
klik ok
2:Malwarebytes a RSIT nechat.
3:Nevidim firewall

Ano vloz sem log z RSIT z druheho pocitaca.

[Aneta87]

ja nevim, jestli jsem tam nemela jen ten avast a ne firewall. mela bych nejaky stahnout?

[Aneta87]

muzu smazat combofix tak, ze pravym tlacitkem mysi vyvolam nabidku a dam odinstalovat programem your uninstaller? tamtim způsobem jsem spustila combofix a on rovnou skenoval viry..

[stell]

nie,combofix odinstaluj tak ako som napisal skopiruj prikaz do okna,,ono sa spusti,ale sa odinstaluje.

Ano mozes nainstalovat PCTOOLS firewall,bez antispyware,pri instalacii tam vyberies fajku.

[Aneta87]

co se týče toho druheho pocitace, klikla jsem na odkaz na RSIT a ono se to chvili načítá a pak mě to píše "Aplikace Internet Explorer nemůže zobrazit tuto webovou stránku." - přitom internet normalne funguje.

[stell]

Stahni OTListIt2>> OTL
- spust
-zafajkni
-Scan all users.
-Lop check.
-Purity check.
-v sekciiExtra Registry>zaboduj>Use SafeList
-klik Run SCAN
-scan trva [10-15 min]>.potom vloz sem
-OTL.txt (bude na ploche).

[Aneta87]

jeste k tomu combofixu. kdyz dam start, tak mi nikde v nabidce nevyjizdi. mam ho jen na plose - na nej jsem klikla - otevrela se modra tabulka a jatam dala zkopirovat ten odkaz - nic se ale nezobrazilo ve smyslu odinstalovani, ale normalne se zase proskenovavaly viry. takze to delam nejak spatne.

[stell]

ok
1:Combofix odinstalovat-klik-start-klik-spustit-skopiruj prikaz do okna combofix /uninstall
klik ok

[Aneta87]

tady je ten druhy pocitac. nakonec je to pres RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Hruškovi at 2010-04-10 21:13:41
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (3%) free of 111 GB
Total RAM: 1023 MB (55% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-05-30 808472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar1.dll []
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-05-30 808472]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{B922D405-6D13-4A2B-AE89-08A030DA4402}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS.0\SOUNDMAN.EXE [2007-04-16 577536]
"Ptipbmf"=ptipbmf.dll,SetWriteCacheMode []
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2009-10-04 589824]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BigDog305"=C:\WINDOWS.0\VM305_STI.EXE [2007-04-09 57344]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2006-03-02 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS.0\system32\ctfmon.exe [2006-03-02 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS.0\system32\ctfmon.exe [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]

C:\Documents and Settings\All Users.WINDOWS.0\Nabídka Start\Programy\Po spuštění
BDARemote.lnk - C:\Program Files\USB TV\EM28XX\BDARemote.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Philips GoGear VIBE Device Manager.lnk - C:\Program Files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS.0\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS.0\system32\wmicvrts.exe"="C:\WINDOWS.0\system32\wmicvrts.exe:*:Enabled:DHCP Router"
"C:\DOCUME~1\HRUKOV~1.HRU\LOCALS~1\Temp\9177535.exe"="C:\DOCUME~1\HRUKOV~1.HRU\LOCALS~1\Temp\9177535.exe:*:Enabled:test"
"C:\DOCUME~1\HRUKOV~1.HRU\LOCALS~1\Temp\26067.exe"="C:\DOCUME~1\HRUKOV~1.HRU\LOCALS~1\Temp\26067.exe:*:Enabled:test"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS.0\system32\wmicvrts.exe"="C:\WINDOWS.0\system32\wmicvrts.exe:*:Enabled:DHCP Router"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15e6d58f-1f98-11df-886f-00022ae10a7a}]
shell\AutoRun\command - G:\ZRNO//soli.exe
shell\open\command - G:\ZRNO//soli.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{397d03a8-c48a-11de-87ee-00022ae10a7a}]
shell\AutoRun\command - C:\WINDOWS.0\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Play.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{397d03a9-c48a-11de-87ee-00022ae10a7a}]
shell\AutoRun\command - G:\NAUMI///radil.exe
shell\open\command - G:\NAUMI///radil.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be4779d4-b289-11de-87d3-00022ae10a7a}]
shell\AutoRun\command - MUSHKARCI///nesme.exe
shell\open\command - MUSHKARCI///nesme.exe


