Pomoc! vir v explorer.exe

[zipicek]

ahoj
mám hrozně nemilou věc , AVG mi našel Trojský kůň Agent_r.XJ a název objektu je C:\Windows\Explorer.EXE (764):\memory_00010000 a pod tím je stejný virus který je v právě v mých prohlížečech co používám ( napr. kdyz mam zaply internet explorer tak je v něm atd.) "C:\Windows\Explorer.EXE (764):\memory_00010000";"Trojský kůň Agent_r.XJ";"Objekt je nedostupný."
"C:\Windows\Explorer.EXE (764)";"Trojský kůň Agent_r.XJ";""
"C:\Program Files\Opera\opera.exe (3388):\memory_00010000";"Trojský kůň Agent_r.XJ";"Objekt je nedostupný."
"C:\Program Files\Opera\opera.exe (3388)";"Trojský kůň Agent_r.XJ";""
"C:\Program Files\Internet Explorer\iexplore.exe (5188):\memory_00010000";"Trojský kůň Agent_r.XJ";"Objekt je nedostupný."
"C:\Program Files\Internet Explorer\iexplore.exe (5188)";"Trojský kůň Agent_r.XJ";""
"C:\Program Files\Internet Explorer\iexplore.exe (4476):\memory_00010000";"Trojský kůň Agent_r.XJ";"Objekt je nedostupný."
"C:\Program Files\Internet Explorer\iexplore.exe (4476)";"Trojský kůň Agent_r.XJ";""
"C:\Program Files\Internet Explorer\iexplore.exe (3776):\memory_00010000";"Trojský kůň Agent_r.XJ";"Objekt je nedostupný."
"C:\Program Files\Internet Explorer\iexplore.exe (3776)";"Trojský kůň Agent_r.XJ";""
"C:\Program Files\Internet Explorer\iexplore.exe (2072):\memory_00010000";"Trojský kůň Agent_r.XJ";"Objekt je nedostupný."
"C:\Program Files\Internet Explorer\iexplore.exe (2072)";"Trojský kůň Agent_r.XJ";""

a nemůžu ho jak vymazat nebo vyléčit. Ještě aby to nebylo málo tak mám problémy se spuštěním windows když zapnu pc. Začne se mi načítat a těď bum restartnese a to i několikrát za sebou, když už konečně se dostanu na vybírání profilu tak je hrozně pomalý pc. a ještě když zapínám pc tak se mi někdy objeví že je nějaký problém ve windows když mi to nabídne abych ho opravil tak mi to řekne že to nejde. Nevíte co s tím už jsem vážne v koncích?

[zipicek]

a zajímavý je že avast mi todle nevyhledá i po restratu.

[zipicek]

tady je jeste log
Logfile of random's system information tool 1.08 (written by random/random)
Run by rodinka at 2011-02-05 14:38:54
Microsoft Windows 7 Ultimate
System drive C: has 375 GB (79%) free of 477 GB
Total RAM: 3327 MB (57% free)


