E:není platná aplikace typu win32

Zpráva

#16 Příspěvek od **vyosek** » 14 srp 2012 18:54

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

KillAll::

RegNull::
[HKEY_USERS\S-1-5-21-4232035670-3672408331-1728198658-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C2550585-C93C-1E30-E60F-AFBE84ECF561}*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Folder::
c:\program files\Searchqu Toolbar
c:\users\vita\appdata\roaming\Babylon
c:\programdata\Babylon
c:\program files\BabylonToolbar

DDS::
mRun: [DATAMNGR] c:\progra~1\search~1\datamngr\DATAMN~1.EXE
uStart Page = hxxp://www.searchnu.com/406
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>

Firefox::
FF - ProfilePath - c:\users\Vita\AppData\Roaming\Mozilla\Firefox\Profiles\piwqbhiv.default\
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... 06&sr=0&q=
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112542&tt=120812_bandext_3212_8
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 18605e65000000000000001d7daa9a00
FF - user.js: extensions.BabylonToolbar.instlDay - 15564
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.623:40
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

File::
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk 

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

freerun · #17 Příspěvek od **freerun** » 14 srp 2012 19:25

ComboFix 12-08-14.03 - Vita 14.08.2012 20:07:42.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2047.969 [GMT 2:00]
Spuštěný z: c:\users\Vita\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vita\Desktop\CFScript.txt
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Searchqu Toolbar
c:\program files\Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\programdata\Babylon
c:\users\vita\appdata\roaming\Babylon
c:\users\vita\appdata\roaming\Babylon\log_file.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-14 do 2012-08-14 )))))))))))))))))))))))))))))))
.
.
2012-08-14 18:19 . 2012-08-14 18:21 -------- d-----w- c:\users\Vita\AppData\Local\temp
2012-08-14 18:19 . 2012-08-14 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-14 10:04 . 2012-08-14 13:06 -------- d-----w- C:\TEMP
2012-08-14 09:43 . 2012-08-14 09:44 -------- d-----w- c:\program files\River Simulator 2012
2012-08-13 14:53 . 2012-08-13 14:53 -------- d-----w- c:\users\Vita\AppData\Local\Activision
2012-08-13 12:28 . 2012-08-13 22:14 -------- d-----w- c:\programdata\firebird
2012-08-13 12:28 . 2012-08-13 12:28 -------- d-----w- c:\users\Vita\AppData\Local\SpacialAudio
2012-08-13 12:26 . 2010-09-17 09:13 548864 ----a-w- c:\windows\system32\GDS32.DLL
2012-08-13 12:25 . 2012-08-13 12:25 -------- d-----w- c:\program files\Firebird
2012-08-13 12:25 . 2012-08-13 12:25 -------- d-----w- c:\program files\SpacialAudio
2012-08-13 12:20 . 2012-08-13 12:20 -------- d-----w- c:\users\Vita\AppData\Local\Ilivid Player
2012-08-13 12:20 . 2012-08-13 13:40 -------- d-----w- c:\programdata\boost_interprocess
2012-08-13 12:17 . 2012-08-13 12:17 -------- d-----w- c:\programdata\Premium
2012-08-13 12:17 . 2012-08-13 12:17 -------- d-----w- c:\programdata\InstallMate
2012-08-12 21:45 . 2012-08-12 21:45 -------- d-----w- c:\program files\Xilisoft
2012-08-12 21:40 . 2012-08-12 21:40 -------- d-----w- c:\programdata\Browser Manager
2012-08-12 21:40 . 2012-08-12 21:40 319 ----a-w- C:\user.js
2012-08-12 21:33 . 2012-08-12 21:33 -------- d-----w- c:\programdata\xml_param
2012-08-12 21:29 . 2012-08-12 21:29 -------- d-----w- c:\users\Vita\AppData\Roaming\Aimersoft Video Converter Ultimate
2012-08-12 21:29 . 2012-08-12 21:29 -------- d-----w- c:\users\Vita\AppData\Local\Aimersoft
2012-08-12 21:29 . 2012-08-12 21:29 -------- d-----w- c:\program files\Common Files\Aimersoft
2012-08-12 21:29 . 2011-08-31 12:39 892928 ----a-w- c:\windows\system32\iconv.dll
2012-08-12 21:29 . 2011-08-31 12:39 496640 ----a-w- c:\windows\system32\xvid.ax
2012-08-12 21:29 . 2011-08-31 12:39 675840 ----a-w- c:\windows\system32\ac3filter.ax
2012-08-12 21:29 . 2012-08-12 21:29 -------- d-----w- c:\program files\Aimersoft
