AVG mi našlo několik viru

[adonny]

Dobrý den, antivir AVG mi našel v C:\Users\Boris\AppData\Local\Temp 3 zavirovane soubory ktere se jmenuji "Ytb(Trojský kůň Crypt.RTG),Ytc(Trojský kůň Crypt.RTS),Ytd(Trojský kůň Generic17.AQCI)" pote mi nasel vir v C:\windows\system32\sshnas21.dll (Trojský kůň Crypt.RTL) pote C:\Windows\System32\rundll32.exe (2112) (Trojský kůň Crypt.RTL)
(Trojský kůň Generic17.AQCI)
a ještě HKU\S-1-5-21-3038224116-2228616904-308158760-1000\Software\Microsoft\Windows\currentVersion\Run\\YVIBBBHA8C

Přikladam RSIT log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Boris at 2010-04-04 14:56:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 92 GB (39%) free of 238 GB
Total RAM: 2047 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:00:18, on 4.4.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\Ymeqoa.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Users\Boris\AppData\Local\Temp\Ytd.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Jabbim\jabbim.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Boris\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Users\Boris\AppData\Local\Apps\2.0\1AV85B54.8H9\8P2Z0BGD.KDG\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Windows\system32\conime.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Boris\Desktop\RSIT.exe
C:\Program Files\trend micro\Boris.exe
C:\Windows\system32\msfeedssync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wow.spojka.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Boris\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Boris\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Jabbim.lnk = C:\Program Files\Jabbim\jabbim.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe

--
End of file - 10625 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{1CB939E2-DFCB-4177-9C92-76757785239D}.job
C:\Windows\tasks\User_Feed_Synchronization-{1E0B1D22-D565-4A9E-9DC2-120B0F690ABE}.job
C:\Windows\tasks\User_Feed_Synchronization-{6C33CF46-6887-4FC2-A862-CE0598A2CBEF}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-02 1602912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2007-07-31 1933256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Boris\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-02-10 119808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL [2008-02-12 57344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-29 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-12-29 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-12-29 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-01 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFEF0-5B30-21D4-945D-000000000000}]
C:\PROGRA~1\STARDO~1\SDIEInt.dll [2004-12-11 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL [2007-07-31 1933256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-29 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-13 4489216]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-05-15 35328]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-07-23 380928]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Skytel"=C:\Windows\Skytel.exe [2007-05-28 1826816]
""= []
"HPUsageTracking"=C:\Program Files\HP\HP UT\bin\hppusg.exe [2007-11-02 36864]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2007-05-31 61440]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-02 2064224]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Google Update"=C:\Users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 135664]
"Canaveral"=C:\Windows\system32\sshnas21.dll,BackupReadW []

C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
Jabbim.lnk - C:\Program Files\Jabbim\jabbim.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-10-01 87552]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca6f638b-3175-11dc-b611-001a92e78344}]
shell\AutoRun\command - J:\autoplay.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-04-03 07:39:07 ----D---- C:\Windows\Sun
2010-04-02 22:29:10 ----A---- C:\Windows\Ymeqoa.exe
2010-03-31 16:08:35 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 16:08:34 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 16:08:33 ----A---- C:\Windows\system32\iertutil.dll
2010-03-31 16:08:32 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 16:08:32 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 16:08:32 ----A---- C:\Windows\system32\occache.dll
2010-03-31 16:08:32 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-31 16:08:31 ----A---- C:\Windows\system32\mstime.dll
2010-03-31 16:08:31 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-31 16:08:30 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-31 16:08:30 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 16:08:30 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 16:08:29 ----A---- C:\Windows\system32\msfeedssync.exe
2010-03-31 16:08:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-31 16:08:29 ----A---- C:\Windows\system32\jsproxy.dll
2010-03-31 16:08:29 ----A---- C:\Windows\system32\iesysprep.dll
2010-03-31 16:08:29 ----A---- C:\Windows\system32\iesetup.dll
2010-03-31 16:08:29 ----A---- C:\Windows\system32\iernonce.dll
2010-03-31 16:08:29 ----A---- C:\Windows\system32\ie4uinit.exe
2010-03-13 09:11:26 ----A---- C:\Windows\system32\avgrsstx.dll
2010-03-12 00:00:14 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-12 00:00:08 ----A---- C:\Windows\system32\httpapi.dll

