VIRY.CZ

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

KillAll::

Restore::
c:\windows\explorer.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"GrooveMonitor"=-

DDS::
uStart Page = hxxp://start.search.us.com/v/2/?guid={429EEC89-1E84-4B8D-8810-C51D9614A484}&serpv=5
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]

File::
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001UA.job

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

uf, to se mi ulevilo - děkuji

Neni zac, aplikujte nyni ten skript pro ComboFix a dejte pak log

Tak tady to je

sice mi to malinko počechralo registry ale jinak je vše v pořádku (nic závažného)

ComboFix 13-06-08.02 - Psyhcodelic 11.06.2013 21:46:33.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2668 [GMT 2:00]
Spuštěný z: c:\users\Psyhcodelic\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Psyhcodelic\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001UA.job
.
Nakažená kopie c:\windows\explorer.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-11 do 2013-06-11 )))))))))))))))))))))))))))))))
.
.
2013-06-11 19:52 . 2013-06-11 19:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-10 21:26 . 2013-06-10 21:26 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-06-10 21:25 . 2013-06-10 21:25 -------- d-----w- c:\windows\PCHEALTH
2013-06-10 21:23 . 2013-06-10 21:23 -------- d-----w- c:\program files\Microsoft Office
2013-06-10 21:23 . 2013-06-10 21:23 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-06-10 21:22 . 2013-06-10 21:22 -------- d-----r- C:\MSOCache
2013-06-10 20:52 . 2013-06-10 20:52 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\TNT2
2013-06-10 20:52 . 2013-06-11 19:08 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\DefaultTab
2013-06-10 19:20 . 2013-06-10 19:20 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Malwarebytes
2013-06-10 19:20 . 2013-06-10 19:20 -------- d-----w- c:\programdata\Malwarebytes
2013-06-10 19:20 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-10 19:20 . 2013-06-10 19:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-10 18:21 . 2013-06-10 18:22 0 ----a-w- c:\program files (x86)\CL.5.0.2705.24349__YUC121219-03.tmp
2013-06-10 18:21 . 2013-06-10 18:21 -------- d-----w- c:\programdata\CyberLink
2013-06-10 18:17 . 2013-06-10 18:17 -------- d-----w- c:\program files (x86)\Bandicam
2013-06-10 18:16 . 2013-06-10 18:17 -------- d-----w- c:\program files (x86)\BandiMPEG1
2013-06-10 17:00 . 2013-06-10 17:01 -------- d-----w- C:\rsit
2013-06-10 17:00 . 2013-06-10 17:01 -------- d-----w- c:\program files\trend micro
2013-06-10 15:01 . 2013-06-10 15:09 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\.technic
2013-06-10 14:39 . 2013-06-10 14:41 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\.minecraft
2013-06-10 14:09 . 2013-06-10 14:09 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Kerio
2013-06-10 14:08 . 2013-06-10 14:08 -------- d-----w- c:\program files (x86)\Kerio
2013-06-05 18:45 . 2013-06-05 18:51 -------- d-----w- c:\users\Psyhcodelic\VirtualBox VMs
2013-06-05 18:40 . 2013-06-05 18:51 -------- d-----w- c:\users\Psyhcodelic\.VirtualBox
2013-06-05 18:37 . 2013-04-12 09:41 237840 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-06-05 18:36 . 2013-04-12 09:40 120080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-06-05 18:36 . 2013-06-05 18:37 -------- dc----w- c:\windows\system32\DRVSTORE
2013-06-05 18:36 . 2013-06-05 18:36 -------- d-----w- c:\program files\Oracle
2013-06-05 17:36 . 2013-06-05 17:36 -------- d-----w- c:\programdata\ATI
2013-06-05 17:36 . 2013-06-05 17:36 -------- d-----w- c:\program files (x86)\AMD AVT
2013-06-05 17:36 . 2013-06-05 17:36 -------- d-----w- c:\program files (x86)\AMD APP
2013-06-05 12:50 . 2013-06-05 12:50 -------- d-----w- c:\program files (x86)\FinalWire
2013-06-05 12:46 . 2013-06-05 12:50 -------- d-----w- c:\program files\PeerBlock
2013-06-04 18:39 . 2013-06-04 19:00 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\TeamViewer
2013-06-04 15:14 . 2013-06-04 15:14 -------- d-sh--w- c:\users\Psyhcodelic\AppData\Roaming\Common
2013-06-04 15:13 . 2013-06-04 23:50 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\DisplayFusion
2013-06-04 15:13 . 2013-06-04 15:13 -------- d-----w- c:\programdata\Binary Fortress Software
2013-06-04 15:13 . 2013-06-04 15:13 -------- d-----w- c:\program files (x86)\DisplayFusion
2013-06-04 00:40 . 2013-06-11 19:37 -------- d-----r- c:\users\Psyhcodelic\Dropbox
2013-06-04 00:33 . 2013-06-11 19:37 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox
2013-06-03 18:12 . 2013-06-03 18:12 -------- d-----w- c:\program files (x86)\T-Mobile
2013-06-03 18:12 . 2013-06-03 18:12 -------- d-----w- c:\programdata\Gemfor
2013-06-03 16:53 . 2013-06-03 16:55 -------- d-----w- C:\videooutput
2013-06-03 16:53 . 2013-06-03 16:53 -------- d-----w- c:\program files (x86)\Smallvideosoft
2013-06-03 16:53 . 2009-06-04 11:17 8676883 ----a-w- c:\windows\SysWow64\NCMedia2.dll
2013-06-03 16:53 . 2009-05-19 16:32 758018 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-06-03 16:53 . 2008-12-04 19:46 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-06-03 16:53 . 2008-10-08 08:16 139264 ----a-w- c:\windows\SysWow64\xvid.ax
2013-06-03 16:46 . 2013-06-03 16:46 -------- d-----w- c:\program files (x86)\FreeTime