2012-08-12 12:57 . 2012-08-12 12:58 -------- d-----w- c:\users\Vita\AppData\Roaming\vlc
2012-08-12 12:56 . 2012-08-12 12:56 -------- d-----w- c:\program files\VideoLAN
2012-08-11 09:08 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-08-10 21:57 . 2012-08-10 21:57 -------- d-----w- c:\users\Vita\AppData\Local\Macromedia
2012-08-10 21:56 . 2012-08-10 21:56 -------- d-----w- c:\users\Vita\AppData\Local\Mozilla
2012-08-10 21:56 . 2012-08-10 21:56 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-08-10 15:23 . 2012-08-10 15:23 512 ----a-w- C:\PhysicalMBR.bin
2012-08-10 13:47 . 2012-08-10 13:47 -------- d-----w- C:\rsit
2012-08-10 11:44 . 2012-08-10 11:44 -------- d-----w- c:\windows\system32\SPReview
2012-08-10 11:42 . 2012-08-10 11:42 -------- d-----w- c:\program files\Defraggler
2012-08-10 10:59 . 2010-11-20 02:18 67584 ----a-w- c:\windows\system32\certprop.dll
2012-08-10 10:58 . 2010-11-20 02:19 232448 ----a-w- c:\windows\system32\mswsock.dll
2012-08-10 10:56 . 2012-08-10 10:56 -------- d-----w- c:\windows\system32\EventProviders
2012-08-10 09:41 . 2012-08-10 09:41 -------- d-----w- c:\users\Vita\AppData\Roaming\Malwarebytes
2012-08-10 09:40 . 2012-08-10 09:40 -------- d-----w- c:\programdata\Malwarebytes
2012-08-09 23:12 . 2012-08-13 22:37 -------- d-----w- c:\program files\trend micro
2012-08-08 11:31 . 2012-08-14 16:16 -------- d-----w- C:\Counter-Strike 1.6
2012-08-07 19:04 . 2012-08-10 09:01 -------- d-----w- c:\users\Vita\AppData\Local\LogMeIn Hamachi
2012-08-07 19:03 . 2012-08-07 19:03 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-08-07 17:23 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2012-08-07 17:23 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2012-08-07 17:23 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2012-08-07 17:23 . 2009-03-16 12:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2012-08-07 17:23 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2012-08-07 17:23 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2012-08-07 17:23 . 2009-03-16 12:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2012-08-07 17:23 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-08-07 17:23 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-08-07 17:22 . 2008-10-15 05:03 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2012-08-07 17:22 . 2008-10-15 05:03 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2012-08-07 17:22 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-08-07 17:22 . 2008-10-15 05:03 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2012-08-07 17:22 . 2008-10-15 05:03 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2012-08-07 17:22 . 2008-07-30 04:20 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2012-08-07 17:22 . 2008-07-30 04:20 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2012-08-07 17:22 . 2008-07-30 04:20 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2012-08-07 17:22 . 2008-07-10 09:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-08-07 17:22 . 2008-07-10 09:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-08-07 17:22 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-08-07 17:19 . 2012-08-07 17:19 -------- d-----w- c:\windows\system32\AGEIA
2012-08-07 17:19 . 2012-08-07 17:19 -------- d-----w- c:\program files\AGEIA Technologies
2012-08-06 19:46 . 2012-08-06 19:52 -------- d-----w- c:\users\Vita\AppData\Local\Ahead
2012-08-06 19:44 . 2012-08-06 19:46 -------- d-----w- c:\users\Vita\AppData\Roaming\Ahead
2012-08-06 19:43 . 2012-08-06 19:44 -------- d-----w- c:\program files\Common Files\Ahead
2012-08-06 19:43 . 2012-08-06 19:43 -------- d-----w- c:\programdata\Nero
2012-08-06 19:43 . 2012-08-06 19:43 -------- d-----w- c:\program files\Nero
2012-08-06 18:08 . 2012-08-06 18:13 -------- d-----w- c:\program files\S.W.A.T. 4
2012-08-02 21:22 . 2007-04-04 16:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2012-07-17 09:15 . 2012-07-17 09:15 -------- d-----w- c:\program files\Common Files\DVBViewer Shared
2012-07-17 09:14 . 2012-07-17 09:17 -------- d-----w- c:\program files\DVBViewer
2012-07-17 09:14 . 2012-07-17 09:14 -------- d-----w- c:\programdata\CMUV