======List of files/folders modified in the last 1 months======

2010-04-04 14:57:50 ----D---- C:\Windows\Prefetch
2010-04-04 14:57:42 ----D---- C:\Program Files\trend micro
2010-04-04 14:56:33 ----D---- C:\Windows\Temp
2010-04-04 14:16:50 ----AD---- C:\Windows\System32
2010-04-04 14:00:59 ----AD---- C:\Windows
2010-04-04 11:19:59 ----D---- C:\ProgramData\avg9
2010-04-04 11:09:04 ----SHD---- C:\System Volume Information
2010-04-04 10:30:25 ----D---- C:\Windows\inf
2010-04-04 10:30:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-04 10:25:36 ----D---- C:\Windows\Tasks
2010-04-03 23:03:17 ----D---- C:\Windows\system32\Tasks
2010-04-03 20:01:44 ----D---- C:\Users\Boris\AppData\Roaming\OpenOffice.org2
2010-04-02 22:27:16 ----SHD---- C:\Windows\Installer
2010-04-02 21:14:39 ----D---- C:\Windows\Debug
2010-04-01 06:46:53 ----D---- C:\Windows\system32\migration
2010-04-01 06:46:53 ----D---- C:\Program Files\Internet Explorer
2010-03-31 23:12:05 ----D---- C:\Windows\winsxs
2010-03-31 16:05:19 ----D---- C:\Windows\system32\catroot2
2010-03-31 16:05:19 ----D---- C:\Windows\system32\catroot
2010-03-14 00:53:32 ----D---- C:\Users\Boris\AppData\Roaming\Skype
2010-03-13 21:36:19 ----D---- C:\Users\Boris\AppData\Roaming\skypePM
2010-03-13 09:12:43 ----D---- C:\Windows\system32\drivers
2010-03-12 12:47:46 ----D---- C:\Users\Boris\AppData\Roaming\ICQ
2010-03-12 12:02:28 ----D---- C:\Program Files\Windows Mail
2010-03-12 12:02:28 ----D---- C:\Program Files\Movie Maker
2010-03-09 20:58:06 ----D---- C:\games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-03-13 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-03-13 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-03-13 242696]
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-02-20 29704]
R1 EIO;EIO; C:\Windows\System32\Drivers\eio.sys [2007-07-23 12288]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2007-07-14 271360]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-02-20 39944]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2007-07-14 18048]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2007-07-23 13696]
R3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\L260x86.sys [2006-12-13 25600]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2007-07-23 30848]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2007-07-19 16384]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2007-07-20 9856]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-10-09 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-12 1787816]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S2 BT848;WinFast TV2000 XP WDM Video Capture; C:\Windows\system32\drivers\wf2kvcap.sys [2004-10-04 75925]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 gMouPS2;PS2 Scroll Mouse Device; C:\Windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\Windows\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-02 1083520]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-13 308064]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-08 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-10-08 103736]
S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2007-07-23 67072]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\Windows\system32\sfrem01.exe [2006-07-05 358008]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Děkuji za pomoc jak to oddělat:D

[Caroprd111]

Zdravím


Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.


Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[adonny]

Udělal jsem co jste říkal, ale při Combofixu se mi restartoval PC to je normalni to vim, ale když se resenul, naskočila tabulka jak se dělá sken, potom naskočil texťák, zkopčil jsem to a vypnul... snažil uložit ale nešlo...pote jsem vypnul texťák a zustala jen černá obrazovka to samé při druhém skenu... a musel jsem odhlasit uživatele a tim se mi vymazalo uložení (ctrl+c) to uložení na plochu vůbec neproběhlo...

a při spuštění mi to hodilo chybu v souboru C:\windows\system32\sshnas21.dll

[Caroprd111]

Podívejte se do C:\Combofix, jestli tam není log.

[adonny]

nejsem si jistej, ale v te slozce jak jsi psal byl soubor ComboFix a v nem bylo napsano


ComboFix 10-04-03.02 - Boris 04.04.2010 17:45:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.1064 [GMT 2:00]
Spuštěný z: C:\Users\Boris\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\$RECYCLE.BIN\S-1-5-21-2152478756-3922319563-605102323-500
C:\$RECYCLE.BIN\S-1-5-21-2939526638-1891889465-2512388939-500
C:\$RECYCLE.BIN\S-1-5-21-3756814594-934791744-2934890308-500
C:\Program Files\DaemonTools_WhenUSave_Installer
C:\Program Files\DaemonTools_WhenUSave_Installer\vvsn.cfg
C:\Users\Boris\AppData\Roaming\Microsoft\Internet Explorer\qiPSearchbar.dll
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-04 do 2010-04-04 )))))))))))))))))))))))))))))))
.