======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1789673904-1677065206-1250108036-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1789673904-1677065206-1250108036-1003UA.job
C:\Windows\tasks\RegistryBooster.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files\ToggleEN\tbTogg.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-12-20 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-08-26 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof1.dll [2010-08-26 2734688]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files\ToggleEN\tbTogg.dll [2010-06-13 2734688]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-12-20 2069344]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-05 14:38:55 ----D---- C:\Program Files\trend micro
2011-02-05 14:38:54 ----D---- C:\rsit
2011-02-02 15:22:18 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-02-02 15:22:17 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-02-02 15:22:16 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-02-02 15:22:16 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-02-02 15:22:13 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-02-02 15:21:25 ----A---- C:\Windows\system32\aswBoot.exe
2011-02-02 15:21:23 ----D---- C:\ProgramData\Alwil Software
2011-02-02 15:21:23 ----D---- C:\Program Files\Alwil Software
2011-02-02 11:09:31 ----D---- C:\Users\rodinka\AppData\Roaming\Opera
2011-02-02 11:09:27 ----D---- C:\Program Files\Opera
2011-02-01 20:10:11 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-02-01 20:10:06 ----D---- C:\Program Files\SUPERAntiSpyware
2011-02-01 17:38:43 ----D---- C:\Windows\Minidump
2011-02-01 17:28:06 ----A---- C:\Windows\game.ini
2011-02-01 16:01:19 ----A---- C:\Windows\system32\psisdecd.dll
2011-02-01 16:01:19 ----A---- C:\Windows\system32\msdri.dll
2011-02-01 16:01:19 ----A---- C:\Windows\system32\CPFilters.dll
2011-02-01 15:50:35 ----A---- C:\Windows\system32\oleaut32.dll
2011-02-01 15:38:27 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-01 15:33:19 ----D---- C:\Program Files\Microsoft
2011-02-01 15:33:18 ----D---- C:\Program Files\MSN Toolbar
2011-02-01 15:31:19 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-02-01 15:31:19 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-02-01 15:31:19 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-02-01 15:31:19 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-02-01 15:31:19 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-02-01 15:31:19 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-02-01 15:31:19 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-02-01 15:31:18 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-02-01 15:31:17 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-02-01 15:31:17 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-02-01 15:31:17 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-02-01 15:31:17 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-02-01 15:31:17 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-02-01 15:31:16 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-02-01 15:31:15 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-02-01 15:31:11 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-02-01 15:31:11 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-02-01 15:31:11 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-02-01 15:31:11 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-02-01 15:31:10 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-02-01 15:31:10 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-02-01 15:31:10 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-02-01 15:31:10 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-02-01 15:31:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-02-01 15:31:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-02-01 15:31:09 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-02-01 15:31:09 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-02-01 15:31:09 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-02-01 15:31:09 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-02-01 15:31:08 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-02-01 15:31:08 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-02-01 15:31:08 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-02-01 15:31:08 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-02-01 15:31:08 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-02-01 15:31:07 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-02-01 15:31:07 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-02-01 15:31:07 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-02-01 15:31:07 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-02-01 15:29:38 ----HD---- C:\Windows\msdownld.tmp
2011-02-01 15:29:34 ----D---- C:\Windows\system32\directx
2011-01-31 18:47:17 ----A---- C:\Windows\reimage.ini
2011-01-31 18:38:09 ----HDC---- C:\ProgramData\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
2011-01-31 16:51:56 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-01-31 16:51:56 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-01-31 16:51:55 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-01-31 16:51:55 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-01-31 16:51:55 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-01-31 16:51:55 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-01-31 16:51:55 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-01-31 16:51:54 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-01-31 16:51:54 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-01-31 16:51:54 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-01-31 16:51:54 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-01-31 16:51:54 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-01-31 16:51:54 ----A---- C:\Windows\system32\d3dx10.dll
2011-01-31 16:51:53 ----A---- C:\Windows\system32\xinput1_2.dll
2011-01-31 16:51:53 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-01-31 16:51:53 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-01-31 16:14:41 ----D---- C:\Program Files\DaemonTools_WhenUSave_Installer
2011-01-25 20:02:54 ----D---- C:\ProgramData\Blizzard Entertainment
2011-01-24 15:42:15 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2011-01-23 15:43:28 ----D---- C:\Program Files\Common Files\Blizzard Entertainment.temp
2011-01-21 18:26:31 ----D---- C:\ProgramData\Blizzard
2011-01-14 18:53:12 ----D---- C:\ProgramData\TrackMania
2011-01-14 18:52:35 ----A---- C:\Windows\system32\xinput1_1.dll
2011-01-14 18:52:35 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-01-14 18:52:35 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-01-14 18:52:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-01-14 18:52:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-01-14 18:52:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-01-14 18:52:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-01-14 18:52:28 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-01-14 18:52:26 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-01-14 18:52:20 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-01-14 18:50:15 ----D---- C:\Program Files\TmNationsForever
2011-01-12 20:49:07 ----D---- C:\25d4114844ec39c5f6beaad8cb4e
2011-01-12 20:48:30 ----A---- C:\Windows\system32\odbc32.dll

