VIRY.CZ

Jeste je tam dost prace

Ale tu nejhoris mrchu uz mame pryc

Pokud nemate, tak presunte Combofix primo na disk c:\ at neni v zadne slozce

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\common files\akamai
c:\program files\Ask.com
c:\program files\Common Files\Spigot
c:\documents and settings\Slejtr\Local Settings\Data aplikací\84fbcdf3
c:\documents and settings\Slejtr\Data aplikací\Search Settings
c:\program files\Application Updater
c:\program files\YouTube Downloader Toolbar

File::
c:\program files\ClixSense.com\prxtbCli1.dll
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

Collect::
c:\windows\system32\drivers\guqaqjlg.sys

Rootkit::
c:\windows\system32\drivers\guqaqjlg.sys

Driver::
Akamai
guht
gupdate
gupdatem
gupdate1ca093ba966b462
gusvc

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"=-
"3540:UDP"=-
"1056:TCP"=-
"5000:UDP"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"=-
"ISUSPM Startup"=-
"ISUSScheduler"=-
"NokiaMusic FastStart"=-
"QuickTime Task"=-
"ApnUpdater"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"Malwarebytes' Anti-Malware"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaOviSuite2"=-
"Akamai NetSession Interface"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{70df8d13-bdd3-448e-944c-efde21b77161}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70df8d13-bdd3-448e-944c-efde21b77161}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{70df8d13-bdd3-448e-944c-efde21b77161}"=-
"{F3FEE66E-E034-436a-86E4-9690573BEE8A}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{70DF8D13-BDD3-448E-944C-EFDE21B77161}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CLASSES_ROOT\clsid\{70df8d13-bdd3-448e-944c-efde21b77161}]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Ask.com\\Updater\\Updater.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"netsvcs"=hex(7):36,74,6f,34,00,41,70,70,4d,67,6d,74,00,41,75,64,69,6f,53,72,\
  76,00,42,72,6f,77,73,65,72,00,43,72,79,70,74,53,76,63,00,44,4d,53,65,72,76,\
  65,72,00,44,48,43,50,00,45,52,53,76,63,00,45,76,65,6e,74,53,79,73,74,65,6d,\
  00,46,61,73,74,55,73,65,72,53,77,69,74,63,68,69,6e,67,43,6f,6d,70,61,74,69,\
  62,69,6c,69,74,79,00,48,69,64,53,65,72,76,00,49,61,73,00,49,70,72,69,70,00,\
  49,72,6d,6f,6e,00,4c,61,6e,6d,61,6e,53,65,72,76,65,72,00,4c,61,6e,6d,61,6e,\
  57,6f,72,6b,73,74,61,74,69,6f,6e,00,4d,65,73,73,65,6e,67,65,72,00,4e,65,74,\
  6d,61,6e,00,4e,6c,61,00,4e,74,6d,73,73,76,63,00,4e,57,43,57,6f,72,6b,73,74,\
  61,74,69,6f,6e,00,4e,77,73,61,70,61,67,65,6e,74,00,52,61,73,61,75,74,6f,00,\
  52,61,73,6d,61,6e,00,52,65,6d,6f,74,65,61,63,63,65,73,73,00,53,63,68,65,64,\
  75,6c,65,00,53,65,63,6c,6f,67,6f,6e,00,53,45,4e,53,00,53,68,61,72,65,64,61,\
  63,63,65,73,73,00,53,52,53,65,72,76,69,63,65,00,54,61,70,69,73,72,76,00,54,\
  68,65,6d,65,73,00,54,72,6b,57,6b,73,00,57,33,32,54,69,6d,65,00,57,5a,43,53,\
  56,43,00,57,6d,69,00,57,6d,64,6d,50,6d,53,70,00,77,69,6e,6d,67,6d,74,00,77,\
  73,63,73,76,63,00,78,6d,6c,70,72,6f,76,00,42,49,54,53,00,77,75,61,75,73,65,\
  72,76,00,53,68,65,6c,6c,48,57,44,65,74,65,63,74,69,6f,6e,00,68,65,6c,70,73,\
  76,63,00,57,6d,64,6d,50,6d,53,4e,00,6e,61,70,61,67,65,6e,74,00,68,6b,6d,73,\
  76,63,00,4d,48,4e,00,00

