pomalý start PC, aplikace nejdou spustit nebo se sekají

[badjucha]

Dobrý den, posílám log z PC
Při startu ( velmi pomalém) hlásí varování :sheduled agent settings file is corrupted. Zkoušela jsem spustit dr Weba ale sekl se mě celý počítač a nešel vypnout ani vyvolat správce souborů.

Logfile of random's system information tool 1.08 (written by random/random)
Run by petr at 2010-10-02 14:03:26
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 18 GB (15%) free of 119 GB
Total RAM: 2943 MB (56% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\NeroLiveEpgUpdate-petr-PC_petr.job
C:\Windows\tasks\Norton Security Scan for petr.job
C:\Windows\tasks\User_Feed_Synchronization-{B5570424-EEC8-4DE1-8348-B41D59B50F6A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup - C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-30 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-28 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\1006191535\ICQToolBar.dll [2010-03-28 1017592]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-09-03 630784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-13 106496]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2008-08-02 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2008-08-02 33136]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-06-26 778240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe /command:faststart []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-30 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-24 39408]
"Center Agent"=C:\Program Files\MSI\Digi VOX AD II\HyperMediaCenter\DTVR\Scheduled.exe [2007-01-19 864768]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-08-22 133432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Remote Control.lnk - C:\Program Files\MSI\Digi VOX AD II\EM_USB Device Utilities\EMRCtl.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-02 13:52:25 ----D---- C:\Program Files\trend micro
2010-10-02 13:52:24 ----D---- C:\rsit
2010-10-01 18:43:32 ----D---- C:\Temp
2010-09-30 14:37:51 ----ASH---- C:\hiberfil.sys
2010-09-30 13:29:38 ----A---- C:\Windows\ntbtlog.txt
2010-09-15 16:32:24 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 16:32:23 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 16:32:22 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 16:32:20 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-14 17:13:46 ----D---- C:\Users\petr\AppData\Roaming\smc
2010-09-14 17:12:53 ----D---- C:\Program Files\Secret Maryo Chronicles
2010-09-12 11:08:21 ----D---- C:\Users\petr\AppData\Roaming\TMInc
2010-09-11 21:34:29 ----D---- C:\ProgramData\AlawarWrapper
2010-09-11 21:33:55 ----D---- C:\Program Files\Hledači pokladů

======List of files/folders modified in the last 1 months======

2010-10-02 14:03:24 ----D---- C:\Windows\Temp
2010-10-02 13:52:25 ----RD---- C:\Program Files
2010-10-02 13:37:02 ----D---- C:\Program Files\Microsoft Silverlight
2010-10-02 10:11:43 ----D---- C:\Windows\System32
2010-10-02 10:11:43 ----D---- C:\Windows\inf
2010-10-02 10:11:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-02 10:11:00 ----D---- C:\Windows\system32\drivers
2010-10-02 10:07:00 ----SD---- C:\ProgramData\Microsoft
2010-10-02 09:58:28 ----D---- C:\Windows\winsxs
2010-10-02 09:56:38 ----SHD---- C:\Windows\Installer
2010-10-02 09:49:57 ----D---- C:\Windows\Prefetch
2010-09-30 14:57:16 ----D---- C:\Windows\Tasks
2010-09-30 14:45:24 ----A---- C:\Windows\system32\acovcnt.exe
2010-09-30 13:29:38 ----AD---- C:\Windows
2010-09-29 18:00:37 ----SHD---- C:\System Volume Information
2010-09-29 17:07:43 ----D---- C:\Windows\system32\catroot
2010-09-29 17:07:42 ----D---- C:\Windows\system32\catroot2
2010-09-25 09:51:46 ----D---- C:\Program Files\Google
2010-09-21 14:12:51 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-09-16 16:00:55 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 15:58:33 ----A---- C:\Windows\system32\mrt.exe
2010-09-16 15:58:19 ----D---- C:\Program Files\Windows Mail
2010-09-14 17:13:43 ----D---- C:\Windows\system32\Tasks
2010-09-14 17:13:33 ----D---- C:\Program Files\Mozilla Firefox
2010-09-12 11:08:14 ----HD---- C:\ProgramData
2010-09-06 17:20:36 ----SD---- C:\Users\petr\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-10-04 639224]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-02 64896]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-31 743424]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-10 57856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-11 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2006-12-01 113792]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-21 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2006-10-06 73600]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2006-10-28 40960]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 aaxo4gy8;aaxo4gy8; C:\Windows\system32\drivers\aaxo4gy8.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys [2007-08-09 31280]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 USB28xxBGA;USB 2883 Device; C:\Windows\system32\DRIVERS\emBDA.sys [2007-01-12 380416]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2006-12-21 30208]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 winusb;Služba WinUSB; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-11-01 77824]
R2 TwonkyMedia;TwonkyMedia; C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2008-10-20 102400]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9b14e781c1880;Google Update Service (gupdate1c9b14e781c1880); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-30 133104]
S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MSI\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-24 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[badjucha]

