Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomoc! vir v explorer.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomoc! vir v explorer.exe
nwm ten extras.txt tam porád není
Re: Pomoc! vir v explorer.exe
napiste potom príspevek az tu budete
Re: Pomoc! vir v explorer.exe
Jsem tu. AVG odinstalován?Odinstalujte i AVPtool.
Jdu dát do kupy ten skript pro OTL
Jdu dát do kupy ten skript pro OTL
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomoc! vir v explorer.exe
já si myslím ze by tam avg i avp nemelo být
Re: Pomoc! vir v explorer.exe
a nedelá tam chybu jeste Malwarebytes' Anti-Malware?
jeste si tam hodím Ccleaner a vycistím
jeste si tam hodím Ccleaner a vycistím
Re: Pomoc! vir v explorer.exe
Ten by neměl
Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - Startup: C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk = C:\Users\rodinka\Desktop\Virus Removal Tool1\setup_9.0.0.722_08.02.2011_20-05\startup.exe ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
IE - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
DRV - [2009.10.09 22:31:02 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\0087022.sys -- (setup_9.0.0.722_08.02.2011_20-05drv)
DRV - [2009.09.25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\00870221.sys -- (00870221)
DRV - [2009.10.22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\00870222.sys -- (00870222)
DRV - [2010.12.20 17:49:40 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.12.20 17:49:40 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.12.20 17:49:37 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.12.20 17:49:37 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
SRV - [2010.12.20 17:49:39 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.12.20 17:49:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - File not found [On_Demand | Stopped] -- -- (AVG Security Toolbar Service)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\ProgramData\ezsidmv.dat
C:\Windows\System32\drivers\Avg\incavi.avm
C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe
C:\Windows\System32\drivers\0087022.sys
C:\Windows\System32\drivers\00870221.sys
C:\Windows\System32\drivers\00870222.sys
C:\Users\rodinka\Desktop\Virus Removal Tool1
C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe
:reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""
:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomoc! vir v explorer.exe
muzu provádet v normálním rezimu? jo a zase mám zakrknout pro vsechny uzivatele atd?
Naposledy upravil(a) zipicek dne 13 úno 2011 21:36, celkem upraveno 1 x.
Re: Pomoc! vir v explorer.exe
Ano, kdyby to nešlo, zkuste nouzový
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomoc! vir v explorer.exe
a mám tedy zakrknout pro vechny uzivatele atd.?
Re: Pomoc! vir v explorer.exe
ano
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomoc! vir v explorer.exe
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
File move failed. C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk scheduled to be moved on reboot.
File C:\Users\rodinka\Desktop\Virus Removal Tool1\setup_9.0.0.722_08.02.2011_20-05\startup.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG9_TRAY not found.
File C:\Program Files\AVG\AVG9\avgtray.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}\ deleted successfully.
C:\Program Files\ToggleEN\tbTogg.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}\ deleted successfully.
File Eng7\tbSof1.dll not found.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ not found.
File C:\Program Files\ToggleEN\tbTogg.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
File Eng7\tbSof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
File C:\Program Files\AVG\AVG9\avgssie.dll not found.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ not found.
File C:\Program Files\ToggleEN\tbTogg.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
C:\Program Files\Softonic-Eng7\tbSof1.dll moved successfully.
Error: Unable to stop service setup_9.0.0.722_08.02.2011_20-05drv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\setup_9.0.0.722_08.02.2011_20-05drv deleted successfully.
C:\Windows\System32\drivers\0087022.sys moved successfully.
Error: Unable to stop service 00870221!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\00870221 deleted successfully.
C:\Windows\System32\drivers\00870221.sys moved successfully.
Error: Unable to stop service 00870222!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\00870222 deleted successfully.
C:\Windows\System32\drivers\00870222.sys moved successfully.
Error: Unable to stop service AvgTdiX!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdiX deleted successfully.
C:\Windows\System32\drivers\avgtdix.sys moved successfully.
Service AvgMfx86 stopped successfully!
Service AvgMfx86 deleted successfully!
C:\Windows\System32\drivers\avgmfx86.sys moved successfully.
Service AvgLdx86 stopped successfully!
Service AvgLdx86 deleted successfully!
C:\Windows\System32\drivers\avgldx86.sys moved successfully.
Error: Unable to stop service AvgRkx86!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgRkx86 deleted successfully.
C:\Windows\System32\drivers\avgrkx86.sys moved successfully.
Service avg9wd stopped successfully!
Service avg9wd deleted successfully!
File C:\Program Files\AVG\AVG9\avgwdsvc.exe not found.
Service avg9emc stopped successfully!
Service avg9emc deleted successfully!
File C:\Program Files\AVG\AVG9\avgemc.exe not found.
Service AVG Security Toolbar Service stopped successfully!
Service AVG Security Toolbar Service deleted successfully!
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\avgsecuritytoolbar\ deleted successfully.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Windows\System32\drivers\Avg\incavi.avm moved successfully.
File\Folder C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe not found.
File\Folder C:\Windows\System32\drivers\0087022.sys not found.