DDS::
mStart Page = hxxp://www.bigseekpro.com/burn4free/{41650AF7-8452-4B65-B3DA-77E031D95C3A}
uInternet Settings,ProxyServer = 192.168.1.80:3128
uInternet Settings,ProxyOverride = 127.0.0.1:9421
Trusted Zone: neobux.com\www

Firefox::
FF - ProfilePath - c:\documents and settings\Slejtr\Data aplikací\Mozilla\Firefox\Profiles\mdej2wun.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=

ClearJavaCache::

AtJob::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt taktez primo na disk c:\
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Spustil jsem script CF, Autoscan již běží 40 minut ve fázi "vyhledávám nakažené soubory", bliká kurzor, nenaběhla žádná fáze a zdá se, že se nic neděje. Během chodu scriptu jsem na PC nic nedělal, ani nikam neklikal. Může to být normální, nebo to nějak spustit znovu?

můžeš to zkusit opakovat po restartu do Nouzového režimu

Zde po proběhnutí v nouzovém režimu:

ComboFix 12-03-06.01 - Slejtr 08.03.2012 9:01.2.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2581 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: AVG Anti-Virus Business Edition *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
FILE ::
"c:\program files\ClixSense.com\prxtbCli1.dll"
"c:\windows\tasks\Google Software Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\Scheduled Update for Ask Toolbar.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Application Updater
c:\program files\Application Updater\config.ini
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Thumbs.db
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\ClixSense.com\prxtbCli1.dll
c:\program files\common files\akamai
c:\program files\common files\akamai\appregistry.dat
c:\program files\common files\akamai\client.ini
c:\program files\common files\akamai\client.ini.json
c:\program files\common files\akamai\CplTasks.xml
c:\program files\common files\akamai\euc_state.json
c:\program files\common files\akamai\guid.ini
c:\program files\common files\akamai\installer.txt
c:\program files\common files\akamai\installer_no_upload_silent.exe
c:\program files\common files\akamai\Languages\csy.dll
c:\program files\common files\akamai\Languages\dan.dll
c:\program files\common files\akamai\Languages\deu.dll
c:\program files\common files\akamai\Languages\esp.dll
c:\program files\common files\akamai\Languages\fin.dll
c:\program files\common files\akamai\Languages\fra.dll
c:\program files\common files\akamai\Languages\chs.dll
c:\program files\common files\akamai\Languages\cht.dll
c:\program files\common files\akamai\Languages\ita.dll
c:\program files\common files\akamai\Languages\jpn.dll
c:\program files\common files\akamai\Languages\kor.dll
c:\program files\common files\akamai\Languages\nld.dll
c:\program files\common files\akamai\Languages\nor.dll
c:\program files\common files\akamai\Languages\plk.dll
c:\program files\common files\akamai\Languages\ptb.dll
c:\program files\common files\akamai\Languages\ptg.dll
c:\program files\common files\akamai\Languages\rus.dll
c:\program files\common files\akamai\Languages\sve.dll
c:\program files\common files\akamai\Languages\trk.dll
c:\program files\common files\akamai\Logs\debug.log
c:\program files\common files\akamai\Logs\debug.log.120301_074725.sent
c:\program files\common files\akamai\Logs\debug.log.120301_084725.sent
c:\program files\common files\akamai\Logs\debug.log.120301_094726.sent
c:\program files\common files\akamai\Logs\debug.log.120301_104727.sent
c:\program files\common files\akamai\Logs\debug.log.120301_114728.sent
c:\program files\common files\akamai\Logs\debug.log.120301_124729.sent
c:\program files\common files\akamai\Logs\debug.log.120301_134729.sent
c:\program files\common files\akamai\Logs\debug.log.120301_144729.sent
c:\program files\common files\akamai\Logs\debug.log.120301_154730.sent
c:\program files\common files\akamai\Logs\debug.log.120301_164730.sent
c:\program files\common files\akamai\Logs\debug.log.120301_174730.sent
c:\program files\common files\akamai\Logs\debug.log.120301_184730.sent
c:\program files\common files\akamai\Logs\debug.log.120301_194730.sent
c:\program files\common files\akamai\Logs\debug.log.120301_204731.sent
c:\program files\common files\akamai\Logs\debug.log.120301_214731.sent
c:\program files\common files\akamai\Logs\debug.log.120301_224732.sent
c:\program files\common files\akamai\Logs\debug.log.120301_234732.sent
c:\program files\common files\akamai\Logs\debug.log.120302_004732.sent
c:\program files\common files\akamai\Logs\debug.log.120302_014732.sent
c:\program files\common files\akamai\Logs\debug.log.120302_024733.sent
c:\program files\common files\akamai\Logs\debug.log.120302_034733.sent
c:\program files\common files\akamai\Logs\debug.log.120302_044733.sent
c:\program files\common files\akamai\Logs\debug.log.120302_054733.sent
c:\program files\common files\akamai\Logs\debug.log.120302_064734.sent