Tak se mě po velkých potížích se zálohováním souborů podařilo spustit kombo fix. Po odsouhlasení licenčních podmínek mě naskočila tabulka cscript.exe - chyba aplikace. Správná inicializace aplikace (0xc0000006) se nezdařila. Klepnutím na OK můžete aplikaci ukončit.
Po kliknutí na ok naskočilo na chvilku modré okno a vzápětí přes něj tabulka Chyba. Po potvrzení se zrestartoval PC a naskočilo modré okno s nápisem, že combo fix se chystá ke spuštění. a znova tabulka cscript.exe - chyba aplikace. Správná inicializace aplikace (0xc0000006) se nezdařila. Klepnutím na OK můžete aplikaci ukončit. tak teď už nevím co s tím. DÍKY MOC ZA RADU. PC není moje a nepodařilo se mě ani pořádně zazálohovat soubory. badjucha

Klepla jsem na OK a po chvilce mě vyskočila tabulka Program microsoft (R) Console Based Script Host přestal pracovat. Problém způsobil, že program přestal správně fungovat. Systém Windows program ukončí a oznámí vám zda je k dispozici řešení.

[vyosek]

Zkuste aplikovat ComboFix v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) - pokud bude i tak zlobit, tak nebojte, pujdem na to jinak - strelneho prachu mame dostatek

Ta modra obrazovka = modra smrt by mela po sobe zanechat stopy, tzv. minidumpy. Podivejte se, prosim, zda mate vytvorenou slozku C:\Windows\Minidump, mel by v ni byt nejake soubory s priponou dmp. Zabalte je a poslete mi je prosim na vyosek@forum.viry.cz - reknu kolegovi at se na ne podiva to modrou smrt zpusobilo

[badjucha]

Vypadá to, že se ten combo fix přece jenom chytil. I přes všechny ty tabulky co mě neustále naskakují to jede. Po dvou hodinách šrotování už připravuje log. Tak jak to bude hotovo, hned ho sem hodím.

[badjucha]

Tak už mám konečně log. vypadá to,že i počítač se trochu zrychlil a začíná celkem fungovat. Pro jistotu jsem poslala na email soubory .dmp

ComboFix 10-10-01.07 - petr 02.10.2010 22:30:36.1.2 - x86
Spuštěný z: c:\users\petr\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-02 do 2010-10-02 )))))))))))))))))))))))))))))))
.

2010-10-02 21:09 . 2010-10-02 21:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-02 11:52 . 2010-10-02 11:52 -------- d-----w- c:\program files\trend micro
2010-10-02 11:52 . 2010-10-02 11:53 -------- d-----w- C:\rsit
2010-10-02 08:11 . 2010-10-02 08:11 -------- d-----w- c:\users\petr\DoctorWeb
2010-10-01 16:43 . 2010-10-01 16:43 -------- d-----w- C:\Temp
2010-09-15 14:32 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 14:32 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 14:32 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 14:32 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-14 15:13 . 2010-09-14 15:14 -------- d-----w- c:\users\petr\AppData\Roaming\smc
2010-09-14 15:12 . 2010-09-14 15:13 -------- d-----w- c:\program files\Secret Maryo Chronicles
2010-09-12 09:08 . 2010-09-14 15:16 -------- d-----w- c:\users\petr\AppData\Roaming\TMInc
2010-09-11 19:34 . 2010-09-12 09:08 -------- d-----w- c:\programdata\AlawarWrapper
2010-09-11 19:33 . 2010-09-14 15:17 -------- d-----w- c:\program files\Hledači pokladů