======List of files/folders created in the last 1 months======

2010-04-10 21:13:41 ----D---- C:\rsit
2010-04-10 21:13:41 ----D---- C:\Program Files\trend micro
2010-04-07 22:57:57 ----D---- C:\Program Files\Traction Software
2010-04-05 15:33:01 ----RSH---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\uyofn.exe
2010-04-05 15:32:57 ----A---- C:\WindowsXP.exe
2010-04-03 17:50:09 ----RSH---- C:\WINDOWS.0\Windows3.exe
2010-04-03 14:02:32 ----RSH---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\bszr.exe
2010-04-03 14:02:25 ----RSH---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\yrpv.exe
2010-03-21 20:22:23 ----N---- C:\WINDOWS.0\system32\browserchoice.exe
2010-03-15 09:06:16 ----HDC---- C:\WINDOWS.0\$NtUninstallKB929399$
2010-03-15 09:05:58 ----HDC---- C:\WINDOWS.0\$NtUninstallKB939683$
2010-03-15 09:05:19 ----HDC---- C:\WINDOWS.0\$NtUninstallKB954154_WM11$
2010-03-14 22:50:29 ----HDC---- C:\WINDOWS.0\$NtUninstallKB926239$
2010-03-14 22:49:55 ----N---- C:\WINDOWS.0\system32\spmsg.dll
2010-03-14 22:49:49 ----HDC---- C:\WINDOWS.0\$NtUninstallMSCompPackV1$
2010-03-14 22:49:36 ----D---- C:\Program Files\Windows Media Connect 2
2010-03-14 22:49:26 ----HDC---- C:\WINDOWS.0\$NtUninstallwmp11$
2010-03-14 22:48:38 ----HDC---- C:\WINDOWS.0\$NtUninstallWMFDist11$
2010-03-14 22:48:03 ----D---- C:\WINDOWS.0\system32\LogFiles
2010-03-14 22:47:54 ----HDC---- C:\WINDOWS.0\$NtUninstallWudf01000$
2010-03-14 22:35:03 ----D---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\ArcSoft
2010-03-14 22:33:58 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\ArcSoft
2010-03-14 22:33:33 ----D---- C:\Program Files\Common Files\ArcSoft
2010-03-14 22:31:57 ----D---- C:\Program Files\Philips
2010-03-14 22:31:03 ----D---- C:\temp
2010-03-11 00:33:48 ----HDC---- C:\WINDOWS.0\$NtUninstallKB975561$