2013-06-03 16:32 . 2013-06-03 16:32 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Tomabo
2013-06-03 14:49 . 2013-06-03 14:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-03 14:49 . 2013-06-03 14:48 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-03 14:49 . 2013-06-03 14:48 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-03 14:48 . 2013-06-03 14:48 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-03 14:48 . 2013-06-03 14:48 -------- d-----w- c:\program files (x86)\Java
2013-06-02 22:32 . 2013-06-02 22:32 -------- d-----w- c:\program files (x86)\Valve
2013-05-30 15:39 . 2013-05-30 15:39 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\Windows 7 Account Screen Editor
2013-05-30 13:48 . 2013-05-30 13:48 -------- d-----w- c:\program files\Google
2013-05-30 13:41 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-05-30 13:41 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-05-30 13:41 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-05-30 13:41 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-05-30 13:20 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-30 13:20 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-30 13:20 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-30 13:19 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-05-30 13:19 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-05-30 13:19 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-05-30 13:19 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-05-30 13:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-05-30 13:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-05-30 13:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-05-30 13:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-05-30 13:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-05-30 13:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-05-30 13:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-05-30 13:16 . 2013-04-05 01:00 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-05-30 13:14 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-05-30 13:13 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-30 13:13 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2013-05-30 13:13 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-05-30 13:13 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-05-30 13:13 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-05-30 13:13 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-05-30 13:13 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-05-30 13:13 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-05-30 13:13 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-05-30 13:13 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-05-30 13:11 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-05-30 13:03 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-05-30 13:03 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-05-29 16:09 . 2013-05-29 16:09 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\XUSSoft
2013-05-29 13:15 . 2013-05-29 13:15 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\Opera
2013-05-29 13:15 . 2013-05-29 13:15 -------- d-----w- c:\program files (x86)\Opera
2013-05-23 17:25 . 2013-05-23 17:25 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Avira
2013-05-23 17:21 . 2013-05-23 17:21 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-05-23 17:19 . 2013-05-23 17:08 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-05-23 17:19 . 2013-05-23 17:08 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-05-23 17:19 . 2013-05-23 17:08 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-05-23 17:19 . 2013-05-23 17:19 -------- d-----w- c:\programdata\Avira
2013-05-23 17:19 . 2013-05-23 17:19 -------- d-----w- c:\program files (x86)\Avira
2013-05-23 16:58 . 2013-06-06 19:58 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-23 16:57 . 2013-06-06 20:14 -------- d-----w- c:\program files\Adobe
2013-05-23 12:58 . 2013-05-23 12:58 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Apple Computer
2013-05-22 19:13 . 2013-05-22 19:13 -------- d-----w- c:\program files (x86)\CR2 Converter
2013-05-22 11:54 . 2013-05-22 11:54 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Publish Providers
2013-05-21 20:04 . 2013-05-22 11:33 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Xfire
2013-05-21 20:04 . 2013-05-21 20:04 -------- d-----w- c:\program files (x86)\Common Files\Xfire
2013-05-21 20:04 . 2013-05-22 19:52 -------- d-----w- c:\program files (x86)\Xfire2
2013-05-21 20:04 . 2013-05-22 11:35 -------- d-----w- c:\programdata\Xfire
2013-05-20 01:52 . 2013-05-20 01:52 -------- d-----w- C:\T3Fun
2013-05-20 00:39 . 2013-06-11 15:55 -------- d-----w- c:\program files (x86)\Pando Networks
2013-05-20 00:39 . 2013-05-20 00:39 -------- d-----w- c:\users\Psyhcodelic\.swt
2013-05-19 21:11 . 2013-05-19 21:54 -------- d-----w- C:\Fraps
2013-05-16 20:28 . 2013-05-16 20:30 -------- d-----w- c:\program files\Rainmeter
2013-05-16 20:28 . 2013-05-16 20:28 -------- d-----w- c:\programdata\Package Cache
2013-05-16 20:19 . 2013-05-16 20:30 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Rainmeter
2013-05-16 18:36 . 2013-05-16 18:38 -------- d-----w- c:\program files (x86)\Halo Combat Evolved