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-02 19:35 . 2008-08-02 03:22 12 ----a-w- c:\windows\bthservsdp.dat
2010-10-02 18:51 . 2008-04-17 10:34 585654 ----a-w- c:\windows\system32\perfh005.dat
2010-10-02 18:51 . 2008-04-17 10:34 110398 ----a-w- c:\windows\system32\perfc005.dat
2010-10-02 11:37 . 2010-02-25 18:45 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-30 12:45 . 2008-08-02 04:38 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-09-25 07:51 . 2008-11-04 19:59 -------- d-----w- c:\program files\Google
2010-09-21 12:12 . 2008-08-02 03:42 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-09-16 14:00 . 2008-08-02 03:27 -------- d-----w- c:\programdata\Microsoft Help
2010-09-16 13:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-14 15:17 . 2010-09-11 19:33 -------- d-----w- c:\program files\Hledači pokladů
2010-08-24 15:22 . 2010-06-19 13:35 -------- d-----w- c:\program files\ICQ7.2
2010-08-04 16:09 . 2010-02-07 19:00 -------- d-----w- c:\users\petr\AppData\Roaming\ICQ
2008-11-15 08:31 . 2008-11-15 08:31 2788800 ----a-w- c:\program files\FLV PlayerFCSetup.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-24 39408]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-08-22 133432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-09-03 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-12-12 106496]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-08-02 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-08-02 33136]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-06-26 778240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-30 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate1c9b14e781c1880;Google Update Service (gupdate1c9b14e781c1880);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-30 133104]
R2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2008-10-20 102400]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MSI\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-10-04 639224]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
vvdsvc REG_MULTI_SZ vvdsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-30 15:44]

2010-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-30 15:44]

2010-04-04 c:\windows\Tasks\NeroLiveEpgUpdate-petr-PC_petr.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

2010-09-21 c:\windows\Tasks\Norton Security Scan for petr.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-06-17 07:48]

2010-10-02 c:\windows\Tasks\User_Feed_Synchronization-{B5570424-EEC8-4DE1-8348-B41D59B50F6A}.job
- c:\windows\system32\msfeedssync.exe [2010-08-13 04:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {3817FEE2-9991-4BDD-928C-EFDF2FE10C17} = 212.96.161.6,212.96.160.1
FF - ProfilePath - c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\fga1rd84.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|http://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&apn_uid=4A359BFA-62DF-42C7-994A-44FABB848DE4&apn_ptnrs=RY&apn_sauid=E15FDD33-F7BE-4BE6-AA05-A07A279001E1&apn_dtid=&q=
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\fga1rd84.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKLM-Run-Nokia FastStart - c:\program files\Nokia\Nokia Music\NokiaMusic.exe
ActiveSetup-ccc-core-static - msiexec
AddRemove-DVD Shrink_is1 - c:\program files\DVD Shrink\unins000.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-codecsfree - c:\program files\FreeCodecs\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-02 23:10
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-919688427-3783433199-1084184058-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e0,12,44,20,66,30,48,61,22,94,30,f0,7c,03,a4,d2,14,ae,95,b4,3b,4f,a3,
aa,1e,0c,18,e0,69,8a,05,d0,a3,e1,70,9b,2d,58,cb,02,70,08,f0,17,ee,ef,eb,7e,\
"??"=hex:47,f6,23,9c,1f,fe,9c,c0,51,d3,17,9d,05,13,8d,e3

[HKEY_USERS\S-1-5-21-919688427-3783433199-1084184058-1000\Software\SecuROM\License information*]
"datasecu"=hex:a9,60,22,d9,51,8f,66,26,db,9d,10,23,48,f1,78,1c,e6,a0,d5,fe,7c,
c3,af,60,b6,9a,61,39,71,ea,18,c9,99,14,f0,70,60,27,fe,27,e0,a6,fb,68,a7,6f,\
"rkeysecu"=hex:d8,97,b3,42,1e,5c,db,a6,a4,fd,a7,7e,a7,8f,62,3a

