kontrola logu

[nulka]

Prominte,jako odkaz to neumím.

VT Community Sign in ▼ Languages ▼
Virus Total
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
yowindow.exe
Submission date:
2011-10-10 10:13:39 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.10.09.00 2011.10.10 -
AntiVir 7.11.15.194 2011.10.10 -
Antiy-AVL 2.0.3.7 2011.10.10 -
Avast 6.0.1289.0 2011.10.09 -
AVG 10.0.0.1190 2011.10.07 -
BitDefender 7.2 2011.10.10 -
ByteHero 1.0.0.1 2011.09.23 -
CAT-QuickHeal 11.00 2011.10.10 -
ClamAV 0.97.0.0 2011.10.10 -
Commtouch 5.3.2.6 2011.10.10 -
Comodo 10409 2011.10.10 -
DrWeb 5.0.2.03300 2011.10.10 -
Emsisoft 5.1.0.11 2011.10.10 -
eSafe 7.0.17.0 2011.10.06 -
eTrust-Vet 36.1.8605 2011.10.07 -
F-Prot 4.6.2.117 2011.10.09 -
F-Secure 9.0.16440.0 2011.10.10 -
Fortinet 4.3.370.0 2011.10.10 -
GData 22 2011.10.10 -
Ikarus T3.1.1.107.0 2011.10.10 -
Jiangmin 13.0.900 2011.10.09 -
K7AntiVirus 9.115.5258 2011.10.08 -
Kaspersky 9.0.0.837 2011.10.10 -
McAfee 5.400.0.1158 2011.10.10 -
McAfee-GW-Edition 2010.1D 2011.10.09 -
Microsoft 1.7702 2011.10.10 -
NOD32 6530 2011.10.10 -
nProtect 2011-10-10.02 2011.10.10 -
Panda 10.0.3.5 2011.10.09 -
PCTools 8.0.0.5 2011.10.10 -
Prevx 3.0 2011.10.10 -
Rising 23.79.00.02 2011.10.10 -
Sophos 4.70.0 2011.10.10 -
SUPERAntiSpyware 4.40.0.1006 2011.10.08 -
Symantec 20111.2.0.82 2011.10.10 -
TheHacker 6.7.0.1.318 2011.10.09 -
TrendMicro 9.500.0.1008 2011.10.10 -
TrendMicro-HouseCall 9.500.0.1008 2011.10.10 -
VBA32 3.12.16.4 2011.10.10 -
VIPRE 10719 2011.10.10 -
ViRobot 2011.10.10.4711 2011.10.10 -
VirusBuster 14.1.3.0 2011.10.09 -
Additional information
MD5 : 1de54065c62c60c05487969d0bcffe61
SHA1 : 8585a7cfc6e93d62f4467b0b13e26d4b09d6b806
SHA256: 138783e17c6c93f39b1aa1af043cfb968182d54519c662652e9957a6b29e0388

VT Community

This file has never been reviewed by any VT Community member. Be the first one to comment on it!

VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
Goodware
Malware
Spam attachment/link

P2P download
Propagating via IM
Network worm

Drive-by-download






ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - TOS & Privacy Policy

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "PC Suite Tray"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DivXUpdate"=-
  "DivX Download Manager"=-
  "Adobe ARM"=-
  "SunJavaUpdateSched"=-
  "Malwarebytes' Anti-Malware"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
  [-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "AntiVirusOverride"=dword:00000000
  
  Collect::
  c:\docume~1\PC\LOCALS~1\Temp\gwiopm.sys
  
  Driver::
  gwiopm
  utm0ntc0
  MpKsl02b7e624
  MpKsl0e1a7aaa
  MpKsl2426f695
  MpKsl31601d97
  MpKsl33f275af
  MpKsl3d65fe76
  MpKsl410cdd98
  MpKsl4a4e9bd8
  MpKsl6e989930
  MpKsl741be1fc
  MpKsl96c49b7f
  MpKsl9f9178b7
  MpKslc1811a3e
  MpKslce5d0944
  MpKslfc921699
  MpKslfcc37b7a
  
