Security Center Alert!

Prosim vas pomože mi niekto zobrazi sa mi toto Security Center Alert!Virus Warning!Your computer is infected!Diky

nestahoval si nahodou Antivirus 2009 alebo Antivirus 2008?

Nie nestahoval som.

Stahovat ani netreba, taketo veci sastiahnu aj sami

Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!

Vypnut všetky otvorené aplikácie to znamená čo je v spodnej lište na pravo pri hodinách(na XP) to všetko povypínat alebo len Avast!(mám len avast ako antivirus).diky

To znamena ukoncit vsetku robotu na PC, spustit ComboFix a dat ruky z mysi aj klavesnice prec - ked svoju pracu skonci, objavi sa log. Ten sem treba vlozit

ComboFix 09-11-28.01 - Michaela Machalova 29.11.2009 18:10.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.3071.2590 [GMT -8:00]
Running from: c:\documents and settings\Michaela Machalova\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091129-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Michaela Machalova\autorun.inf
c:\documents and settings\Michaela Machalova\Documents .lnk
c:\documents and settings\Michaela Machalova\FuTLYq.exe
c:\documents and settings\Michaela Machalova\jusched.exe
c:\documents and settings\Michaela Machalova\Music .lnk
c:\documents and settings\Michaela Machalova\nBerfu.exe
c:\documents and settings\Michaela Machalova\New Folder .lnk
c:\documents and settings\Michaela Machalova\Passwords .lnk
c:\documents and settings\Michaela Machalova\Pictures .lnk
c:\documents and settings\Michaela Machalova\poija.exe
c:\documents and settings\Michaela Machalova\poija.scr
c:\documents and settings\Michaela Machalova\Video .lnk
c:\documents and settings\Michaela Machalova\wTsNUp.exe
c:\windows\system32\hlvdd.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS


((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-30 )))))))))))))))))))))))))))))))
.

