VIRY.CZ

Nevím jestli je to hodně zaprasený, tak nevím jestli reinstal nebo čistku....

díkes kašos....

ComboFix 11-07-15.01 - Uzivatel 15.07.2011 16:29:35.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1012.252 [GMT 2:00]
Spuštěný z: c:\users\Uzivatel\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\FunWebProducts
c:\users\Uzivatel\AppData\Roaming\Microsoft\Windows\Recent\pizap.com13100610282122111.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-15 do 2011-07-15 )))))))))))))))))))))))))))))))
.
.
2011-07-15 14:44 . 2011-07-15 14:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-15 05:52 . 2011-07-15 05:52 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48E7381E-BDAB-4CC9-89BE-F0E270EF3675}\MpKsld9533604.sys
2011-07-14 21:09 . 2011-07-14 21:09 -------- d-----w- c:\program files\Common Files\Java
2011-07-14 21:08 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48E7381E-BDAB-4CC9-89BE-F0E270EF3675}\mpengine.dll
2011-07-14 21:05 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-14 21:05 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-14 21:05 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-14 21:05 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-14 21:05 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-14 21:05 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-14 21:04 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-14 21:04 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-14 21:04 . 2011-07-14 21:04 -------- d-----w- c:\programdata\AVAST Software
2011-07-14 21:04 . 2011-07-14 21:04 -------- d-----w- c:\program files\AVAST Software
2011-06-29 18:59 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 18:59 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 18:59 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 18:59 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 18:59 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 18:59 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 18:59 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 18:59 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 18:59 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 18:59 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-24 16:48 . 2011-06-24 16:48 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-24 16:23 . 2011-06-24 16:23 -------- d-----w- c:\users\Uzivatel\AppData\Local\ElevatedDiagnostics
2011-06-22 11:25 . 2011-07-10 15:15 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\go
2011-06-22 09:19 . 2011-06-24 12:46 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\BSplayer
2011-06-22 09:19 . 2011-06-22 09:19 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\BSplayer Pro
2011-06-22 09:19 . 2011-06-22 09:19 -------- d-----w- c:\program files\Webteh
2011-06-21 08:40 . 2011-07-02 11:12 -------- d-----w- c:\programdata\Skype Extras
2011-06-17 12:47 . 2011-06-22 11:25 -------- d-----w- c:\programdata\Easybits GO
2011-06-17 07:08 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 07:08 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-17 07:08 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-16 04:57 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-16 04:57 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 04:57 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 04:57 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-16 04:57 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 04:57 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-16 04:56 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 04:56 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 04:56 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 04:56 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-07 15:55 . 2011-03-12 00:24 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-28 08:24 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-04 02:52 . 2010-09-23 13:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-27 19:11 . 