2012-07-17 08:48 . 2012-07-17 08:48 -------- d-----w- c:\users\Vita\AppData\Roaming\SUPERAntiSpyware.com
2012-07-17 08:48 . 2012-08-14 12:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-17 08:48 . 2012-07-17 08:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-10 11:55 . 2012-08-10 11:55 203776 ----a-w- c:\windows\system32\webcheck.dll
2012-08-10 11:36 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-08-02 19:14 . 2012-07-09 21:51 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-02 19:14 . 2012-07-09 21:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-17 09:12 . 2012-07-09 17:28 483200 ----a-w- c:\windows\system32\drivers\AF15BDA.sys
2012-07-12 12:35 . 2012-07-12 12:35 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-09 17:31 . 2012-07-09 17:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-07-09 17:31 . 2012-07-09 17:31 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-07-04 06:58 . 2012-07-04 06:58 10070016 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-04 06:35 . 2012-07-04 06:35 19586048 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-04 06:27 . 2012-07-04 06:27 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-04 06:27 . 2012-07-04 06:27 918528 ----a-w- c:\windows\system32\aticfx32.dll
2012-07-04 06:21 . 2012-07-04 06:21 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-04 06:21 . 2012-07-04 06:21 453632 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-04 06:20 . 2012-07-04 06:20 217088 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-04 06:19 . 2012-07-04 06:19 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-07-04 06:19 . 2012-07-04 06:19 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-04 06:19 . 2012-07-04 06:19 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-04 06:18 . 2009-07-13 22:09 6811648 ----a-w- c:\windows\system32\atidxx32.dll
2012-07-04 05:36 . 2012-07-04 05:36 58368 ----a-w- c:\windows\system32\coinst_8.97.100.3.dll
2012-07-04 05:36 . 2012-07-04 05:36 1960960 ----a-w- c:\windows\system32\atiumdmv.dll
2012-07-04 05:35 . 2012-07-04 05:35 6245888 ----a-w- c:\windows\system32\atiumdag.dll
2012-07-04 05:28 . 2012-07-04 05:28 4749312 ----a-w- c:\windows\system32\atiumdva.dll
2012-07-04 05:11 . 2012-07-04 05:11 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-04 05:11 . 2012-07-04 05:11 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-04 05:11 . 2012-07-04 05:11 364544 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-04 05:11 . 2012-07-04 05:11 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-04 05:11 . 2012-07-04 05:11 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-07-04 05:10 . 2012-07-04 05:10 290304 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-04 05:09 . 2012-07-04 05:09 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-07-04 05:09 . 2012-07-04 05:09 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-07-04 05:09 . 2012-07-04 05:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-04 05:04 . 2012-07-04 05:04 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-07-04 05:04 . 2012-07-04 05:04 44544 ----a-w- c:\windows\system32\aticalcl.dll
2012-07-04 04:59 . 2012-07-04 04:59 13402112 ----a-w- c:\windows\system32\aticaldd.dll
2012-07-04 00:32 . 2012-07-04 00:32 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-07-04 00:32 . 2012-07-04 00:32 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-07-04 00:31 . 2012-07-04 00:31 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-07-04 00:30 . 2012-07-04 00:30 13008384 ----a-w- c:\windows\system32\amdocl.dll