======List of files/folders modified in the last 1 months======

2011-02-05 14:39:05 ----D---- C:\Windows\Temp
2011-02-05 14:38:55 ----RD---- C:\Program Files
2011-02-05 13:42:41 ----D---- C:\Windows\Prefetch
2011-02-05 13:39:43 ----D---- C:\Windows
2011-02-04 23:32:32 ----D---- C:\Windows\system32\config
2011-02-04 22:28:58 ----SD---- C:\ProgramData\Microsoft
2011-02-04 22:00:34 ----D---- C:\Windows\system32\drivers\Avg
2011-02-04 16:54:51 ----D---- C:\Windows\Tasks
2011-02-04 16:54:51 ----D---- C:\Windows\system32\wfp
2011-02-04 16:54:51 ----D---- C:\Windows\system32\wbem
2011-02-04 16:54:51 ----D---- C:\Windows\system32\Tasks
2011-02-04 16:54:51 ----D---- C:\Windows\system32\DriverStore
2011-02-04 16:54:51 ----D---- C:\Windows\system32\catroot2
2011-02-04 16:54:51 ----D---- C:\Windows\System32
2011-02-04 16:54:51 ----D---- C:\Program Files\Internet Explorer
2011-02-04 16:54:50 ----SHD---- C:\Windows\Installer
2011-02-04 16:54:50 ----D---- C:\Windows\system32\drivers
2011-02-04 16:54:50 ----D---- C:\Windows\system32\CodeIntegrity
2011-02-04 16:54:50 ----D---- C:\Windows\inf
2011-02-04 16:54:50 ----D---- C:\Windows\AppCompat
2011-02-04 16:54:47 ----D---- C:\Program Files\ToggleEN
2011-02-04 16:54:47 ----D---- C:\Program Files\Softonic-Eng7
2011-02-04 16:54:33 ----D---- C:\Windows\registration
2011-02-04 16:54:32 ----D---- C:\Windows\winsxs
2011-02-04 16:54:15 ----D---- C:\Windows\Microsoft.NET
2011-02-04 16:54:02 ----RSD---- C:\Windows\assembly
2011-02-04 16:52:59 ----HD---- C:\ProgramData
2011-02-04 16:52:52 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-04 16:52:51 ----D---- C:\Program Files\Conduit
2011-02-04 16:52:45 ----D---- C:\Program Files\Activision
2011-02-04 16:52:02 ----SHD---- C:\System Volume Information
2011-02-03 08:35:10 ----D---- C:\Windows\system32\LogFiles
2011-02-02 10:59:51 ----D---- C:\Program Files\ICQ6.5
2011-02-01 16:01:36 ----D---- C:\Windows\ehome
2011-02-01 16:01:09 ----D---- C:\Windows\system32\catroot
2011-02-01 15:59:44 ----D---- C:\ProgramData\Microsoft Help
2011-02-01 15:31:08 ----D---- C:\Windows\Logs
2011-01-31 16:50:53 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-01-31 16:50:46 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-01-24 16:22:55 ----D---- C:\Program Files\Common Files
2011-01-18 20:40:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-17 12:20:35 ----D---- C:\Users\rodinka\AppData\Roaming\ICQ
2011-01-16 14:59:39 ----D---- C:\Program Files\TopCD
2011-01-12 20:49:08 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-12-20 52872]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-18 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-12-20 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-12-20 29584]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-12-20 243024]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-20 5089280]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ayrsevpn;ayrsevpn; C:\Windows\system32\drivers\ayrsevpn.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 cpuz134;cpuz134; \??\C:\Users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-20 172032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-12-20 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-12-20 308136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-31 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-01-31 103736]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-10-14 435008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[motji]

Dobrý večer ,
prosím složku C:\Windows\Minidump dejte do raru a upněte na www.leteckaposta.cz. Link vložte zde.



Zazálohujte si důležitá data



Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný

Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com



Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif

-spusťte ho a nechejte pracovat. Sám se ukončí.

- Ted nerestartujte počítač!




Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte combofix na virus.com

[zipicek]

http://leteckaposta.cz/612042923 to je ten odkaz (ten minidump sel měl skopčit?)

[zipicek]

[

[zipicek]

*** ted už mi nejde spustit ani windows, zacne se mi načítat a hned se mi restartne ted zkousím udelat opravy systému co mi to nabízí ale říká mi že to nejde opravit Kdyz jsem spoustel ty první dva rkilli tak se mi to restartovalo. co ted? (pokusím se to nahodit)

[zipicek]

Už jsme to tedy nahodil a ani jeden nejde (myslím tím ze se to pokazde restartuje) a ten poslední NOT FOUND. A u toho rkill mám dát test nebo naistalovat?

[zipicek]

Dobrý večer ,
prosím složku C:\Windows\Minidump dejte do raru a upněte na http://www.leteckaposta.cz. Link vložte zde.



Zazálohujte si důležitá data



Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný

Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com



Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif

-spusťte ho a nechejte pracovat. Sám se ukončí.

- Ted nerestartujte počítač!




Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte combofix na virus.com

A ten combofix je určení na co? na ten vir nebo na to restartování počítače?

[motji]

Máte zazálohovaná data? Spusťte rovnou combofix.
Combofix je na vir. Proč se Vám restartuje počítač, teprve zjistíme

[zipicek]

Dobrý večer, dobře zítra to zkusím ted jsu na jíném pc.

[motji]

[zipicek]

Ahoj
když stáhnu ten combofix a spustím podle toho návodu tak se mi objeví barevná obrazovka a v zápětí se restartuje pc, zkousel jsem i to pres nouzový režim ale pořád se to restartuje.

[motji]

V nouzovém režimu provádějte

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde



Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[motji]

A ještě jedna věc - především odinstalujte jeden antivir - doporučuji AVG . Ty restarty můžou být způsobeny právě tím, že se ty antiviry o vir hádají.
http://www.avg.com/cz-cs/stahnout-nastroje