2009-11-28 03:57 . 2009-11-28 03:57 158 ----a-w- c:\documents and settings\Michaela Machalova\aHprnL.bat
2009-11-28 03:50 . 2009-11-28 03:51 -------- dc-h--w- c:\windows\ie8
2009-11-28 03:32 . 2009-11-28 03:32 158 ----a-w- c:\documents and settings\Michaela Machalova\EpoLry.bat
2009-11-28 01:02 . 2009-11-28 03:35 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Google
2009-11-28 00:31 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-28 00:31 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-28 00:11 . 2009-11-28 00:11 158 ----a-w- c:\documents and settings\Michaela Machalova\EUZcti.bat
2009-11-26 01:19 . 2009-11-26 01:19 -------- d-----w- c:\program files\DoremiSoft
2009-11-26 00:51 . 2009-11-26 00:51 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-11-23 22:37 . 2009-11-23 22:37 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-11-22 04:08 . 2005-07-28 16:18 685056 ----a-w- c:\windows\system32\drivers\hardlock.sys
2009-11-22 04:08 . 2005-09-07 02:06 28672 ----a-w- c:\windows\system32\hlduinst.exe
2009-11-22 04:08 . 2001-09-29 03:00 164864 ----a-w- c:\windows\system32\UNWISE.EXE
2009-11-22 04:08 . 2005-09-28 22:24 2164411 ----a-w- c:\windows\system32\haspds_windows.dll
2009-11-22 04:08 . 2005-10-13 03:49 3063808 ----a-w- c:\windows\system32\hinstd.dll
2009-11-22 03:44 . 2009-11-22 04:35 -------- d-----w- C:\Tecar Forum
2009-11-22 03:08 . 2009-11-22 03:11 -------- d-----w- C:\Terminátor 4
2009-11-17 17:36 . 2009-11-17 17:36 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-17 17:36 . 2009-11-17 17:36 -------- d-----w- c:\program files\Reference Assemblies
2009-11-17 17:36 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-17 17:36 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-11-17 17:36 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-17 17:36 . 2009-11-17 17:36 -------- d-----w- C:\be1e18755113a04daa25dab5dddfbe
2009-11-17 17:36 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-11-17 17:36 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-11-17 17:36 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-11-17 17:36 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-11-15 18:11 . 2009-11-22 19:44 -------- d-----w- C:\DVD filmy
2009-11-15 17:16 . 2009-11-15 17:16 -------- d-----w- c:\documents and settings\yfl\LOCALS~1
2009-11-15 17:16 . 2009-11-15 17:16 -------- d-----w- c:\documents and settings\yfl
2009-11-15 17:08 . 2009-11-15 17:08 -------- d-----w- c:\program files\Xilisoft
2009-11-15 13:53 . 2009-11-15 13:53 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-11-15 09:20 . 2009-11-15 09:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-15 09:20 . 2009-11-15 09:20 -------- d-----w- c:\program files\Java
2009-11-15 09:20 . 2009-11-15 09:20 152576 ----a-w- c:\documents and settings\Michaela Machalova\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-15 03:48 . 2009-11-15 03:48 -------- d-sh--w- c:\documents and settings\Michaela Machalova\IECompatCache
2009-11-14 20:04 . 2009-11-14 20:07 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Adobe
2009-11-14 20:03 . 2009-11-14 20:03 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-14 17:35 . 2009-11-14 17:37 -------- d-----w- c:\program files\VIS
2009-11-14 16:08 . 2002-04-03 12:09 49457 ----a-r- c:\windows\system32\drivers\ftser2k.sys
2009-11-14 16:05 . 2007-12-25 11:21 414208 ----a-r- c:\windows\system32\ftdiunin.exe
2009-11-14 16:05 . 2002-04-03 12:09 18102 ----a-r- c:\windows\system32\drivers\ftdibus.sys
2009-11-14 16:01 . 2009-11-14 16:01 0 ---ha-w- c:\windows\msds.dat
2009-11-14 16:01 . 2009-11-14 16:01 -------- d-----w- C:\vag IHR3040n
2009-11-14 03:57 . 2009-11-14 03:57 -------- d-----w- c:\program files\MSXML 4.0
2009-11-13 02:35 . 2009-11-16 19:23 -------- d-----w- c:\program files\Microsoft Works
2009-11-13 02:35 . 2009-11-13 02:35 -------- d-----w- c:\program files\MSBuild
2009-11-13 02:34 . 2009-11-13 02:34 -------- d-----w- c:\program files\Microsoft.NET
2009-11-13 02:32 . 2009-11-13 02:32 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-13 02:31 . 2009-11-13 02:35 -------- d-----w- c:\windows\SHELLNEW
2009-11-13 02:31 . 2009-11-13 02:31 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Microsoft Help
2009-11-13 02:31 . 2009-11-16 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-13 02:30 . 2009-11-13 02:30 -------- d-----r- C:\MSOCache
2009-11-12 04:41 . 2009-11-12 04:41 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Identities
2009-11-12 04:41 . 2009-11-12 04:42 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Ahead
2009-11-12 04:38 . 2009-11-12 05:55 -------- d-----w- c:\documents and settings\Michaela Machalova\Application Data\Ahead
2009-11-12 04:38 . 2009-11-12 04:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-11-12 04:37 . 2009-11-12 04:37 -------- d-----w- c:\program files\Common Files\Ahead
2009-11-12 04:37 . 2009-11-12 04:37 -------- d-----w- c:\program files\Nero
2009-11-12 04:37 . 2009-11-12 04:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-11-11 19:07 . 2009-11-22 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-11-11 19:07 . 2009-11-11 19:07 -------- d-----w- c:\program files\DVD Shrink
2009-11-11 18:11 . 2009-07-17 19:01 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2009-11-11 17:58 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-11-11 17:58 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-11-11 17:58 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-11-11 17:58 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-11-11 17:58 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-11-11 17:58 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-11-11 17:58 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-11-11 17:58 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-11-11 17:49 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-11 17:49 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-11-11 17:49 . 2009-08-04 14:20 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-11-11 17:44 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-11-11 17:44 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-11-11 17:43 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-11-11 17:23 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-11 17:21 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-11-11 17:20 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-11 17:17 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-11-11 17:16 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-11-11 17:15 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-11-11 17:06 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-11-11 14:53 . 2009-11-11 14:53 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-11 14:53 . 2009-11-30 00:08 -------- d-----w- c:\documents and settings\Michaela Machalova\Application Data\skypePM
2009-11-11 10:40 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-11 08:06 . 2008-08-14 10:04 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2009-11-11 03:43 . 2009-08-07 03:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-11-11 03:43 . 2009-08-07 03:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-11-11 02:44 . 2009-11-11 02:44 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\WMTools Downloaded Files
2009-11-10 19:51 . 2009-11-30 02:07 -------- d-----w- c:\documents and settings\Michaela Machalova\Application Data\Skype
2009-11-10 19:51 . 2009-11-10 19:51 -------- d-----w- c:\program files\Skype
2009-11-10 19:51 . 2009-11-10 19:51 -------- d-----w- c:\program files\Common Files\Skype
2009-11-10 19:51 . 2009-11-10 19:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-11-10 19:06 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2009-11-10 07:19 . 2009-11-10 07:19 -------- d-sh--w- c:\documents and settings\Michaela Machalova\IETldCache
2009-11-10 07:18 . 2001-08-17 21:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-11-10 07:18 . 2001-08-17 21:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-11-10 07:18 . 2009-11-28 13:24 -------- d-----w- c:\windows\ie8updates
2009-11-10 07:18 . 2008-04-14 08:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-11-10 07:18 . 2008-04-14 08:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-11-10 07:17 . 2009-11-28 03:51 -------- d-----w- c:\windows\system32\sk-SK
2009-11-10 07:16 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-11-10 07:16 . 2009-08-29 08:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-10 07:16 . 2009-08-29 08:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-10 07:16 . 2009-08-29 08:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-10 07:16 . 2009-08-29 08:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-10 07:16 . 2009-08-29 08:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-10 07:16 . 2009-08-29 08:08 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-10 07:13 . 2009-01-08 02:20 24576 ----a-w- c:\windows\system32\nlsdl.dll
2009-11-10 07:13 . 2009-01-08 02:20 26112 ----a-w- c:\windows\system32\idndl.dll
2009-11-10 07:13 . 2009-01-08 02:20 23552 ----a-w- c:\windows\system32\normaliz.dll
2009-11-10 07:13 . 2009-01-08 02:20 265720 ----a-w- c:\windows\system32\msdbg2.dll
2009-11-10 02:15 . 2009-11-10 02:15 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-10 01:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-10 01:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-10 01:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-10 01:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-10 01:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-10 01:58 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-10 01:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-10 01:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-10 01:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-10 01:58 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-29 19:43 . 2009-11-10 06:58 69232 ----a-w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-28 16:35 . 2006-02-28 12:00 96512 ------w- c:\windows\system32\drivers\atapi.sys
2009-09-15 05:55 . 2009-09-15 05:55 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-15 05:34 . 2009-09-15 05:15 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-15 05:34 . 2009-09-15 05:15 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-15 05:21 . 2009-09-15 05:16 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-09-15 05:13 . 2009-09-15 05:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-11 14:18 . 2006-02-28 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2006-02-28 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-29_22.38.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-15 05:36 . 2009-11-29 22:37 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-15 05:36 . 2009-11-29 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-15 05:36 . 2009-11-29 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-09-15 05:36 . 2009-11-29 22:37 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-11-26 00:51 . 2009-11-29 18:59 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-11-26 00:51 . 2009-11-29 22:37 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-09-15 05:36 . 2009-11-29 22:37 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-09-15 05:36 . 2009-11-29 18:59 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
"waaifi"="c:\documents and settings\Michaela Machalova\waaifi.exe" [BU]
"poija"="c:\documents and settings\Michaela Machalova\poija.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X]
"MsgTranAgt"="c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe" [2008-08-18 117304]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKHOTKEY"="c:\program files\ASUS\ATK Hotkey\HControl.exe" [2008-10-21 166456]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-27 90112]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-31 1343488]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-15 149280]
"Java Quick Start"="c:\documents and settings\Michaela Machalova\jusched.exe" [BU]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-07 17421824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-8-2 2760704]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.11.2009 16:31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.11.2009 16:31 20560]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [6.4.2008 22:00 6656]
.
Contents of the 'Scheduled Tasks' folder