2010-04-04 16:08:17 . 2010-04-04 16:08:57 -------- d-----w- C:\Users\Boris\AppData\Local\temp
2010-04-04 16:08:17 . 2010-04-04 16:08:17 -------- d-----w- C:\Users\Guest\AppData\Local\temp
2010-04-04 16:08:17 . 2010-04-04 16:08:17 -------- d-----w- C:\Users\Default\AppData\Local\temp
2010-04-04 16:08:16 . 2010-04-04 16:08:16 -------- d-----w- C:\Users\Hanulka\AppData\Local\temp
2010-04-03 05:39:07 . 2010-04-03 05:39:07 -------- d-----w- C:\Windows\Sun
2010-04-02 07:50:53 . 2010-04-02 07:50:53 4076824 ----a-w- C:\ProgramData\avg9\update\backup\avgui.exe
2010-04-02 07:50:53 . 2010-04-02 07:50:53 2059544 ----a-w- C:\ProgramData\avg9\update\backup\avgtray.exe
2010-04-02 07:50:52 . 2010-04-02 07:50:52 1598744 ----a-w- C:\ProgramData\avg9\update\backup\avgssie.dll
2010-04-02 07:50:52 . 2010-04-02 07:50:52 1515224 ----a-w- C:\ProgramData\avg9\update\backup\avgwd.dll
2010-04-02 07:50:52 . 2010-04-02 07:50:52 1274136 ----a-w- C:\ProgramData\avg9\update\backup\avgfrw.exe
2010-04-02 07:50:51 . 2010-04-02 07:50:51 598296 ----a-w- C:\ProgramData\avg9\update\backup\avgsrmx.dll
2010-04-02 07:50:51 . 2010-04-02 07:50:51 313112 ----a-w- C:\ProgramData\avg9\update\backup\avglogx.dll
2010-04-02 07:50:51 . 2010-04-02 07:50:51 1086744 ----a-w- C:\ProgramData\avg9\update\backup\avgchsvx.exe
2010-04-02 07:50:50 . 2010-04-02 07:50:50 556824 ----a-w- C:\ProgramData\avg9\update\backup\avgchjwx.dll
2010-04-02 07:50:50 . 2010-04-02 07:50:50 459544 ----a-w- C:\ProgramData\avg9\update\backup\avgcclix.dll
2010-04-02 07:50:50 . 2010-04-02 07:50:50 4250976 ----a-w- C:\ProgramData\avg9\update\backup\avgcorex.dll
2010-04-02 07:50:50 . 2010-04-02 07:50:50 341272 ----a-w- C:\ProgramData\avg9\update\backup\avgxch32.dll
2010-04-02 07:50:50 . 2010-04-02 07:50:50 301336 ----a-w- C:\ProgramData\avg9\update\backup\avgchclx.dll
2010-04-02 07:49:02 . 2010-04-02 07:49:02 1685784 ----a-w- C:\ProgramData\avg9\update\backup\avgupd.dll
2010-04-02 07:49:02 . 2010-04-02 07:49:02 1035032 ----a-w- C:\ProgramData\avg9\update\backup\avgupd.exe
2010-03-13 07:12:17 . 2010-03-13 07:12:17 360584 ----a-w- C:\ProgramData\avg9\update\backup\avgtdix.sys
2010-03-13 07:12:17 . 2010-03-13 07:12:17 28424 ----a-w- C:\ProgramData\avg9\update\backup\avgmfx86.sys
2010-03-13 07:12:16 . 2010-03-13 07:12:16 333192 ----a-w- C:\ProgramData\avg9\update\backup\avgldx86.sys
2010-03-13 07:11:26 . 2010-03-13 07:11:26 12464 ----a-w- C:\Windows\system32\avgrsstx.dll
2010-03-11 22:00:14 . 2010-02-20 23:06:41 24064 ----a-w- C:\Windows\system32\nshhttp.dll
2010-03-11 22:00:09 . 2010-02-20 20:53:34 411648 ----a-w- C:\Windows\system32\drivers\http.sys
2010-03-11 22:00:08 . 2010-02-20 23:05:14 30720 ----a-w- C:\Windows\system32\httpapi.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-04 15:38:32 . 2007-01-08 21:09:29 606912 ----a-w- C:\Windows\system32\perfh005.dat
2010-04-04 15:38:32 . 2007-01-08 21:09:29 119398 ----a-w- C:\Windows\system32\perfc005.dat
2010-04-04 14:07:06 . 2010-01-05 21:13:11 -------- d-----w- C:\ProgramData\avg9
2010-04-04 12:57:42 . 2010-01-14 19:17:57 -------- d-----w- C:\Program Files\trend micro
2010-04-03 18:01:44 . 2007-11-05 19:08:59 -------- d-----w- C:\Users\Boris\AppData\Roaming\OpenOffice.org2
2010-04-03 09:03:05 . 2007-10-28 19:05:43 7244 ----a-w- C:\Users\Boris\AppData\Local\d3d9caps.dat
2010-04-02 07:50:51 . 2010-04-02 07:50:51 1086744 ----a-w- C:\ProgramData\avg9\update\backup\avgchsvx.exe
2010-04-02 07:50:50 . 2010-04-02 07:50:50 556824 ----a-w- C:\ProgramData\avg9\update\backup\avgchjwx.dll
2010-03-13 22:53:32 . 2007-07-18 20:11:42 -------- d-----w- C:\Users\Boris\AppData\Roaming\Skype
2010-03-13 19:36:19 . 2010-01-10 09:05:44 -------- d-----w- C:\Users\Boris\AppData\Roaming\skypePM
2010-03-13 07:11:30 . 2010-01-05 21:13:27 242696 ----a-w- C:\Windows\system32\drivers\avgtdix.sys
2010-03-13 07:11:25 . 2010-01-05 21:13:23 29512 ----a-w- C:\Windows\system32\drivers\avgmfx86.sys
2010-03-13 07:09:11 . 2010-01-05 21:13:25 216200 ----a-w- C:\Windows\system32\drivers\avgldx86.sys
2010-03-12 10:47:46 . 2007-07-18 09:38:25 -------- d-----w- C:\Users\Boris\AppData\Roaming\ICQ
2010-03-12 10:02:28 . 2006-11-02 11:18:33 -------- d-----w- C:\Program Files\Windows Mail
2010-02-24 13:15:37 . 2007-07-13 11:52:57 100432 ----a-w- C:\Users\Boris\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-23 06:39:13 . 2010-03-31 14:08:32 916480 ----a-w- C:\Windows\system32\wininet.dll