======List of files/folders modified in the last 1 months======

2010-04-10 21:13:49 ----D---- C:\WINDOWS.0\Prefetch
2010-04-10 21:13:41 ----RD---- C:\Program Files
2010-04-10 21:09:51 ----AD---- C:\WINDOWS.0\Temp
2010-04-10 21:09:05 ----D---- C:\WINDOWS.0
2010-04-10 21:07:02 ----A---- C:\WINDOWS.0\SchedLgU.Txt
2010-04-10 21:06:56 ----D---- C:\WINDOWS.0\system32\CatRoot2
2010-04-10 21:03:06 ----D---- C:\Program Files\Mozilla Firefox
2010-04-10 20:32:21 ----HD---- C:\WINDOWS.0\inf
2010-04-08 20:13:46 ----D---- C:\WINDOWS.0\system32
2010-04-07 23:08:51 ----D---- C:\Documents and Settings\Hruškovi.HRU-B98B4D53D62\Data aplikací\ICQ
2010-04-07 22:57:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-31 23:09:04 ----RSHDC---- C:\WINDOWS.0\system32\dllcache
2010-03-31 23:09:01 ----D---- C:\Program Files\Internet Explorer
2010-03-31 23:08:51 ----D---- C:\WINDOWS.0\ie8updates
2010-03-31 23:08:25 ----HD---- C:\WINDOWS.0\$hf_mig$
2010-03-28 12:43:02 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI
2010-03-25 17:41:04 ----D---- C:\WINDOWS.0\system32\drivers
2010-03-23 18:43:35 ----D---- C:\Program Files\pdfforge Toolbar
2010-03-22 00:06:32 ----D---- C:\WINDOWS.0\security
2010-03-15 09:06:59 ----D---- C:\WINDOWS.0\system32\CatRoot
2010-03-15 09:06:20 ----A---- C:\WINDOWS.0\imsins.BAK
2010-03-14 23:28:26 ----SD---- C:\Documents and Settings\All Users.WINDOWS.0\Data aplikací\Microsoft
2010-03-14 23:27:00 ----D---- C:\WINDOWS.0\AppPatch
2010-03-14 22:49:43 ----A---- C:\WINDOWS.0\win.ini
2010-03-14 22:49:36 ----D---- C:\Program Files\Windows Media Player
2010-03-14 22:49:33 ----D---- C:\WINDOWS.0\Help
2010-03-14 22:34:51 ----SHD---- C:\WINDOWS.0\Installer
2010-03-14 22:34:50 ----HD---- C:\Config.Msi
2010-03-14 22:34:50 ----D---- C:\WINDOWS.0\WinSxS
2010-03-14 22:33:33 ----D---- C:\Program Files\Common Files
2010-03-11 00:33:51 ----D---- C:\Program Files\Movie Maker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS.0\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS.0\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS.0\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS.0\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS.0\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS.0\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 aswRdr;aswRdr; C:\WINDOWS.0\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS.0\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2007-11-15 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS.0\system32\drivers\pfc.sys [2009-11-25 10368]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS.0\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbprint;Třída USB Printer; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S1 kbdhid;kbdhid; C:\WINDOWS.0\system32\drivers\kbdhid.sys [2006-03-02 14848]
S3 afpcms57;afpcms57; C:\WINDOWS.0\system32\drivers\afpcms57.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS.0\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 eylhgqno;eylhgqno; \??\C:\WINDOWS.0\System32\Drivers\eylhgqno.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS.0\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS.0\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS.0\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS.0\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS.0\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS.0\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 otigsizt;otigsizt; \??\C:\WINDOWS.0\System32\Drivers\otigsizt.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS.0\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS.0\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS.0\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS.0\system32\DRIVERS\usbccgp.sys [2006-03-02 31616]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS.0\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS.0\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS.0\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.0\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xldzdmvz;xldzdmvz; \??\C:\WINDOWS.0\System32\Drivers\xldzdmvz.sys []
S3 ZSMC0305;A4 TECH PC Camera V; C:\WINDOWS.0\System32\Drivers\usbVM305.sys [2006-05-08 391688]
S4 IntelIde;IntelIde; C:\WINDOWS.0\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.0\system32\svchost.exe [2006-03-02 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS.0\system32\HPZipm12.exe [2004-03-18 65536]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[stell]

ano mas to zavirene
1:Odinstaluj programy/cez start-ovladacie panely pridat/odobrat programy

C:\Program Files\AskBarDis
C:\Program Files\pdfforge Toolbar

2:Pouzijes USB-Fix--log vloz sem
3:Malwarebytes uplny skan,log vloz sem

[Aneta87]

combofix: me to nabizi pouze moznost odinstalovat pomoci your uninstaller - samotne odinstalovat tam neni a dale nikde neni nabidka "spustit"- jen otevrit a to uz to samo skenuje

[Aneta87]

po spusteni ovladacich panelů a nabidky pridat/odebrat program mi vyjedou různé programy typu adobe, avast, tiskarny... ale nemůzu se dostat primo do slozek na disku C

[stell]

ani netreba,,medzi programy najdi tie programy co som napisal,klikni nan a klikni odinstalovat.

[Aneta87]

když ony mi prave nikde nevyjizdeji. jsou tam jen různe programy ale slozky vůbec