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-10-02 23:41:25
ComboFix-quarantined-files.txt 2010-10-02 21:41

Před spuštěním: Volných bajtů: 18 646 523 904
Po spuštění: Volných bajtů: 22 334 906 368

- - End Of File - - 5477E658CC456CCC6ACFB96D06931185

[vyosek]

O rozbor DMP souboru poprosim kolegu...

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Folder::
  c:\program files\Ask.com
  c:\program files\ICQ6Toolbar
  
  File::
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  c:\windows\Tasks\NeroLiveEpgUpdate-petr-PC_petr.job
  c:\windows\Tasks\Norton Security Scan for petr.job
  
  Driver::
  ICQ Service
  
  Registry::
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
  [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  "{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "swg"=-
  "ICQ"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "PowerForPhone"=-
  "Adobe Reader Speed Launcher"=-
  "DAEMON Tools"=-
  "TkBellExe"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
  "DisableMonitoring"=dword:00000000
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
  
  FireFox::
  FF - ProfilePath - c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\fga1rd84.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
  FF - prefs.js: browser.search.selectedEngine - Ask.com
  FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|ht ... t.icq.com/
  FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... n_dtid=&q=
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[badjucha]

Zase to šrotovalo 2 hoďky. Ty tabulky mě pořád při spuštěném combo fixu opakovaně otravují. Pořád ty samé. Ale PC se podstatně zlepšil. jenom se pořád nemůžu napojit na net. Díky Badjucha
ComboFix 10-10-01.07 - petr 03.10.2010 11:29:47.2.2 - x86
Spuštěný z: c:\users\petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\petr\Desktop\CFScript.txt

FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\NeroLiveEpgUpdate-petr-PC_petr.job"
"c:\windows\Tasks\Norton Security Scan for petr.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_5452.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\1006191535\config.xml
c:\program files\ICQ6Toolbar\1006191535\Icons.bmp
c:\program files\ICQ6Toolbar\1006191535\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\1006191535\ICQToolBar.dll
c:\program files\ICQ6Toolbar\1006191535\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\1006191535\logo_small.gif
c:\program files\ICQ6Toolbar\1006191535\short.wav
c:\program files\ICQ6Toolbar\1006191535\Version.txt
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\NeroLiveEpgUpdate-petr-PC_petr.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ICQ Service


((((((((((((((((((((((((( Soubory vytvořené od 2010-09-03 do 2010-10-03 )))))))))))))))))))))))))))))))
.

2010-10-03 09:51 . 2010-10-03 09:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-10-03 09:51 . 2010-10-03 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-03 08:39 . 2010-10-03 08:39 -------- d-----w- c:\users\petr\AppData\Local\Seven Zip
2010-10-03 08:18 . 2010-10-03 08:19 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-10-03 07:51 . 2010-10-03 07:51 -------- d-----w- c:\program files\CCleaner
2010-10-02 11:52 . 2010-10-02 11:52 -------- d-----w- c:\program files\trend micro
2010-10-02 11:52 . 2010-10-02 11:53 -------- d-----w- C:\rsit
2010-10-02 08:11 . 2010-10-02 08:11 -------- d-----w- c:\users\petr\DoctorWeb
2010-10-01 16:43 . 2010-10-01 16:43 -------- d-----w- C:\Temp
2010-09-15 14:32 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 14:32 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 14:32 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 14:32 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-14 15:13 . 2010-09-14 15:14 -------- d-----w- c:\users\petr\AppData\Roaming\smc
2010-09-14 15:12 . 2010-09-14 15:13 -------- d-----w- c:\program files\Secret Maryo Chronicles
2010-09-12 09:08 . 2010-09-14 15:16 -------- d-----w- c:\users\petr\AppData\Roaming\TMInc
2010-09-11 19:34 . 2010-09-12 09:08 -------- d-----w- c:\programdata\AlawarWrapper
2010-09-11 19:33 . 2010-09-14 15:17 -------- d-----w- c:\program files\Hledači pokladů