2011-04-27 19:11 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-27 19:11 . 2011-04-27 19:11 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-27 19:11 . 2011-04-27 19:11 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-27 19:11 . 2011-04-27 19:11 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-27 19:11 . 2011-04-27 19:11 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-27 19:11 . 2011-04-27 19:11 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-27 19:11 . 2011-04-27 19:11 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-27 19:11 . 2011-04-27 19:11 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-27 19:11 . 2011-04-27 19:11 367104 ----a-w- c:\windows\system32\html.iec
2011-04-27 19:11 . 2011-04-27 19:11 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-27 19:11 . 2011-04-27 19:11 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-27 19:11 . 2011-04-27 19:11 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-27 19:11 . 2011-04-27 19:11 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-27 19:11 . 2011-04-27 19:11 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-27 19:11 . 2011-04-27 19:11 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-27 19:11 . 2011-04-27 19:11 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-27 19:11 . 2011-04-27 19:11 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-27 19:11 . 2011-04-27 19:11 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-27 19:11 . 2011-04-27 19:11 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-22 20:38 . 2011-04-22 20:38 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-22 19:14 . 2011-05-25 17:51 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}"= "c:\program files\dgen\prxtbdgen.dll" [2011-01-17 175912]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 15:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}]
2011-01-17 15:54 175912 ----a-w- c:\program files\dgen\prxtbdgen.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}"= "c:\program files\dgen\prxtbdgen.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{BC3A2C68-4F1A-4DED-BC90-C7470C2D8F4A}"= "c:\program files\dgen\prxtbdgen.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-06-29 124216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-24 150552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-05-13 495708]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl02f57946;MpKsl02f57946;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{476DB197-72A6-43D5-8D16-316C44D2A637}\MpKsl02f57946.sys [x]
R1 MpKsl0578c3e7;MpKsl0578c3e7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C02A5FA8-F66D-4C7D-8F3E-5F56F99BBF5B}\MpKsl0578c3e7.sys [x]
R1 MpKsl082033c2;MpKsl082033c2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsl082033c2.sys [x]
R1 MpKsl083ae039;MpKsl083ae039;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKsl083ae039.sys [x]
R1 MpKsl09c31060;MpKsl09c31060;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsl09c31060.sys [x]
R1 MpKsl0d55e397;MpKsl0d55e397;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKsl0d55e397.sys [x]
R1 MpKsl0f86ebfc;MpKsl0f86ebfc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsl0f86ebfc.sys [x]
R1 MpKsl116af68a;MpKsl116af68a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F27F872F-E962-4A54-8643-551E054CA4B1}\MpKsl116af68a.sys [x]
R1 MpKsl1211f276;MpKsl1211f276;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A6CA8F1-FBA0-46EB-A15C-E493F020F046}\MpKsl1211f276.sys [x]
R1 MpKsl128b5fe1;MpKsl128b5fe1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A603AC2A-EAD4-42D8-846F-9D7687023AF2}\MpKsl128b5fe1.sys [x]
R1 MpKsl12c17481;MpKsl12c17481;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B49ACEB-BF1A-4C42-A76F-8F6F3AB424FC}\MpKsl12c17481.sys [x]
R1 MpKsl130ce14b;MpKsl130ce14b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKsl130ce14b.sys [x]
R1 MpKsl1324158d;MpKsl1324158d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{476DB197-72A6-43D5-8D16-316C44D2A637}\MpKsl1324158d.sys [x]