2009-11-30 c:\windows\Tasks\User_Feed_Synchronization-{DF3022E9-167B-4119-AE09-BB2A37ED0C4E}.job
- c:\windows\system32\msfeedssync.exe [2009-11-28 12:31]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-29 18:18
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A4C4369]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf735ecb8
\Driver\atapi -> atapi.sys @ 0xf7316852
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: SiS191 Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7222bb0
PacketIndicateHandler -> aswSP.SYS @ 0xa1f01d50
SendHandler -> aswSP.SYS @ 0xa1f01dae
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2680806290-407579845-928017448-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
@DACL=(02 0000)
@SACL=
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
@DACL=(02 0000)
@SACL=
"Asynchronous"=dword:00000001
"DllName"=expand:"%SystemRoot%\\System32\\dimsntfy.dll"
"Startup"="WlDimsStartup"
"Shutdown"="WlDimsShutdown"
"Logon"="WlDimsLogon"
"Logoff"="WlDimsLogoff"
"StartShell"="WlDimsStartShell"
"Lock"="WlDimsLock"
"Unlock"="WlDimsUnlock"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(800)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1604)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2009-11-29 18:21
ComboFix-quarantined-files.txt 2009-11-30 02:21

Pre-Run: 479 806 812 160 bytes free
Post-Run: 13 adresárov, 479 831 367 680 voľných bajtov

- - End Of File - - 81E66F0CF1535E6855B9B0645FC7C353

Je tam bordel...ale najprv toto:

1) Stiahni Defogger. Spust, klik na "Disable" -> "OK". V mieste spustenia by sa mal zjavit log, ten sem vloz.



2) Stiahni >>tento<< subor na plochu.
Skopiruj do poznamkoveho bloku:


Uloz ako antiTDL3.bat (typ vsetky subory) na plochu. Otvor dvojklikom -> OK.
Spusti sa program, po skonceni scanu stlac lubovolnu klavesu. Otvori sa ti textovy dokument, jeho obsah mi sem skopiruj.


3) Stiahni OTC. Spust, klik na "CleanUp", potvrd okna a restart.


4) Stiahni novy ComboFix (stiahni ho znova) a sprav z neho log.

Už som to dal do servisu lebo mi nechcel naskočit windows.Díky za pomoc.Nabuduce ked budem mat problemy s pc alebo notebookom tak sa ozvem.Ešte raz díky poklona vám.

No som zvedavy, ci to spravia bez reinstalu...ten TDSS rootkit je poriadna svina

Anyway, rado sa stalo.

To som aj ja zvedavý!!!Chcem sa spýtat nepokazil som to s tym programom čo ste mi dávali radi?

Ktory myslis? ComboFix? Nie, nemal si co pokazit...