c:\program files\common files\akamai\Logs\debug.log.120302_074735.sent
c:\program files\common files\akamai\Logs\debug.log.120302_084735.sent
c:\program files\common files\akamai\Logs\debug.log.120302_094736.sent
c:\program files\common files\akamai\Logs\debug.log.120302_104737.sent
c:\program files\common files\akamai\Logs\debug.log.120302_114737.sent
c:\program files\common files\akamai\Logs\debug.log.120302_124737.sent
c:\program files\common files\akamai\Logs\debug.log.120302_134738.sent
c:\program files\common files\akamai\Logs\debug.log.120302_141116.sent
c:\program files\common files\akamai\Logs\debug.log.120305_054740.sent
c:\program files\common files\akamai\Logs\debug.log.120305_064741.sent
c:\program files\common files\akamai\Logs\debug.log.120305_064744.sent
c:\program files\common files\akamai\Logs\debug.log.120305_074745.sent
c:\program files\common files\akamai\Logs\debug.log.120305_084745.sent
c:\program files\common files\akamai\Logs\debug.log.120305_094746.sent
c:\program files\common files\akamai\Logs\debug.log.120305_094748.sent
c:\program files\common files\akamai\Logs\debug.log.120305_095225.sent
c:\program files\common files\akamai\Logs\debug.log.120305_095341.sent
c:\program files\common files\akamai\Logs\debug.log.120305_105341.sent
c:\program files\common files\akamai\Logs\debug.log.120305_111950.sent
c:\program files\common files\akamai\Logs\debug.log.120305_112059.sent
c:\program files\common files\akamai\Logs\debug.log.120305_122100.sent
c:\program files\common files\akamai\Logs\debug.log.120305_132100.sent
c:\program files\common files\akamai\Logs\debug.log.120305_142101.sent
c:\program files\common files\akamai\Logs\debug.log.120305_152101.sent
c:\program files\common files\akamai\Logs\debug.log.120305_162101.sent
c:\program files\common files\akamai\Logs\debug.log.120305_172101.sent
c:\program files\common files\akamai\Logs\debug.log.120305_182101.sent
c:\program files\common files\akamai\Logs\debug.log.120305_192101.sent
c:\program files\common files\akamai\Logs\debug.log.120305_202102.sent
c:\program files\common files\akamai\Logs\debug.log.120305_212102.sent
c:\program files\common files\akamai\Logs\debug.log.120305_222103.sent
c:\program files\common files\akamai\Logs\debug.log.120305_232103.sent
c:\program files\common files\akamai\Logs\debug.log.120306_002103.sent
c:\program files\common files\akamai\Logs\debug.log.120306_012104.sent
c:\program files\common files\akamai\Logs\debug.log.120306_022104.sent
c:\program files\common files\akamai\Logs\debug.log.120306_032104.sent
c:\program files\common files\akamai\Logs\debug.log.120306_042104.sent
c:\program files\common files\akamai\Logs\debug.log.120306_052105.sent
c:\program files\common files\akamai\Logs\debug.log.120306_054354.sent
c:\program files\common files\akamai\Logs\debug.log.120306_054531.sent
c:\program files\common files\akamai\Logs\debug.log.120306_064531.sent
c:\program files\common files\akamai\Logs\debug.log.120306_074531.sent
c:\program files\common files\akamai\Logs\debug.log.120306_084531.sent
c:\program files\common files\akamai\Logs\debug.log.120306_094532.sent
c:\program files\common files\akamai\Logs\debug.log.120306_104532.sent
c:\program files\common files\akamai\Logs\debug.log.120306_114532.sent
c:\program files\common files\akamai\Logs\debug.log.120306_124533.sent
c:\program files\common files\akamai\Logs\debug.log.120306_134534.sent
c:\program files\common files\akamai\Logs\debug.log.120306_144534.sent
c:\program files\common files\akamai\Logs\debug.log.120306_154534.sent
c:\program files\common files\akamai\Logs\debug.log.120306_164534.sent
c:\program files\common files\akamai\Logs\debug.log.120306_174535.sent
c:\program files\common files\akamai\Logs\debug.log.120306_184535.sent
c:\program files\common files\akamai\Logs\debug.log.120306_194536.sent
c:\program files\common files\akamai\Logs\debug.log.120306_204536.sent
c:\program files\common files\akamai\Logs\debug.log.120306_214536.sent
c:\program files\common files\akamai\Logs\debug.log.120306_224537.sent
c:\program files\common files\akamai\Logs\debug.log.120306_234537.sent
c:\program files\common files\akamai\Logs\debug.log.120307_004538.sent
c:\program files\common files\akamai\Logs\debug.log.120307_014538.sent
c:\program files\common files\akamai\Logs\debug.log.120307_024538.sent
c:\program files\common files\akamai\Logs\debug.log.120307_034538.sent
c:\program files\common files\akamai\Logs\debug.log.120307_044539.sent
c:\program files\common files\akamai\Logs\debug.log.120307_054539.sent
c:\program files\common files\akamai\Logs\debug.log.120307_064539.sent
c:\program files\common files\akamai\Logs\debug.log.120307_074539.sent
c:\program files\common files\akamai\Logs\debug.log.120307_080653.sent
c:\program files\common files\akamai\Logs\debug.log.120307_080840.sent