File\Folder C:\Windows\System32\drivers\00870221.sys not found.
File\Folder C:\Windows\System32\drivers\00870222.sys not found.
File\Folder C:\Users\rodinka\Desktop\Virus Removal Tool1 not found.
File\Folder C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: rodinka
->Temp folder emptied: 609072 bytes
->Temporary Internet Files folder emptied: 131586623 bytes
->Google Chrome cache emptied: 18772472 bytes
->Opera cache emptied: 17093070 bytes
->Flash cache emptied: 43876 bytes
User: Tomáš
->Temp folder emptied: 407157503 bytes
->Temporary Internet Files folder emptied: 337334211 bytes
->Opera cache emptied: 19866130 bytes
->Flash cache emptied: 137552 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70388 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 889,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: rodinka
->Flash cache emptied: 0 bytes
User: Tomáš
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.20.6 log created on 02132011_213750
Files\Folders moved on Reboot...
File\Folder C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk not found!
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
File move failed. C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk scheduled to be moved on reboot.
File C:\Users\rodinka\Desktop\Virus Removal Tool1\setup_9.0.0.722_08.02.2011_20-05\startup.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG9_TRAY not found.
File C:\Program Files\AVG\AVG9\avgtray.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}\ deleted successfully.
C:\Program Files\ToggleEN\tbTogg.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}\ deleted successfully.
File Eng7\tbSof1.dll not found.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ not found.
File C:\Program Files\ToggleEN\tbTogg.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
File Eng7\tbSof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
File C:\Program Files\AVG\AVG9\avgssie.dll not found.
Registry key HKEY_USERS\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ not found.
File C:\Program Files\ToggleEN\tbTogg.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
C:\Program Files\Softonic-Eng7\tbSof1.dll moved successfully.
Error: Unable to stop service setup_9.0.0.722_08.02.2011_20-05drv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\setup_9.0.0.722_08.02.2011_20-05drv deleted successfully.
C:\Windows\System32\drivers\0087022.sys moved successfully.
Error: Unable to stop service 00870221!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\00870221 deleted successfully.
C:\Windows\System32\drivers\00870221.sys moved successfully.
Error: Unable to stop service 00870222!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\00870222 deleted successfully.
C:\Windows\System32\drivers\00870222.sys moved successfully.
Error: Unable to stop service AvgTdiX!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdiX deleted successfully.
C:\Windows\System32\drivers\avgtdix.sys moved successfully.
Service AvgMfx86 stopped successfully!
Service AvgMfx86 deleted successfully!
C:\Windows\System32\drivers\avgmfx86.sys moved successfully.
Service AvgLdx86 stopped successfully!
Service AvgLdx86 deleted successfully!
C:\Windows\System32\drivers\avgldx86.sys moved successfully.
Error: Unable to stop service AvgRkx86!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgRkx86 deleted successfully.
C:\Windows\System32\drivers\avgrkx86.sys moved successfully.
Service avg9wd stopped successfully!
Service avg9wd deleted successfully!
File C:\Program Files\AVG\AVG9\avgwdsvc.exe not found.
Service avg9emc stopped successfully!
Service avg9emc deleted successfully!
File C:\Program Files\AVG\AVG9\avgemc.exe not found.
Service AVG Security Toolbar Service stopped successfully!
Service AVG Security Toolbar Service deleted successfully!
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\avgsecuritytoolbar\ deleted successfully.
File C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Windows\System32\drivers\Avg\incavi.avm moved successfully.
File\Folder C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe not found.
File\Folder C:\Windows\System32\drivers\0087022.sys not found.
File\Folder C:\Windows\System32\drivers\00870221.sys not found.
File\Folder C:\Windows\System32\drivers\00870222.sys not found.
File\Folder C:\Users\rodinka\Desktop\Virus Removal Tool1 not found.
File\Folder C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: rodinka
->Temp folder emptied: 609072 bytes
->Temporary Internet Files folder emptied: 131586623 bytes
->Google Chrome cache emptied: 18772472 bytes
->Opera cache emptied: 17093070 bytes
->Flash cache emptied: 43876 bytes
User: Tomáš
->Temp folder emptied: 407157503 bytes
->Temporary Internet Files folder emptied: 337334211 bytes
->Opera cache emptied: 19866130 bytes
->Flash cache emptied: 137552 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70388 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 889,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: rodinka
->Flash cache emptied: 0 bytes
User: Tomáš
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.20.6 log created on 02132011_213750
Files\Folders moved on Reboot...
File\Folder C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk not found!
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Pomoc! vir v explorer.exe
melo by to být
Re: Pomoc! vir v explorer.exe
Ted zkuste najet do normálního režimu a nahlásit stav počítače
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomoc! vir v explorer.exe
Hlási to stejnou chybu jak jsem vkládal na tu leteckou postu.Myslím si ze musím opravit ten win 7.
Omlouvám se ale uz musím koncit.
Omlouvám se ale uz musím koncit.
Re: Pomoc! vir v explorer.exe
Zkuste tu opravu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?