  DDS::
  uInternet Settings,ProxyOverride = <local>
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  
  Firefox::
  FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\w6y7s7oi.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
  FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=50e14ff100000000000014dae992a2c6&tlver=1.4.35.10&affID=100489
  FF - user.js: network.http.max-persistent-connections-per-server - 4
  FF - user.js: nglayout.initialpaint.delay - 600
  FF - user.js: content.notify.interval - 600000
  FF - user.js: content.max.tokenizing.time - 1800000
  FF - user.js: content.switch.threshold - 600000
  
  RegLock::
  [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[nulka]

ComboFix 11-10-10.01 - PC 10.10.2011 19:28:10.12.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1261 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GWIOPM
-------\Legacy_MPKSL02B7E624
-------\Legacy_MPKSL0E1A7AAA
-------\Legacy_MPKSL2426F695
-------\Legacy_MPKSL31601D97
-------\Legacy_MPKSL33F275AF
-------\Legacy_MPKSL3D65FE76
-------\Legacy_MPKSL410CDD98
-------\Legacy_MPKSL4A4E9BD8
-------\Legacy_MPKSL6E989930
-------\Legacy_MPKSL741BE1FC
-------\Legacy_MPKSL96C49B7F
-------\Legacy_MPKSL9F9178B7
-------\Legacy_MPKSLC1811A3E
-------\Legacy_MPKSLCE5D0944
-------\Legacy_MPKSLFC921699
-------\Legacy_MPKSLFCC37B7A
-------\Legacy_UTM0NTC0
-------\Service_gwiopm
-------\Service_MpKsl02b7e624
-------\Service_MpKsl0e1a7aaa
-------\Service_MpKsl2426f695
-------\Service_MpKsl31601d97
-------\Service_MpKsl33f275af
-------\Service_MpKsl3d65fe76
-------\Service_MpKsl410cdd98
-------\Service_MpKsl4a4e9bd8
-------\Service_MpKsl6e989930
-------\Service_MpKsl741be1fc
-------\Service_MpKsl96c49b7f
-------\Service_MpKsl9f9178b7
-------\Service_MpKslc1811a3e
-------\Service_MpKslce5d0944
-------\Service_MpKslfc921699
-------\Service_MpKslfcc37b7a
-------\Service_utm0ntc0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-10 do 2011-10-10 )))))))))))))))))))))))))))))))
.
.
2011-10-09 09:22 . 2011-10-09 14:03 111744 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2011-09-29 07:53 . 2011-09-29 07:53 -------- d-----w- c:\program files\Complitly
2011-09-29 07:53 . 2011-09-29 07:53 -------- d-----w- c:\documents and settings\PC\Data aplikací\Complitly
2011-09-29 07:53 . 2011-09-29 07:53 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Babylon
2011-09-29 07:53 . 2011-09-29 07:53 -------- d-----w- c:\documents and settings\PC\Data aplikací\Babylon
2011-09-29 07:53 . 2011-09-29 07:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2011-09-13 09:04 . 2011-10-08 13:00 -------- d-----w- C:\TRANSLAT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-23 06:37 . 2011-05-15 07:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-06-17 16:51 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:45 . 2010-07-16 12:37 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:38 . 2011-06-17 16:52 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-06-17 16:52 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-06-17 16:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-06-17 16:52 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-06-17 16:52 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-06-17 16:52 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-06-17 16:52 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-06-17 16:52 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-08-09 15:45 . 2011-08-09 15:45 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-07-31 16:51 . 2009-03-11 13:36 45056 ----a-w- c:\windows\TRNOEH.DLL
2011-07-31 16:50 . 2009-03-11 13:34 516096 ----a-w- c:\windows\UN32.EXE
2011-07-15 13:29 . 2006-03-02 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-09-30 12:48 . 2011-06-25 07:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-10_07.33.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-03-02 12:00 . 2011-10-10 07:19 88276 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2011-10-10 17:13 88276 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2011-10-10 17:13 483738 c:\windows\system32\perfh009.dat
- 2006-03-02 12:00 . 2011-10-10 07:19 483738 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2011-10-10 17:13 479394 c:\windows\system32\perfh005.dat
- 2006-03-02 12:00 . 2011-10-10 07:19 479394 c:\windows\system32\perfh005.dat
+ 2006-03-02 12:00 . 2011-10-10 17:13 102228 c:\windows\system32\perfc005.dat
- 2006-03-02 12:00 . 2011-10-10 07:19 102228 c:\windows\system32\perfc005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Diar_VS"="c:\program files\Diar 5\diar.exe" [2007-11-11 496128]
"Nektra OEAPI"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CNAP2 Launcher"="c:\windows\System32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE" [2007-09-05 406944]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-16 19722344]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\
YoWindow.lnk - c:\program files\YoWindow\yowindow.exe [2011-5-26 743936]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2010-11-22 159744]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"195.137.182.212,255.255.255.255,192.168.102.202,1"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^POP3.lnk]
backup=c:\windows\pss\POP3.lnkStartup
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\POP3.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.UtilitiesSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Sierra Entertainment\\Empire Earth III\\EE3.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.6.2011 18:52 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.6.2011 18:52 320856]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [7.1.2009 11:47 12856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.6.2011 18:52 20568]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8.8.2011 9:17 366640]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24.8.2010 11:38 92008]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [7.9.2011 15:06 65136]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8.8.2011 9:17 22712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5.6.2009 11:28 1691480]
S3 cpuz131;cpuz131;\??\c:\docume~1\PC\LOCALS~1\Temp\cpuz131\cpuz_x32.sys --> c:\docume~1\PC\LOCALS~1\Temp\cpuz131\cpuz_x32.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [8.6.2010 20:12 27064]
S3 TrueSight;TrueSight;c:\windows\system32\drivers\TrueSight.sys [9.10.2011 11:22 111744]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 213.180.36.130
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\w6y7s7oi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/