2010-02-23 06:33:45 . 2010-03-31 14:08:29 71680 ----a-w- C:\Windows\system32\iesetup.dll
2010-02-23 06:33:45 . 2010-03-31 14:08:29 109056 ----a-w- C:\Windows\system32\iesysprep.dll
2010-02-23 04:55:36 . 2010-03-31 14:08:30 133632 ----a-w- C:\Windows\system32\ieUnatt.exe
2010-02-21 07:01:08 . 2007-04-13 09:46:59 -------- d-----w- C:\ProgramData\Microsoft Help
2010-02-16 20:40:06 . 2010-02-16 19:54:26 -------- d-----w- C:\Users\Boris\AppData\Roaming\jabbim
2010-02-16 19:53:54 . 2010-02-16 19:53:40 -------- d-----w- C:\Program Files\Jabbim
2010-01-25 12:00:35 . 2010-02-23 20:58:40 471552 ----a-w- C:\Windows\system32\secproc_isv.dll
2010-01-25 12:00:35 . 2010-02-23 20:57:33 152576 ----a-w- C:\Windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00:35 . 2010-02-23 20:57:33 152064 ----a-w- C:\Windows\system32\secproc_ssp.dll
2010-01-25 12:00:22 . 2010-02-23 20:58:35 471552 ----a-w- C:\Windows\system32\secproc.dll
2010-01-25 11:58:52 . 2010-02-23 20:57:32 332288 ----a-w- C:\Windows\system32\msdrm.dll
2010-01-25 08:21:20 . 2010-02-23 20:57:55 526336 ----a-w- C:\Windows\system32\RMActivate_isv.exe
2010-01-25 08:21:20 . 2010-02-23 20:57:45 346624 ----a-w- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21:18 . 2010-02-23 20:57:45 347136 ----a-w- C:\Windows\system32\RMActivate_ssp.exe
2010-01-25 08:21:18 . 2010-02-23 20:57:41 518144 ----a-w- C:\Windows\system32\RMActivate.exe
2010-01-23 09:26:13 . 2010-02-23 21:00:17 2048 ----a-w- C:\Windows\system32\tzres.dll
2010-01-16 08:03:26 . 2010-01-16 08:03:25 691696 ----a-w- C:\Windows\system32\drivers\sptd.sys
2010-01-10 09:05:57 . 2010-01-10 09:05:57 56 ---ha-w- C:\ProgramData\ezsidmv.dat
2010-01-07 15:07:14 . 2010-01-15 20:25:01 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07:04 . 2010-01-15 20:25:00 19160 ----a-w- C:\Windows\system32\drivers\mbam.sys
2010-01-06 15:39:38 . 2010-02-23 20:57:14 1696256 ----a-w- C:\Windows\system32\gameux.dll
2010-01-06 15:38:47 . 2010-02-23 20:57:12 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2010-01-06 15:38:40 . 2010-02-23 20:57:13 173056 ----a-w- C:\Windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38:39 . 2010-02-23 20:57:13 2159616 ----a-w- C:\Windows\AppPatch\AcGenral.dll
2010-01-06 15:38:39 . 2010-02-23 20:57:12 542720 ----a-w- C:\Windows\AppPatch\AcLayers.dll
2010-01-06 15:38:39 . 2010-02-23 20:57:12 458752 ----a-w- C:\Windows\AppPatch\AcSpecfc.dll
2010-01-06 13:30:41 . 2010-02-23 20:57:11 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2006-05-08 03:36:38 . 2007-09-03 10:23:22 6195970 ----a-w- C:\Program Files\XP Codec Pack 1.3.4.exe
2009-05-01 21:02:48 . 2009-05-01 21:02:48 1044480 ----a-w- C:\Program Files\opera\program\plugins\libdivx.dll
2009-05-01 21:02:48 . 2009-05-01 21:02:48 200704 ----a-w- C:\Program Files\opera\program\plugins\ssldivx.dll
2004-12-02 05:18:08 . 2007-04-13 10:17:11 222390 --sha-r- C:\Windows\ConfigSetRoot\IO.SYS
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 04:03:26 221184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 07:33:39 202240]
"Google Update"="C:\Users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-07 15:38:16 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 07:38:38 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-13 11:11:30 4489216]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 04:03:04 81920]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 22:22:22 35328]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-05-01 07:47:42 148888]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 14:06:30 2027792]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 14:02:54 563984]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-02-11 18:13:12 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-02-11 18:13:02 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-02-11 18:13:08 133656]
"ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-23 10:48:00 380928]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:00 39792]
"Skytel"="Skytel.exe" [2007-05-28 18:39:46 1826816]
"HPUsageTracking"="C:\Program Files\HP\HP UT\bin\hppusg.exe" [2007-11-02 13:52:40 36864]
"ioCentre"="C:\Genius\ioCentre\gTaskBar.exe" [2007-05-31 18:16:08 61440]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-09-17 21:55:00 13580832]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-09-17 21:55:00 92704]
"Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 15:07:10 1394000]