R1 MpKsl15ab8388;MpKsl15ab8388;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{148145F6-32B9-4BB0-B685-93C1ADD1AD89}\MpKsl15ab8388.sys [x]
R1 MpKsl16102b45;MpKsl16102b45;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ED10FF38-06CD-4F74-A70A-002CBD80D493}\MpKsl16102b45.sys [x]
R1 MpKsl1739a381;MpKsl1739a381;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKsl1739a381.sys [x]
R1 MpKsl1837573e;MpKsl1837573e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A603AC2A-EAD4-42D8-846F-9D7687023AF2}\MpKsl1837573e.sys [x]
R1 MpKsl1c4489ac;MpKsl1c4489ac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{91021A80-1D3E-4F7B-8DB1-5759DCE4E095}\MpKsl1c4489ac.sys [x]
R1 MpKsl1de25524;MpKsl1de25524;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{17C8DFD6-85ED-41AE-94B7-7F90583AE4A2}\MpKsl1de25524.sys [x]
R1 MpKsl1f62a65d;MpKsl1f62a65d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{02088190-7FC8-448D-BA85-B502C3EBF581}\MpKsl1f62a65d.sys [x]
R1 MpKsl210a90bc;MpKsl210a90bc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{589CB926-5F41-4E28-A5C5-B804AA3681BF}\MpKsl210a90bc.sys [x]
R1 MpKsl241457c7;MpKsl241457c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsl241457c7.sys [x]
R1 MpKsl273a7faf;MpKsl273a7faf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C02A5FA8-F66D-4C7D-8F3E-5F56F99BBF5B}\MpKsl273a7faf.sys [x]
R1 MpKsl2924c1df;MpKsl2924c1df;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C02A5FA8-F66D-4C7D-8F3E-5F56F99BBF5B}\MpKsl2924c1df.sys [x]
R1 MpKsl2df9721b;MpKsl2df9721b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AFEA2179-7E91-4403-8F4B-749E3F85CF5C}\MpKsl2df9721b.sys [x]
R1 MpKsl332eaccb;MpKsl332eaccb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F77A1C3-E5B1-404D-A1B2-95C629B60FFF}\MpKsl332eaccb.sys [x]
R1 MpKsl33910d0a;MpKsl33910d0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKsl33910d0a.sys [x]
R1 MpKsl352f5e69;MpKsl352f5e69;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKsl352f5e69.sys [x]
R1 MpKsl3889f777;MpKsl3889f777;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0F127AC1-E702-4F2B-9759-CC089E922781}\MpKsl3889f777.sys [x]
R1 MpKsl3b9e2f58;MpKsl3b9e2f58;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKsl3b9e2f58.sys [x]
R1 MpKsl3c948e51;MpKsl3c948e51;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D6B11DEB-B485-4835-A0C9-DB5975617DC2}\MpKsl3c948e51.sys [x]
R1 MpKsl448bed06;MpKsl448bed06;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C34D151-A56D-498C-947D-B08CA0898CC7}\MpKsl448bed06.sys [x]
R1 MpKsl44f4998c;MpKsl44f4998c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F27F872F-E962-4A54-8643-551E054CA4B1}\MpKsl44f4998c.sys [x]
R1 MpKsl45505bef;MpKsl45505bef;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{774B46C9-9731-40F5-B108-79ED93D4FB42}\MpKsl45505bef.sys [x]
R1 MpKsl47b3ca69;MpKsl47b3ca69;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F27F872F-E962-4A54-8643-551E054CA4B1}\MpKsl47b3ca69.sys [x]
R1 MpKsl47ea287b;MpKsl47ea287b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26B93B26-F51E-44FF-ACD3-666043F7EEB1}\MpKsl47ea287b.sys [x]
R1 MpKsl48ccf674;MpKsl48ccf674;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C34D151-A56D-498C-947D-B08CA0898CC7}\MpKsl48ccf674.sys [x]
R1 MpKsl4d1eab4e;MpKsl4d1eab4e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B96206B1-B140-436E-B480-DFF4ADAD15C0}\MpKsl4d1eab4e.sys [x]
R1 MpKsl4f6dbae4;MpKsl4f6dbae4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4E532CB-E52F-4896-8387-D05E0CC00302}\MpKsl4f6dbae4.sys [x]
R1 MpKsl516bf919;MpKsl516bf919;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKsl516bf919.sys [x]
R1 MpKsl517dcecb;MpKsl517dcecb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD57ABDC-012E-488D-924C-9ADDD5317A63}\MpKsl517dcecb.sys [x]
R1 MpKsl5298f01f;MpKsl5298f01f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F27F872F-E962-4A54-8643-551E054CA4B1}\MpKsl5298f01f.sys [x]