c:\program files\common files\akamai\Logs\debug.log.120307_090840.sent
c:\program files\common files\akamai\Logs\debug.log.120307_100340.sent
c:\program files\common files\akamai\Logs\debug.log.120307_110340.sent
c:\program files\common files\akamai\Logs\debug.log.120307_112738.sent
c:\program files\common files\akamai\Logs\debug.log.120307_112841.sent
c:\program files\common files\akamai\Logs\debug.log.120307_120248.sent
c:\program files\common files\akamai\Logs\debug.log.120307_120346.sent
c:\program files\common files\akamai\Logs\debug.log.120307_122255.sent
c:\program files\common files\akamai\Logs\debug.log.120307_122407.sent
c:\program files\common files\akamai\Logs\debug.log.120307_132408.sent
c:\program files\common files\akamai\Logs\debug.log.120307_141315.sent
c:\program files\common files\akamai\Logs\debug.log.120308_060804.sent
c:\program files\common files\akamai\Logs\debug.log.120308_070805.upload
c:\program files\common files\akamai\Logs\dump\120305_064746_0.dmp.sent
c:\program files\common files\akamai\Logs\dump\120305_094750_0.dmp.sent
c:\program files\common files\akamai\Logs\dump\120307_100342_0.dmp.sent
c:\program files\common files\akamai\netsession_win_7de0ed9.dll
c:\program files\common files\akamai\readme.txt
c:\program files\common files\akamai\root.pem
c:\program files\common files\akamai\rswinui.exe
c:\program files\common files\akamai\stubgraded
c:\program files\common files\akamai\uninstall.exe
c:\program files\common files\akamai\user.dat
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\baidu_ff.xml
c:\program files\Common Files\Spigot\Search Settings\baidu_ie.xml
c:\program files\Common Files\Spigot\Search Settings\config.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1031.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1033.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1034.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1036.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1040.ini
c:\program files\Common Files\Spigot\Search Settings\wth.dll
c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files\Common Files\Spigot\Search Settings\yandex_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yandex_ie.xml
c:\program files\Common Files\Spigot\wtxpcom\components\chrome.manifest
c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
c:\program files\Common Files\Spigot\wtxpcom\components\install.rdf
c:\program files\Common Files\Spigot\wtxpcom\chrome.manifest
c:\program files\Common Files\Spigot\wtxpcom\install.rdf
c:\program files\YouTube Downloader Toolbar
c:\program files\YouTube Downloader Toolbar\FF\chrome.manifest
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\brwobj.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\chevron.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\chevron.xul
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\JSWidget.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\login.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\login.xul
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\parser.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\RadioWidget.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\RadioWidget.xul
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\searchbox.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\searchbox.xul
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\utils.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgicomm.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgihandling.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgichevron.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgiui.js
c:\program files\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\amazon.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\dailymotion.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\dropinsavings.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\dropinsavingsabt.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ebay.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\facebook.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\googleplus.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\hulu.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\chevron.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\metacafe.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\radio-close.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\radio-minimize.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\radiobeta.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-button.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-baidu.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-yahoo.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-yandex.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_baidu.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_yandex.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_youtube.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\searchbox.css