.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PC Translator - c:\docume~1\PC\LOCALS~1\Temp\UN32.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-10 19:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1992)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\netdde.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\System32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE
c:\windows\System32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE
c:\program files\Media Key\OSD.EXE
.
**************************************************************************
.
Celkový čas: 2011-10-10 19:37:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-10 17:37
ComboFix2.txt 2011-10-10 07:35
.
Před spuštěním: Volných bajtů: 118 040 174 592
Po spuštění: Volných bajtů: 118 093 586 432
.
- - End Of File - - A93DEF41B3D50FB3104857AB0EC14CB8

[vyosek]

Ktery antivir budem pouzivat - MSE nebo Avast? Ja jsem pro Avasta

Jak se chova PC

[nulka]

Používám AVAST - MSE v počitači již dávno není.Už je to v pořádku moc děkuji.Ještě dotaz co k tomu Avastu ještě používat. ?Nulka

[vyosek]

Po MSE tam mate jeste zbytky - pouzijte tento remover http://go.microsoft.com/?linkid=9748340 a pak jeste tento http://download.microsoft.com/download/ ... leanUp.exe

K Avastu muzete dodat jeste nejaky AntiSpy na obcas kontrolu - doporucuji SuperAntiSpyware. Jinak clanek o nami doporucen a vyzkousenem zabezpeceni je zde http://viry.cz/forum/viewtopic.php?f=29&t=6152

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Napiste co PC, ci je vse OK

[nulka]

Vše jsem udělala dle návodu,PC v pořádku moc děkuji a těším se na příští spolupráci. Nulka

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy


A na rozloucenou vam zahraje nase kapela