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-03 10:11 . 2008-08-02 04:38 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-10-03 10:07 . 2008-08-02 03:22 12 ----a-w- c:\windows\bthservsdp.dat
2010-10-03 09:04 . 2009-08-14 17:54 -------- d-----w- c:\program files\Opera 10 Beta
2010-10-03 09:00 . 2008-10-04 12:43 -------- d-----w- c:\program files\Electronic Arts
2010-10-03 08:15 . 2009-04-12 15:23 -------- d-----w- c:\programdata\Norton
2010-10-02 18:51 . 2008-04-17 10:34 585654 ----a-w- c:\windows\system32\perfh005.dat
2010-10-02 18:51 . 2008-04-17 10:34 110398 ----a-w- c:\windows\system32\perfc005.dat
2010-10-02 11:37 . 2010-02-25 18:45 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-25 07:51 . 2008-11-04 19:59 -------- d-----w- c:\program files\Google
2010-09-21 12:12 . 2008-08-02 03:42 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-09-16 14:00 . 2008-08-02 03:27 -------- d-----w- c:\programdata\Microsoft Help
2010-09-16 13:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-14 15:17 . 2010-09-11 19:33 -------- d-----w- c:\program files\Hledači pokladů
2010-08-24 15:22 . 2010-06-19 13:35 -------- d-----w- c:\program files\ICQ7.2
2010-08-04 16:09 . 2010-02-07 19:00 -------- d-----w- c:\users\petr\AppData\Roaming\ICQ
2008-11-15 08:31 . 2008-11-15 08:31 2788800 ----a-w- c:\program files\FLV PlayerFCSetup.exe
.

------- Sigcheck -------

[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-09-03 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-12-12 106496]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-08-02 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-08-02 33136]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R1 aswSP;avast! Self Protection; [x]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [x]
R2 gupdate1c9b14e781c1880;Google Update Service (gupdate1c9b14e781c1880);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-30 133104]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MSI\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-10-04 639224]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2008-10-20 102400]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x86.sys [2007-08-17 28672]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
vvdsvc REG_MULTI_SZ vvdsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-10-03 c:\windows\Tasks\User_Feed_Synchronization-{B5570424-EEC8-4DE1-8348-B41D59B50F6A}.job
- c:\windows\system32\msfeedssync.exe [2010-08-13 04:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {3817FEE2-9991-4BDD-928C-EFDF2FE10C17} = 212.96.161.6,212.96.160.1
FF - ProfilePath - c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\fga1rd84.default\
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\petr\AppData\Roaming\Mozilla\Firefox\Profiles\fga1rd84.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-03 12:13
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-919688427-3783433199-1084184058-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e0,12,44,20,66,30,48,61,22,94,30,f0,7c,03,a4,d2,14,ae,95,b4,3b,4f,a3,
aa,1e,0c,18,e0,69,8a,05,d0,a3,e1,70,9b,2d,58,cb,02,70,08,f0,17,ee,ef,eb,7e,\
"??"=hex:47,f6,23,9c,1f,fe,9c,c0,51,d3,17,9d,05,13,8d,e3

[HKEY_USERS\S-1-5-21-919688427-3783433199-1084184058-1000\Software\SecuROM\License information*]
"datasecu"=hex:a9,60,22,d9,51,8f,66,26,db,9d,10,23,48,f1,78,1c,e6,a0,d5,fe,7c,
c3,af,60,b6,9a,61,39,71,ea,18,c9,99,14,f0,70,60,27,fe,27,e0,a6,fb,68,a7,6f,\
"rkeysecu"=hex:d8,97,b3,42,1e,5c,db,a6,a4,fd,a7,7e,a7,8f,62,3a
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4524)
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATKOSD2\ATKOSD2.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMediaServer.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\MSI\Digi VOX AD II\EM_USB Device Utilities\EMRCtl.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
.
**************************************************************************
.
Celkový čas: 2010-10-03 12:32:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-03 10:32
ComboFix2.txt 2010-10-02 21:41