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\splitter.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\twitter.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\veoh.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\youtube.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ytd.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ytd_logo.gif
c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ytd_logo_hover.gif
c:\program files\YouTube Downloader Toolbar\FF\install.rdf
c:\program files\YouTube Downloader Toolbar\IE\5.0\config.ini
c:\program files\YouTube Downloader Toolbar\Res\amazon.gif
c:\program files\YouTube Downloader Toolbar\Res\dailymotion.gif
c:\program files\YouTube Downloader Toolbar\Res\dropinsavings.gif
c:\program files\YouTube Downloader Toolbar\Res\dropinsavingsabt.gif
c:\program files\YouTube Downloader Toolbar\Res\ebay.gif
c:\program files\YouTube Downloader Toolbar\Res\facebook.gif
c:\program files\YouTube Downloader Toolbar\Res\googleplus.gif
c:\program files\YouTube Downloader Toolbar\Res\hulu.gif
c:\program files\YouTube Downloader Toolbar\Res\icon_settings.gif
c:\program files\YouTube Downloader Toolbar\Res\Lang\res1031.ini
c:\program files\YouTube Downloader Toolbar\Res\Lang\res1033.ini
c:\program files\YouTube Downloader Toolbar\Res\Lang\res1034.ini
c:\program files\YouTube Downloader Toolbar\Res\Lang\res1036.ini
c:\program files\YouTube Downloader Toolbar\Res\Lang\res1040.ini
c:\program files\YouTube Downloader Toolbar\Res\metacafe.gif
c:\program files\YouTube Downloader Toolbar\Res\radio-close.gif
c:\program files\YouTube Downloader Toolbar\Res\radio-minimize.gif
c:\program files\YouTube Downloader Toolbar\Res\radiobeta.gif
c:\program files\YouTube Downloader Toolbar\Res\search-button-hover.gif
c:\program files\YouTube Downloader Toolbar\Res\search-button.gif
c:\program files\YouTube Downloader Toolbar\Res\search-chevron-hover.gif
c:\program files\YouTube Downloader Toolbar\Res\search-chevron.gif
c:\program files\YouTube Downloader Toolbar\Res\search_amazon.gif
c:\program files\YouTube Downloader Toolbar\Res\search_baidu.gif
c:\program files\YouTube Downloader Toolbar\Res\search_ebay.gif
c:\program files\YouTube Downloader Toolbar\Res\search_yahoo.gif
c:\program files\YouTube Downloader Toolbar\Res\search_yandex.gif
c:\program files\YouTube Downloader Toolbar\Res\search_youtube.gif
c:\program files\YouTube Downloader Toolbar\Res\twitter.gif
c:\program files\YouTube Downloader Toolbar\Res\veoh.gif
c:\program files\YouTube Downloader Toolbar\Res\widgets.xml
c:\program files\YouTube Downloader Toolbar\Res\youtube.gif
c:\program files\YouTube Downloader Toolbar\Res\ytd.gif
c:\program files\YouTube Downloader Toolbar\Res\ytd_logo.gif
c:\program files\YouTube Downloader Toolbar\Res\ytd_logo_hover.gif
c:\program files\YouTube Downloader Toolbar\WidgiHelper.exe
c:\windows\tasks\Google Software Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\Scheduled Update for Ask Toolbar.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AKAMAI
-------\Legacy_GUPDATE1CA093BA966B462
-------\Legacy_GUPDATEM
-------\Legacy_GUSVC
-------\Service_Akamai
-------\Service_guht
-------\Service_gupdate1ca093ba966b462
-------\Service_gupdatem
-------\Service_gusvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-08 do 2012-03-08 )))))))))))))))))))))))))))))))
.
.
2012-03-07 11:27 . 2012-03-07 11:27 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-07 06:57 . 2012-03-07 06:57 -------- d-----w- c:\program files\trend micro
2012-03-07 06:57 . 2012-03-07 06:58 -------- d-----w- C:\rsit
2012-03-05 07:08 . 2012-03-05 07:08 -------- d-----w- C:\spoolerlogs
2012-02-29 10:06 . 2012-02-29 10:06 -------- d-----w- c:\program files\ESET
2012-02-29 08:55 . 2012-02-29 08:55 -------- d-----w- c:\documents and settings\Slejtr\Data aplikací\Malwarebytes
2012-02-29 08:55 . 2012-02-29 08:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-29 08:55 . 2012-02-29 08:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-02-29 08:55 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-29 08:16 . 2012-02-29 08:16 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-02-29 08:03 . 2012-02-29 08:03 -------- d-----r- c:\documents and settings\NetworkService\Oblíbené položky
2012-02-29 07:57 . 2012-02-29 07:57 -------- d-----w- c:\windows\system32\wbem\Repository
2012-02-29 06:18 . 2012-03-05 08:44 -------- d-sh--w- c:\documents and settings\Slejtr\Local Settings\Data aplikací\84fbcdf3
2012-02-16 07:16 . 2012-02-16 07:16 -------- d-----w- c:\documents and settings\Slejtr\Data aplikací\Search Settings
2012-02-15 06:27 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 06:27 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 11:28 . 2003-04-16 12:00 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2012-01-12 17:20 . 2003-04-16 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:42 . 2003-04-16 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2003-04-16 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-06-23 15:29 385024 ----a-w- c:\windows\system32\html.iec
2007-12-14 10:24 . 2009-10-06 08:44 4839936 ----a-w- c:\program files\HTM_Procs.exe
2011-07-13 05:37 . 2011-05-19 07:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-07_12.25.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-08 08:15 . 2012-03-08 08:15 16384 c:\windows\temp\Perflib_Perfdata_fc.dat
- 2003-04-16 12:00 . 2012-02-15 06:47 88926 c:\windows\system32\perfc009.dat
+ 2003-04-16 12:00 . 2012-03-08 08:23 88926 c:\windows\system32\perfc009.dat
+ 2003-04-16 12:00 . 2012-03-08 08:23 505378 c:\windows\system32\perfh009.dat
- 2003-04-16 12:00 . 2012-02-15 06:47 505378 c:\windows\system32\perfh009.dat
- 2003-04-16 12:00 . 2012-02-15 06:47 500622 c:\windows\system32\perfh005.dat
+ 2003-04-16 12:00 . 2012-03-08 08:23 500622 c:\windows\system32\perfh005.dat
+ 2003-04-16 12:00 . 2012-03-08 08:23 103116 c:\windows\system32\perfc005.dat
- 2003-04-16 12:00 . 2012-02-15 06:47 103116 c:\windows\system32\perfc005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\System32\xRaidSetup.exe" [2007-11-19 1970176]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-24 122368]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-27 2077536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Slejtr\Nabídka Start\Programy\Po spuštění\
PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-8-31 333088]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [N/A]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu LT.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Zástupce - OUTLOOK.EXE.lnk - c:\program files\Microsoft Office\OFFICE11\OUTLOOK.EXE [2007-5-31 200032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-22 07:04 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\ZWCAD 2010 Csy\\ZWCAD.EXE"=
"c:\\Program Files\\ZWCAD 2010 Csy\\zwlm_ts.exe"=
"c:\\Program Files\\ZWCAD 2010 Csy\\ZWErrorDialog.exe"=
"c:\\Program Files\\ZWCAD 2010 Csy\\CrashReportManagement.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Documents and Settings\\Slejtr\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Google\\Quick Search Box\\GoogleQuickSearchBox.exe"=
"c:\\Documents and Settings\\Slejtr\\Local Settings\\Data aplikací\\Seznam.cz\\bin\\postak.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Common Files\\Autodesk Shared\\WSCommCntr1.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\ESET\\ESET Online Scanner\\OnlineCmdLineScanner.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Nokia\\Ovi Player\\NokiaOviPlayer.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"c:\\Documents and Settings\\Slejtr\\Local Settings\\Data aplikací\\Seznam.cz\\bin\\MiniBrowser.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jucheck.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\EXCEL.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Slejtr\\Dokumenty\\vlastní\\viry\\RSIT.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\1029\\MSOHELP.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1061:TCP"= 1061:TCP:Akamai NetSession Interface
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [23.6.2008 16:38 52872]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.10.2009 8:29 716272]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.6.2008 16:38 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.6.2008 16:38 243152]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22.6.2010 8:04 308136]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [29.2.2012 9:55 652360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [29.2.2012 9:55 20464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.18\AMVConverter\grab.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: Interfaces\{B4BE6A82-10D3-4388-8737-5DA9F60F8F1F}: NameServer = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\Slejtr\Data aplikací\Mozilla\Firefox\Profiles\mdej2wun.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Akamai - c:\program files\Common Files\Akamai\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-08 09:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3808)
c:\windows\system32\AcSignIcon.dll
c:\program files\Google\Quick Search Box\bin\1.2.1151.245\qsb.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\System32\tcpsvcs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2012-03-08 09:32:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-08 08:32
ComboFix2.txt 2012-03-07 12:38
.
Před spuštěním: Volných bajtů: 82 812 055 552
Po spuštění: Volných bajtů: 82 793 222 144
.
- - End Of File - - 297C28EFB1E2CB7E072525C6354CFA4F

Jak se chova PC

Zdá se, že zatím normálně. Běžné programy se otvírají, pošta i internet funguje.

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Udelejte jeste pro jistotu sken AVPToolem http://forum.viry.cz/viewtopic.php?f=29&t=58179

Po přejmenování CF na Uninstall a spuštění, to běhá stále dokola a nedá se to zastavit. Nicméně složka CF z PC zmizela. Ostatní utility jsem zatím nespouštěl.

Tak pripadne restart a pokracujte dalsimi

Tak vše provedeno a zde je log z AVPTool

Status: Deleted (events: 1)
8.3.2012 17:01:11 Deleted virus Virus.Win32.ZAccess.g C:\TDSSKiller_Quarantine\07.03.2012_12.26.22\rtkt0000\svc0000\tsk0000.dta High

myslim, ze hotovo

mas pocitac ako novy

V tom případě pánové (a jeden z Vás zejména) - veliké díky!

Toto je super fórum a doporučím rozhodně dál.
Tedy vlastně nevím, jestli jste raději, když máte práci, nebo ne...

Tak tak, jak psal kolega...slozku C:\TDSSKiller_Quarantine muzete smazat

Jinak i za kolegu, nemate zac, rado se stalo

VIRY.CZ

trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA

Re: trojský kůň Win32/Sirefef.DA