2012-07-04 00:30 . 2012-07-04 00:30 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-07-03 16:21 . 2012-07-09 15:45 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-07-09 15:45 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-07-09 15:45 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-07-09 15:45 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-07-09 15:45 202928 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-07-03 16:21 . 2012-07-09 15:45 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-07-03 16:21 . 2012-07-09 15:45 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-07-09 15:45 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-07-09 15:45 113776 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-07-03 16:21 . 2012-07-09 15:44 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-07-09 15:44 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-27 20:33 . 2012-07-09 15:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-06-19 14:54 . 2012-07-09 16:12 3240400 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2012-06-18 01:14 . 2012-07-09 15:42 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8AE0D4A4-6F8B-42FB-B4EB-376EC6C556B3}\mpengine.dll
2012-06-14 11:43 . 2012-07-09 16:11 5096448 ----a-w- c:\windows\system32\RCoRes.dat
2012-06-09 17:21 . 2012-07-12 09:53 178688 ----a-w- c:\windows\system32\unrar.dll
2012-06-08 14:18 . 2012-07-09 16:11 3173008 ----a-w- c:\windows\system32\RtkAPO.dll
2012-06-06 08:44 . 2012-07-09 16:11 645776 ----a-w- c:\windows\system32\RtkApoApi.dll
2012-06-02 22:19 . 2012-07-09 17:59 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-09 17:59 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-09 17:59 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-09 17:59 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-07-09 17:59 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-07-09 17:59 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-07-09 17:59 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-09 17:59 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-07-09 17:59 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-01 07:37 . 2012-07-09 16:12 2417808 ----a-w- c:\windows\system32\RtkPgExt.dll
2012-05-31 16:08 . 2012-07-09 16:12 87696 ----a-w- c:\windows\system32\RtkCoInstII.dll
2012-05-31 10:25 . 2012-07-09 15:42 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-25 16:06 . 2012-07-09 16:11 1706640 ----a-w- c:\windows\RtlExUpd.dll
2012-05-17 09:29 . 2012-07-09 16:11 7161696 ----a-w- c:\windows\system32\R4EEP32A.dll
2012-05-17 09:29 . 2012-07-09 16:11 61792 ----a-w- c:\windows\system32\R4EEG32A.dll
2012-05-17 09:29 . 2012-07-09 16:11 105824 ----a-w- c:\windows\system32\R4EEL32A.dll
2012-05-17 09:29 . 2012-07-09 16:11 91488 ----a-w- c:\windows\system32\R4EEA32A.dll
2012-05-17 09:29 . 2012-07-09 16:11 351072 ----a-w- c:\windows\system32\R4EED32A.dll
2012-07-14 00:15 . 2012-08-10 21:56 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"Aimersoft Helper Compact.exe"="c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" [2012-02-20 1666560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-20 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 05:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [x]
.
.
.
------- Doplňkový sken -------
.
FF - ProfilePath - c:\users\Vita\AppData\Roaming\Mozilla\Firefox\Profiles\piwqbhiv.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\schtasks.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-08-14 20:25:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-14 18:25
ComboFix2.txt 2012-08-14 09:32
.
Před spuštěním: Volných bajtů: 452 529 037 312
Po spuštění: Volných bajtů: 452 434 259 968
.
- - End Of File - - B8862A563F84D6A194C8E8972F1364F0

#18 Příspěvek od **vyosek** » 14 srp 2012 19:28

Jak se chova nas pacient

freerun · #19 Příspěvek od **freerun** » 14 srp 2012 19:48

E:není platná aplikace typu win32 už to nepíše...A v PC není žádný vír?

#20 Příspěvek od **vyosek** » 14 srp 2012 19:52

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

PC by melo byti ciste

freerun · #21 Příspěvek od **freerun** » 14 srp 2012 20:27

Vše splněno

#22 Příspěvek od **vyosek** » 14 srp 2012 20:31

Pokud tedy nejsou problemy ci dotazy, je to z me strany vse

freerun · #23 Příspěvek od **freerun** » 14 srp 2012 20:33

Vše je OK.díky moc

#24 Příspěvek od **vyosek** » 14 srp 2012 20:35

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

VIRY.CZ

E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32

Re: E:není platná aplikace typu win32