Před spuštěním: Volných bajtů: 29 488 861 184
Po spuštění: Volných bajtů: 29 473 652 736

- - End Of File - - E5706B6DFD013CB860D25A94A12C6050

[vyosek]

Co je na tech tabulkach psano Zhruba, presne si to asi nezapamatujete - pripadne vyfotte a dejte screen (navod na screen http://viry.cz/forum/viewtopic.php?f=15&t=14114)

Muzete prosim upresnit problemy s internetem

[badjucha]

Správná inicializace aplikace (0xc0000006) se nezdařila. Klepnutím na OK můžete aplikaci ukončit. a když dám OK tak skočí Program microsoft (R) Console Based Script Host přestal pracovat. Problém způsobil, že program přestal správně fungovat.
Majitel PC se doma na net připojuje přes kabel. Donesl to s tím, že mu nejede net a nejde mu nic spustit. Při připojení kabelu do síťové karty se připojím pouze do místní sítě ale ne na internet. Já jsem připojená přes router ale kdykoli jsem tu měla nějaký cizí PC tak stačilo zapíchnout kabel a jelo to. Přes wifi už se mě podařilo připojit, tak aspoň něco.

[vyosek]

Asi ComboFix nechce spolupracovat s Vasim OS...

Jsou spravne nastavene parametry pripojeni

[vyosek]

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci - treti zalozka
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[badjucha]

Tady je ten log. trvalo to trošku déle.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4736

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

4.10.2010 0:49:00
mbam-log-2010-10-04 (00-49-00).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 292401
Uplynulý čas: 6 hodina(y), 5 minuta(y), 51 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 7
Infikované hodnoty registru: 3
Infikované datové položky registru: 0
Infikované složky: 2
Infikované soubory: 7

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.

Infikované soubory:
C:\Users\petr\Favorites\Free Porn Tube Categories – Select Your Categories – Keezmovies.com.url (Rogue.Link) -> No action taken.
C:\Users\petr\Favorites\Free Porn Tube Videos, Extreme Hardcore Porn.url (Rogue.Link) -> No action taken.
C:\Users\petr\Favorites\Free Porn Video Streaming, Sex, Porno, Free XXX Porn.url (Rogue.Link) -> No action taken.
C:\Users\petr\Favorites\Free porn videos at Pornrabbit.url (Rogue.Link) -> No action taken.
C:\Users\petr\Favorites\Free Porn Videos, Porn Tube, Free Porn, Free Porn Movies, Porn, Sex.url (Rogue.Link) -> No action taken.
C:\Users\petr\Favorites\Free Porn, Porn Pictures, Porn Movies at Fuckk Galleries.url (Rogue.Link) -> No action taken.
C:\Users\petr\Favorites\Free Porn, Porn Tube, Free Porn Videos, Sex Movie, Porn - FreePorn.com.url (Rogue.Link) -> No action taken.

[vyosek]

Vse smazat, doporucuji i ty polozky inf.soubory (porno stranky), nedivim se ze PC zanesene haveti, kdyz se chodi po takovychto castech internetu

Jak se chova PC

[badjucha]

smazala jsem všechny soubory co našel ten MBAM. a po smazání se restartoval kompl. Nenaběhl Os ale nabídlo mi to buď spostit opravu systému po závažné chybě nebo spustit systém běžným způsobem. Tak jsem dala tu opravu, proklikala se až do konce a po zadání finisch se opět resetoval PC do té stejné nabídky. tak jsem dala spustit obvyklým způsobem. Spustil se OS ale jede strašně pomalu , skoro stojí. Antivirák MSE se asi 15 min. tvářil že je zastaralý a teď už zase je v pohodě. Začali se instalovat aktualizace, které se včera nepodařilo nainstalovat a stejně ta instalace selhala. Nejdou mě už od včera odinstalovat některé zkušební verze programů dodané s OS ( MO a Nero). Ten noťas zas není tak slabej aby jel tak strašně pomalu. Nemám ještě zkusit opravit OS z cd?