R1 MpKsl59b91202;MpKsl59b91202;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27B5E7F1-391A-45BB-8DE0-0DEB1E88B926}\MpKsl59b91202.sys [x]
R1 MpKsl5ef1ec86;MpKsl5ef1ec86;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D01D22EC-4E36-45B4-BE70-C890D02CE829}\MpKsl5ef1ec86.sys [x]
R1 MpKsl6072bbb5;MpKsl6072bbb5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKsl6072bbb5.sys [x]
R1 MpKsl61218270;MpKsl61218270;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B49ACEB-BF1A-4C42-A76F-8F6F3AB424FC}\MpKsl61218270.sys [x]
R1 MpKsl6311770c;MpKsl6311770c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2BBE544C-7652-4EAF-9C63-3D32A0698427}\MpKsl6311770c.sys [x]
R1 MpKsl66ab3f0e;MpKsl66ab3f0e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0CC23E0E-140B-40C0-8B00-25A6A48F009F}\MpKsl66ab3f0e.sys [x]
R1 MpKsl6703f148;MpKsl6703f148;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F63FD6F-1B96-4097-9BDD-16B0FDC17A79}\MpKsl6703f148.sys [x]
R1 MpKsl6c9e286a;MpKsl6c9e286a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKsl6c9e286a.sys [x]
R1 MpKsl71da0b56;MpKsl71da0b56;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{476DB197-72A6-43D5-8D16-316C44D2A637}\MpKsl71da0b56.sys [x]
R1 MpKsl7264c9ec;MpKsl7264c9ec;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKsl7264c9ec.sys [x]
R1 MpKsl8992a367;MpKsl8992a367;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{148145F6-32B9-4BB0-B685-93C1ADD1AD89}\MpKsl8992a367.sys [x]
R1 MpKsl8b11a497;MpKsl8b11a497;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3A9F67D-D09A-4B03-93CA-C853E681AF38}\MpKsl8b11a497.sys [x]
R1 MpKsl8c810236;MpKsl8c810236;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73C4E5F3-F121-4019-AB03-2C43E742D325}\MpKsl8c810236.sys [x]
R1 MpKsl909bfbe2;MpKsl909bfbe2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61A3E4E2-FDE3-458D-A212-421E86C41CB3}\MpKsl909bfbe2.sys [x]
R1 MpKsl91643c71;MpKsl91643c71;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsl91643c71.sys [x]
R1 MpKsl973b9b5a;MpKsl973b9b5a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB49C1BF-3F77-4278-ADB3-5643957715FB}\MpKsl973b9b5a.sys [x]
R1 MpKsl97503644;MpKsl97503644;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FC6D54AC-6A3A-47BA-87BC-C102645CA062}\MpKsl97503644.sys [x]
R1 MpKsla103cde5;MpKsla103cde5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsla103cde5.sys [x]
R1 MpKsla2c440ce;MpKsla2c440ce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{36F612E9-E34A-4BD4-A00B-7AA3477341D4}\MpKsla2c440ce.sys [x]
R1 MpKsla77004b6;MpKsla77004b6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsla77004b6.sys [x]
R1 MpKslaa0eb88a;MpKslaa0eb88a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0CE0640C-F0E0-4A3F-AB56-4A03A1B0713D}\MpKslaa0eb88a.sys [x]
R1 MpKsladafd0b5;MpKsladafd0b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61A3E4E2-FDE3-458D-A212-421E86C41CB3}\MpKsladafd0b5.sys [x]
R1 MpKsladbff915;MpKsladbff915;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKsladbff915.sys [x]
R1 MpKslaf62d492;MpKslaf62d492;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B49ACEB-BF1A-4C42-A76F-8F6F3AB424FC}\MpKslaf62d492.sys [x]
R1 MpKslb1c97a59;MpKslb1c97a59;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4E532CB-E52F-4896-8387-D05E0CC00302}\MpKslb1c97a59.sys [x]
R1 MpKslb203cb97;MpKslb203cb97;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKslb203cb97.sys [x]
R1 MpKslb9c34659;MpKslb9c34659;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A96C1A74-CFEA-412D-81B8-A81FCDA448F0}\MpKslb9c34659.sys [x]
R1 MpKslb9c77ebb;MpKslb9c77ebb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKslb9c77ebb.sys [x]
R1 MpKslbd99f0ba;MpKslbd99f0ba;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AEE0188E-7627-446A-8214-FEE699CB62CB}\MpKslbd99f0ba.sys [x]
R1 MpKslc1f70495;MpKslc1f70495;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4E532CB-E52F-4896-8387-D05E0CC00302}\MpKslc1f70495.sys [x]
R1 MpKslc2b79f42;MpKslc2b79f42;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F31DE237-C189-4B7E-B964-65D554B77918}\MpKslc2b79f42.sys [x]
R1 MpKslc2c07e08;MpKslc2c07e08;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKslc2c07e08.sys [x]
R1 MpKslc307a4e9;MpKslc307a4e9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E4CD6017-9BE6-47DD-8B2D-EB82AAF953C8}\MpKslc307a4e9.sys [x]
R1 MpKslc44a2e2d;MpKslc44a2e2d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3676717A-F568-46A0-8D98-E042C6D2193B}\MpKslc44a2e2d.sys [x]
R1 MpKslc5a4be7e;MpKslc5a4be7e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1EF8231E-66A8-4590-9CAA-CEC6BB1BA40C}\MpKslc5a4be7e.sys [x]
R1 MpKslc7fc1145;MpKslc7fc1145;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{36F612E9-E34A-4BD4-A00B-7AA3477341D4}\MpKslc7fc1145.sys [x]
R1 MpKslcaacad30;MpKslcaacad30;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4E532CB-E52F-4896-8387-D05E0CC00302}\MpKslcaacad30.sys [x]
R1 MpKslce15223b;MpKslce15223b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F4F2FF9-A396-459B-8463-B7912ACB8BDA}\MpKslce15223b.sys [x]
R1 MpKsld93d5350;MpKsld93d5350;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{56CD66C9-F364-4BFD-8743-A2C05D3FC0DB}\MpKsld93d5350.sys [x]
R1 MpKslde70dbb2;MpKslde70dbb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{476DB197-72A6-43D5-8D16-316C44D2A637}\MpKslde70dbb2.sys [x]
R1 MpKsldff0d3fa;MpKsldff0d3fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1EF8231E-66A8-4590-9CAA-CEC6BB1BA40C}\MpKsldff0d3fa.sys [x]
R1 MpKsle82704b8;MpKsle82704b8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{02088190-7FC8-448D-BA85-B502C3EBF581}\MpKsle82704b8.sys [x]
R1 MpKsledc0f3bc;MpKsledc0f3bc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{005485FE-1953-41D0-A437-F6D1C362A157}\MpKsledc0f3bc.sys [x]
R1 MpKslf0812205;MpKslf0812205;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{773DF659-5D08-44E2-B67B-54012DAE8CDD}\MpKslf0812205.sys [x]
R1 MpKslf47a2d0a;MpKslf47a2d0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3676717A-F568-46A0-8D98-E042C6D2193B}\MpKslf47a2d0a.sys [x]
R1 MpKslf493f4b9;MpKslf493f4b9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4E532CB-E52F-4896-8387-D05E0CC00302}\MpKslf493f4b9.sys [x]
R1 MpKslf5640511;MpKslf5640511;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKslf5640511.sys [x]
R1 MpKslf58a8cb2;MpKslf58a8cb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73C4E5F3-F121-4019-AB03-2C43E742D325}\MpKslf58a8cb2.sys [x]
R1 MpKslf5e3520f;MpKslf5e3520f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5DD5BD6-2471-4337-A257-0BB9C93369AF}\MpKslf5e3520f.sys [x]
R1 MpKslf6982519;MpKslf6982519;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F44A5078-6370-491B-9ACD-7FE61A63C844}\MpKslf6982519.sys [x]
R1 MpKslf7da15cc;MpKslf7da15cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C34D151-A56D-498C-947D-B08CA0898CC7}\MpKslf7da15cc.sys [x]
R1 MpKslfa200701;MpKslfa200701;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{254E20A0-083C-4049-9804-C8881D362648}\MpKslfa200701.sys [x]
R1 MpKslfac5648b;MpKslfac5648b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61A3E4E2-FDE3-458D-A212-421E86C41CB3}\MpKslfac5648b.sys [x]
R1 MpKslfdc351bf;MpKslfdc351bf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F77A1C3-E5B1-404D-A1B2-95C629B60FFF}\MpKslfdc351bf.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 MpKsld9533604;MpKsld9533604;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48E7381E-BDAB-4CC9-89BE-F0E270EF3675}\MpKsld9533604.sys [2011-07-15 28752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLD9533604
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{048E2E1E-60FD-4AA2-A47E-92E10DEDD775}: NameServer = 10.250.1.251
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{d6451db9-67e1-4ca3-bfba-4d77fface17f} - c:\program files\Skinovacek\adxloader.dll
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-15 16:52:24
ComboFix-quarantined-files.txt 2011-07-15 14:52
.
Před spuštěním: Volných bajtů: 66 881 187 840
Po spuštění: Volných bajtů: 67 836 002 304
.
- - End Of File - - 234B890D45BC3C7AB975AA8F55C04C37

Zdravim a pekny den preji

Vy umite pouzivat CFko ze si jej jen tak sam poustite - ctete nize

Vyberte si jeden antivir - Avast nebo MSE - dva antiviry se v PC perou a zpusobuji nestabilitu. Osobne doporucuji ponechat Avast

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Ask.com
c:\program files\uTorrentBar
c:\program files\ICQ6Toolbar

File::
c:\program files\dgen\prxtbdgen.dll

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
"{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}"=-
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{BC3A2C68-4F1A-4DED-BC90-C7470C2D8F4A}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CLASSES_ROOT\clsid\{bc3a2c68-4f1a-4ded-bc90-c7470c2d8f4a}]
[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"ApnUpdater"=-
"SunJavaUpdateSched"=-

Driver::
ICQ Service
MpKsl02f57946
MpKsl0578c3e7
MpKsl082033c2
MpKsl083ae039
MpKsl09c31060
MpKsl0d55e397
MpKsl0f86ebfc
MpKsl116af68a
MpKsl1211f276
MpKsl128b5fe1
MpKsl12c17481
MpKsl130ce14b
MpKsl1324158d
MpKsl15ab8388
MpKsl16102b45
MpKsl1739a381
MpKsl1837573e
MpKsl1c4489ac
MpKsl1de25524
MpKsl1f62a65d
MpKsl210a90bc
MpKsl241457c7
MpKsl273a7faf
MpKsl2924c1df
MpKsl2df9721b
MpKsl332eaccb
MpKsl33910d0a
MpKsl352f5e69
MpKsl3889f777
MpKsl3b9e2f58
MpKsl3c948e51
MpKsl448bed06
MpKsl44f4998c
MpKsl45505bef
MpKsl47b3ca69
MpKsl47ea287b
MpKsl48ccf674
MpKsl4d1eab4e
MpKsl4f6dbae4
MpKsl516bf919
MpKsl517dcecb
MpKsl5298f01f
MpKsl59b91202
MpKsl5ef1ec86
MpKsl6072bbb5
MpKsl61218270
MpKsl6311770c
MpKsl66ab3f0e
MpKsl6703f148
MpKsl6c9e286a
MpKsl71da0b56
MpKsl7264c9ec
MpKsl8992a367
MpKsl8b11a497
MpKsl8c810236
MpKsl909bfbe2
MpKsl91643c71
MpKsl973b9b5a
MpKsl97503644
MpKsla103cde5
MpKsla2c440ce
MpKsla77004b6
MpKslaa0eb88a
MpKsladafd0b5
MpKsladbff915
MpKslaf62d492
MpKslb1c97a59
MpKslb203cb97
MpKslb9c34659
MpKslb9c77ebb
MpKslbd99f0ba
MpKslc1f70495
MpKslc2b79f42
MpKslc2c07e08
MpKslc307a4e9
MpKslc44a2e2d
MpKslc5a4be7e
MpKslc7fc1145
MpKslcaacad30
MpKslce15223b
MpKsld93d5350
MpKslde70dbb2
MpKsldff0d3fa
MpKsle82704b8
MpKsledc0f3bc
MpKslf0812205
MpKslf47a2d0a
MpKslf493f4b9
MpKslf5640511
MpKslf58a8cb2
MpKslf5e3520f
MpKslf6982519
MpKslf7da15cc
MpKslfa200701
MpKslfac5648b
MpKslfdc351bf
MpKsld9533604

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

CF neumím, ale jsem hulvát a tak jsem to pustil kvůli logu...nedošlo mi, že to rovnou maže...příště lepší kvůli logu asi jen Hijackthis...

V jakym stavu je sustém...má cenu to čistit...slečna by si jej ráda vyzvedla a udělat nowej sys je podle mě míň časově náročný...?

díkes Kašos

Tak dle meho staci provest opravu co jsem psal a melo by byt PC ciste...

Oka jdu do toho... .... pro příště co pro Vás je lepší na log RSIT nebo Hijackthis...

Urcite RSIT - obsahuje tez HJT a jeste i dalsi veci navic...

Při provádění scriptu se divně vypnul systém a po restartu naběhl...jen nevím kde mám hledat log...

díkes

Mel by byt c:\combofix2.txt pokud neni, tak postup opakujte v nouzovem rezimu

Slečna s notebokem se už neukázala

tak díky za Vaše služby...

Neni zac

VIRY.CZ

Prosím o kontrolu nalezen webfun...díkes

Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes

Re: Prosím o kontrolu nalezen webfun...díkes