C:\Users\Hanulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-6-8 393216]

C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-1-20 0]
Jabbim.lnk - C:\Program Files\Jabbim\jabbim.exe [2009-8-21 211968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\Windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a4,c1,05,92,28,3a,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3038224116-2228616904-308158760-1000]
"EnableNotificationsRef"=dword:00000001

R0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2010-01-16 08:03:26 691696]
R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\Windows\system32\drivers\wf2kvcap.sys [2004-10-04 09:34:56 75925]
R3 gMouPS2;PS2 Scroll Mouse Device;C:\Windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 03:48:46 17408]
R3 K320bus;Sony Ericsson K320 driver (WDM);C:\Windows\system32\DRIVERS\K320bus.sys [2006-08-18 09:10:24 61504]
R3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\K320mdfl.sys [2006-08-18 09:10:22 9328]
R3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\K320mdm.sys [2006-08-18 09:10:22 97056]
R3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\K320mgmt.sys [2006-08-18 09:10:20 88560]
R3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\K320obex.sys [2006-08-18 09:10:18 86368]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2010-01-07 15:07:14 38224]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-02 08:27:22 1083520]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\System32\Drivers\avgldx86.sys [2010-03-13 07:09:11 216200]
S1 AvgTdiX;AVG Free Network Redirector;C:\Windows\System32\Drivers\avgtdix.sys [2010-03-13 07:11:30 242696]
S1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 10:11:16 33800]
S2 avg9wd;AVG Free WatchDog;C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-13 07:11:19 308064]
S3 3xHybrid;3xHybrid service;C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 11:34:54 674048]
S3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller;C:\Windows\system32\DRIVERS\L260x86.sys [2006-12-13 10:00:08 25600]
S3 gHidPnp;USB Device Enhanced Function Driver;C:\Windows\system32\Drivers\gHidPnp.Sys [2007-07-19 18:13:10 16384]
S3 gMouUsb;USB Mouse Device Drv;C:\Windows\system32\DRIVERS\gMouUsb.sys [2007-07-20 16:08:54 9856]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-04-03 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000Core.job
- C:\Users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 15:38:23 . 2010-02-07 15:38:16]

2010-04-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000UA.job
- C:\Users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 15:38:23 . 2010-02-07 15:38:16]

2010-04-04 C:\Windows\Tasks\User_Feed_Synchronization-{1CB939E2-DFCB-4177-9C92-76757785239D}.job
- C:\Windows\system32\msfeedssync.exe [2010-03-31 14:08:29 . 2010-02-23 04:54:43]

2010-04-04 C:\Windows\Tasks\User_Feed_Synchronization-{1E0B1D22-D565-4A9E-9DC2-120B0F690ABE}.job
- C:\Windows\system32\msfeedssync.exe [2010-03-31 14:08:29 . 2010-02-23 04:54:43]

2010-04-04 C:\Windows\Tasks\User_Feed_Synchronization-{6C33CF46-6887-4FC2-A862-CE0598A2CBEF}.job
- C:\Windows\system32\msfeedssync.exe [2010-03-31 14:08:29 . 2010-02-23 04:54:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://wow.spojka.org/
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.yahoo.com
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-Canaveral - C:\Windows\system32\sshnas21.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-04 18:08:57
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x860D8A88]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x88c6ed24
\Driver\ACPI -> acpi.sys @ 0x83649d68
\Driver\atapi -> 0x860d8a88
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-04-04 18:13:05
ComboFix-quarantined-files.txt 2010-04-04 16:13:02

Před spuštěním: Volných bajtů: 98 965 319 680
Po spuštění: Volných bajtů: 98 976 600 064

- - End Of File - - 43CDCD26A7AB6177DC73DC5828D07DC4




Je to ono?:)

[Caroprd111]

Je to ono.


Odinstalujte všechny emulátory virtuálních mechanik.

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

• Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
• zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

• Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

[adonny]

ty mechaniky nevim...alkohol ani nic podobneho nemam...

[Caroprd111]

V tom případě pokračujte dalším krokem.

[adonny]

vse probehlo normalne...az na ten MBR... skousel jsem to pres ten spustit ale neslo.. a psalo to:

ale mel jsem to na plose... skousel jsem to zapnout normalne... a bylo v tom textaku ktery se tam vytvoril jen:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
kernel: error reading MBR

[Caroprd111]

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

[adonny]

udelal jsem to jak bylo psano, poprve kdyz jsem delal scan tak probehl ten prvni:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-05 12:15:06
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Boris\AppData\Local\Temp\uflcyuog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdir.sys
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----


pri druhem se to sekloa naskocilo ze to neodpovida kliknul jsem na "ukoncit program" po nekolika sekundach tak 30... modra smrt...

resetnul se PC tak jsem to zapnul znova... udelal jsem zase ten prvni scan kde bylo:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-05 12:22:43
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Boris\AppData\Local\Temp\uflcyuog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdir.sys
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----


pri druhem scanu jsem pocital s tim ze se to zase sekne, tak jsem udelal screen:

ulozil jsem a necekane zase modra smrt... uz jsem to nezapinal:D takze se ten druhej scan nikdy neudelal...dole v ramecku je napsane pri skenovani ceho se to seklo (na screenu)

[Caroprd111]

Zkuste Gmer přejmenovat (cokoliv.com) a spustit v nouzovém režimu.

[adonny]

tam musi bejt to .com ze? takze treba abc.com

[Caroprd111]

Ano, musí tam být .com

[adonny]

prejmenoval jsem, spustil v nouzaku ale udelalo to stejne co je na tom screenu dal jsem ukoncit program a cca za 10sec uz modra smrt... a prijde mi, ze se ted ten PC spomalil... ale nejsem si uplne jistej:D
a zase u uplne stejneho souboru...