2013-05-15 13:56 . 2013-05-15 13:56 -------- d-----w- C:\fastboot
2013-05-14 16:59 . 2013-05-14 16:59 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Leadertech
2013-05-14 16:55 . 2013-05-14 16:55 -------- d-----w- c:\program files (x86)\EA Sports
2013-05-13 20:31 . 2013-06-05 13:22 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\Microsoft Help
2013-05-13 20:31 . 2013-06-10 21:29 -------- d-----w- c:\programdata\Microsoft Help
2013-05-13 19:16 . 2013-05-13 19:16 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\LibreOffice
2013-05-13 19:12 . 2013-05-13 19:13 -------- d-----w- c:\program files (x86)\LibreOffice 4.0
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-05 15:14 . 2013-04-24 20:42 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-06-05 15:14 . 2013-04-24 20:42 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-05-29 13:20 . 2012-06-03 11:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-29 13:20 . 2012-06-03 11:02 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-23 13:28 . 2012-06-03 16:53 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-23 13:28 . 2012-06-03 12:53 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-23 13:28 . 2012-06-03 12:53 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-08 22:13 . 2013-05-08 22:13 272480 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-05-08 18:10 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2013-05-08 18:10 . 2012-06-05 16:00 2851840 ----a-w- c:\windows\system32\themeui.dll
2013-05-08 18:10 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2013-05-03 14:15 . 2012-06-03 14:57 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-04-28 18:22 . 2012-06-03 12:53 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-04-13 05:49 . 2013-05-30 13:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-30 13:13 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-30 13:13 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-30 13:13 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-30 13:13 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-30 13:13 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 09:41 . 2013-04-12 09:41 131856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-04-12 09:40 . 2013-04-12 09:40 146704 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2013-04-12 09:40 . 2013-04-12 09:40 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2013-04-26 7283072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-23 345312]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"Kerio VPN Client"="c:\program files (x86)\Kerio\VPN Client\kvpncgui.exe" [2010-03-02 4986728]
.
c:\users\Psyhcodelic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-25 27776968]
Fences.lnk - c:\program files (x86)\Stardock\Fences\Fences.exe [2012-10-29 4017368]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-5-12 38072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 cpuz135;cpuz135;c:\users\PSYHCO~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\PSYHCO~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [x]
S2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files (x86)\Kerio\VPN Client\kvpncsvc.exe;c:\program files (x86)\Kerio\VPN Client\kvpncsvc.exe [x]
S2 OS Selector;Acronis OS Selector activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys;c:\windows\SYSNATIVE\DRIVERS\kvnet.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"Fences"="c:\program files (x86)\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download video on this page - c:\program files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300
IE: Download video this links to - c:\program files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/301
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Psyhcodelic\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://c:\program files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300
TCP: DhcpNameServer = 192.168.0.12 192.168.0.2
TCP: Interfaces\{66F21A65-FBE5-4A37-A3F9-37C8DC463698}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{8DDE1AE4-40D0-4487-B768-E11376EA5E9D}: NameServer = 8.26.56.26,156.154.70.22
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-5513-1208-7298-9440 - c:\program files (x86)\JDownloader\JDUninstall.exe
AddRemove-Bigfoot Networks LagMeter - c:\program files (x86)\Bigfoot Networks\LagMeter\uninstall.exe
AddRemove-Darksiders II_is1 - g:\darksiders ii\unins000.exe
AddRemove-DefaultTab - c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
AddRemove-XUS PC Lock Ultimate Edition(x32 & x64)_is1 - c:\program files (x86)\Xussoft\XUS PC Lock\unins000.exe
AddRemove-Youtube Music Downloader_is1 - c:\youtubemusicdownloader\unins000.exe
AddRemove-YouTube Video Downloader_is1 - c:\program files (x86)\Tomabo\YouTube Video Downloader\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
**************************************************************************
.
Celkový čas: 2013-06-11 21:58:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-11 19:58
ComboFix2.txt 2013-06-11 19:15
.
Před spuštěním: Volných bajtů: 46 866 677 760
Po spuštění: Volných bajtů: 46 783 188 992
.
- - End Of File - - EB41E810C0FEDFE623BDC33B4696248F
A36C5E4F47E84449FF07ED3517B43A31

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Děkuji

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola