Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.

[Baron Prášil]

skus před tou instalací ukončit a zakázat všechny služby bezp.programů
Comodo Application Agent
Service Spyware Terminator Realtime Shield Service
a vše od avastu

odpoj se od netu.a zkus to

[solda1]

Bubííííííí

[BUBINO]

To volas mna, alebo sa ti to podarilo a od radosti kricis Bubii namiesto Jupiii ?

Ak to nejde, tak skus opravit windows pomocou instalacneho CD Win. Nabootuj z instalacky win, v hlv. menu klik na ENTER (instalovat win) >> F8 (Licencna zmluva) >> R (Klavesa R - repair). Zacne deletovanie suborov a ich nasledna obnova. Pocitac sa restartuje a zacne obnovovanie podobnej klasickej instalacii win. Klikaj podla pokynov na obrazovke. Udaje, ktore mas v pc sa ti nezmazu.

[solda1]

uz to moc nedela....kdyz opravim z CD tim Rkem,tak se fakt nic nesmaze ?

[BUBINO]

Pokial to ides len opravovat, ak sa nestane nic. Ale pokial ti vsetko ide do pohody, tak opravovat nemusis.

[solda1]

oka,dekuji Bubišu

[BUBINO]

Nemáš zač. Mile, rád

[RiCK]

Omfg, najucinnejsi navod ako odstranit viry z Winu je preinstalovat cale Win . ja to robim tak, Pevny disk mam rozdeleny na 3 casti, na jednom je iba Win a na ostatnych hry, programy atd. Ked preinstalujem Win tak mi to zmaze len C: (tam kde je Win) takze som v pohode

[solda1]

zajimave ale ja nad virama vyhral a ted jsem uz nekolik mesicu "cistej" jen diky temto lidem jako je Bubík a spol Jsem jim vdecnej

[zombux]

Omfg, najucinnejsi navod ako odstranit viry z Winu je preinstalovat cale Win

to je návod pro lamy. protože jen lama reinstaluje půl dne windows, když může odstranit infekci během několika desítek minut

[Accuphose]

Instalace Windows XP může být i otázkou 8 minut a máš systém jak dětskou prdýlku

[solda1]

Zdravím vás..mám o5 problém s virama...prosím vás moc o pomoc...mám plochu bílou,nejde dat pravým na ni a nic...mám tu nějaky šmejdy...děkuju za pomoc..pro začátek výpis z Hj


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:25, on 2008-08-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdbtj.exe] C:\WINDOWS\system32\kdbtj.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,62.240.161.226
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,62.240.161.226
O17 - HKLM\System\CS2\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,10.0.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{05DD93D2-FB60-41E3-83C9-6658F4241DAF}: NameServer = 62.240.178.250,62.240.161.226
O18 - Protocol: bw+0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {26F4FFDB-6B71-4912-B66C-2E94D7847C63} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O21 - SSODL: wbqxfpgl - {81FFF6E8-C21A-4385-A06A-18637FE7E6EC} - C:\WINDOWS\wbqxfpgl.dll
O21 - SSODL: tpabfelq - {71B92508-BAFA-46DF-909F-D7C7070167DF} - C:\WINDOWS\tpabfelq.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

--
End of file - 21848 bytes

[solda1]

no a ještě tohle mě hodí v textáku když dám pravým




- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!----
***** This file is automatically generated by Microsoft Windows *****
--------><HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1250"></HEAD>
<BODY
style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BORDER-LEFT: medium none; BORDER-BOTTOM: medium none"
bottomMargin=0 bgColor=#585768 leftMargin=0 background="" topMargin=0
rightMargin=0><IFRAME id=0
style="Z-INDEX: 1000; BACKGROUND: none transparent scroll repeat 0% 0%; LEFT: 0px; WIDTH: 1280px; POSITION: absolute; TOP: 0px; HEIGHT: 990px"
name=DeskMovrW marginWidth=0 marginHeight=0
src="file:///C:\WINDOWS\privacy_danger\index.htm" frameBorder=0
subscribed_url="" resizeable="XY"> </IFRAME>
<OBJECT id=ActiveDesktopMover
style="LEFT: 0px; VISIBILITY: hidden; WIDTH: 0px; POSITION: absolute; TOP: 0px; HEIGHT: 0px; container: positioned; zIndex: 5"
classid=clsid:72267F6A-A6F9-11D0-BC94-00C04FB67863></OBJECT>
<OBJECT id=ActiveDesktopMoverW
style="Z-INDEX: 999; LEFT: 0px; VISIBILITY: hidden; WIDTH: 1px; POSITION: absolute; TOP: 0px; HEIGHT: 990px; container: positioned"
classid=clsid:72267F6A-A6F9-11D0-BC94-00C04FB67863></OBJECT>&nbsp;
</BODY></HTML>

[rary]

Zdravím.
Pustíme se do odstraňování.

Stáhni si ComboFix a ulož ho na plochu a poté ho spusť.
Postupuj dle pokynů na obrazovce, během aplikování ComboFixu neklikej do zobrazujícího se okna může se stát totiž že to proces zastaví.
Je možné, že se restartuje počítač, znamená to, že byli nalezeny škodlivé soubory a je nutný restart, aby je ComboFix smazal.
Po skončení se vytvoří log tak sem zkopíruj jeho obsah.

Poznámka: Pro spuštění ComboFixe je nutné mít práva administrátora.

[solda1]

děkuju,že mě začínáš pomáhat..vážím si toho..kdo ví kde skončili časy bubiša.. tu je ten log


ComboFix 08-08-14.05 - Administrator 2008-08-15 18:22:43.18 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1539 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\NetProject
C:\Program Files\VAV
C:\Program Files\VAV\vav.ooo
C:\Program Files\VAV\vav0.dat
C:\Program Files\VAV\vav1.dat
C:\WINDOWS\edpw.exe
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\system32\kdbtj.exe
C:\WINDOWS\system32\kmd.exe
C:\WINDOWS\system32\Microsoft\backup.ftp
C:\WINDOWS\system32\Microsoft\backup.tftp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\se500mdm.dll
C:\WINDOWS\system32\sex2.ico
C:\WINDOWS\wbqxfpgl.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GENERIC_HOST_PROCESS_FOR_WIN-32_SERVICE
-------\Legacy_MSWINDOWS


((((((((((((((((((((((((( Files Created from 2008-07-15 to 2008-08-15 )))))))))))))))))))))))))))))))
.

2008-08-15 18:16 . 2008-08-15 18:29 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-15 18:16 . 2008-08-15 18:26 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-15 00:33 . 2008-08-13 11:02 86,016 --a------ C:\WINDOWS\ateqoflr.exe
2008-08-15 00:30 . 2008-08-15 00:30 94,208 --a------ C:\WINDOWS\DIIUnin.exe
2008-08-15 00:30 . 2008-08-15 00:30 15,299 --a------ C:\WINDOWS\DIIUnin.dat
2008-08-15 00:30 . 2008-08-15 00:30 2,829 --a------ C:\WINDOWS\DIIUnin.pif
2008-08-13 15:48 . 2008-08-13 15:48 <DIR> d-------- C:\Program Files\FDRLab
2008-08-11 17:52 . 2008-08-14 11:05 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-08-11 17:52 . 2008-08-14 11:05 <DIR> d-------- C:\Program Files\QuickTime
2008-08-11 17:52 . 1999-11-10 11:05 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2008-07-31 19:41 . 2008-08-14 14:55 1,246 --a------ C:\WINDOWS\kaillera.ini
2008-07-30 16:39 . 2008-07-30 16:39 40,960 --a------ C:\WINDOWS\_ds5B.tmp
2008-07-30 16:37 . 2008-07-30 16:39 <DIR> d-------- C:\Program Files\GameSpy Arcade
2008-07-30 16:37 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2008-07-30 16:37 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
2008-07-15 01:06 . 2008-07-15 01:06 <DIR> d-------- C:\Program Files\CDBurnerXP
2008-07-15 00:51 . 2008-07-15 01:06 <DIR> d-------- C:\Program Files\CD to MP3 Freeware
2008-07-15 00:51 . 2001-03-23 16:29 880,912 --a------ C:\WINDOWS\WM8EUTIL.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-15 07:35 --------- d-----w C:\Program Files\WinClamAVShield
2008-08-14 23:13 --------- d-----w C:\Program Files\Spyware Terminator
2008-08-14 09:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-14 09:03 --------- d-----w C:\Program Files\Mv2Player
2008-08-10 10:30 --------- d-----w C:\Program Files\Winamp Toolbar
2008-08-10 10:30 --------- d-----w C:\Program Files\Ulead SmartSaver Pro 3.0
2008-08-10 10:29 --------- d-----w C:\Program Files\AskTBar
2008-07-31 20:46 --------- d-----w C:\Program Files\VideoLAN
2008-07-10 07:41 --------- d-----w C:\Program Files\ICQ6
2008-07-10 07:33 --------- d-----w C:\Program Files\ICQ6Toolbar
2008-07-08 15:53 --------- d-----w C:\Program Files\QIP
2008-07-07 20:15 --------- d-----w C:\Program Files\ICQToolbar
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 16:49 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 14:53 32768]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 14:05 486856]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-05-22 11:04 521128]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-02 13:00 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-08-10 10:18 1783808]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-02-11 19:22 1115728]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-03-27 08:35 36352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-08-11 17:52 77824]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 11:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 13:45 49152 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 16:49 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Games\\Steam\\SteamApps\\rickard_bjerk@hotmail.com\\counter-strike\\hl.exe"=
"C:\\Games\\Warcraft III\\war3.exe"=
"C:\\Games\\Steam\\SteamApps\\rickard_bjerk@hotmail.com\\half-life\\hl.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"20987:TCP"= 20987:TCP:BitComet 20987 TCP
"20987:UDP"= 20987:UDP:BitComet 20987 UDP

R0 MPRIFL;MPRIFL;C:\WINDOWS\system32\DRIVERS\MPRIFL.SYS [2007-12-13 21:13]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 11:04]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-05-03 11:04]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 19:26]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 15:34]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-04 00:04]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 23:10]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b77df1c0-d3d6-11dc-8c4c-001d7d948846}]
\Shell\AutoRun\command - F:\SETUP.EXE
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-C:\WINDOWS\system32\kdbtj.exe - C:\WINDOWS\system32\kdbtj.exe
Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\5hud0uf2.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-15 18:29:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C:\\WINDOWS\\system32\\kdbtj.exe"="C:\\WINDOWS\\system32\\kdbtj.exe"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
-> C:\Program Files\Logitech\SetPoint\GameHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
.
**************************************************************************
.
Completion time: 2008-08-15 18:31:46 - machine was rebooted [Administrator]
ComboFix-quarantined-files.txt 2008-08-15 16:31:39

Pre-Run: 5,170,655,232
Post-Run: 5,216,677,888

170 --- E O F --- 2008-06-11 12:06:39

[rary]

Nemáš zač. Mě to baví.

Takže než budeme pokračovat.
Otestuj tyto soubory na virustotalu:
C:\WINDOWS\kaillera.ini
C:\WINDOWS\_ds5B.tmp

A zkopíruj sem výsledky.

[solda1]

už...jsou v pohodě oba dva...

[rary]

Já se omlouvám, za pozdní odpověď.

Smaž manuálně tento soubor:
C:\WINDOWS\ateqoflr.exe

A tuto složku:
C:\Program Files\AskTBar

Počítač musí být nabootovaný v nouzovém režimu.

A pak sem vlož nový log z ComboFixu.

[solda1]

nabootovaný ? co to je ?

[rary]

Tím sem chtěl říci, že PC musí běžet v nouzovém režimu.