Prosím o kontrolu vir

Zpráva

#16 Příspěvek od **Rudy** » 07 úno 2014 21:05

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Milan111 · #17 Příspěvek od **Milan111** » 07 úno 2014 21:09

při kliknutí na váš profil se mi otevře stránka s reklamou na hru a pod touto stránkou teprve požadovaný odkaz, jakmile kliknu na jakýkoli odkaz tak se mi otevře okno s reklamou a pod tímto oknem je stránka kterou jsem chtěl vidět

Milan111 · #18 Příspěvek od **Milan111** » 07 úno 2014 21:23

ComboFix 14-02-05.02 - Datart 07.02.2014 21:14:10.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2236 [GMT 1:00]
Spuštěný z: c:\users\Datart\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\Public\sdelevURL.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-07 do 2014-02-07 )))))))))))))))))))))))))))))))
.
.
2014-02-07 19:53 . 2014-02-07 19:53 -------- d-----w- C:\rsit
2014-02-07 19:48 . 2014-02-07 19:48 -------- d-----w- c:\program files\CCleaner
2014-02-07 19:32 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-02-07 13:17 . 2014-02-07 13:17 -------- d-----w- c:\users\Datart\AppData\Roaming\AVAST Software
2014-02-07 13:16 . 2014-02-07 13:16 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-02-07 13:16 . 2014-02-07 13:16 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-02-07 13:16 . 2014-02-07 13:16 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-07 13:16 . 2014-02-07 13:16 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-07 13:16 . 2014-02-07 13:16 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-07 13:16 . 2014-02-07 13:16 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-07 13:16 . 2014-02-07 13:16 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-07 13:16 . 2014-02-07 13:16 43152 ----a-w- c:\windows\avastSS.scr
2014-02-07 13:09 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-02-07 13:09 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-02-07 13:09 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-07 13:09 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-06 20:48 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-02-06 20:48 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-02-06 20:48 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-02-06 20:48 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-02-06 20:48 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-02-06 19:23 . 2014-02-06 19:26 -------- d-----w- c:\windows\system32\MRT
2014-02-06 17:12 . 2014-02-06 17:17 -------- d-----w- C:\AdwCleaner
2014-02-06 16:55 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-02-06 16:55 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-02-06 16:55 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-02-06 16:55 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-02-06 16:53 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-02-06 16:52 . 2013-08-02 02:13 424448 ----a-w- c:\windows\system32\KernelBase.dll
2014-02-06 16:51 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-06 16:49 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2014-02-06 16:49 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2014-02-06 16:49 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2014-02-06 16:49 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2014-02-06 16:49 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-02-06 16:49 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-02-06 16:49 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-02-06 16:49 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-02-06 16:49 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-02-06 16:47 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-02-06 16:34 . 2014-02-06 16:34 -------- d-----w- c:\users\Datart\AppData\Roaming\Malwarebytes
2014-02-06 16:33 . 2014-02-06 16:33 -------- d-----w- c:\programdata\Malwarebytes
2014-02-06 13:59 . 2014-02-06 13:59 -------- d-----w- c:\users\Datart\AppData\Roaming\Vso
2014-02-06 13:59 . 2014-02-06 13:59 99384 ----a-w- c:\users\Datart\AppData\Roaming\inst.exe
2014-02-06 13:59 . 2014-02-06 13:59 82816 ----a-w- c:\users\Datart\AppData\Roaming\pcouffin.sys
2014-02-06 13:59 . 2014-02-07 19:49 -------- d-----w- c:\programdata\VSO
2014-02-06 13:59 . 2014-02-06 13:59 -------- d-----w- c:\program files (x86)\VSO
2014-02-01 19:12 . 2014-02-01 19:12 -------- d-----w- c:\users\Datart\AppData\Local\ElevatedDiagnostics
2014-01-27 15:28 . 2014-01-27 15:28 -------- d-----w- c:\program files (x86)\Ashampoo
2014-01-25 19:27 . 2014-01-25 19:27 -------- d-----w- c:\program files\Codemasters
2014-01-25 19:22 . 2014-01-25 19:22 -------- d-----w- c:\programdata\BlueStacks
2014-01-21 18:35 . 2014-02-07 12:47 -------- d-----w- c:\program files (x86)\VideoPlayerV3
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-07 19:28 . 2014-02-07 19:28 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-02-07 19:28 . 2014-02-07 19:28 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-02-07 13:16 . 2012-01-03 05:45 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-06 08:19 . 2013-08-09 19:18 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-06 08:19 . 2011-07-21 13:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-06 15:20 . 2012-01-08 17:08 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-11-10 20:21 . 2013-09-15 12:56 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Datart\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"NextLive"="c:\users\Datart\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-07 3767096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Datart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 06:40 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-09 08:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-07 13:16 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
------- Asociace souborů -------
.
.scr does not exist!
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-GoforFiles - c:\program files (x86)\GoforFiles\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-07 21:22:06
ComboFix-quarantined-files.txt 2014-02-07 20:22
.
Před spuštěním: Volných bajtů: 551 822 995 456
Po spuštění: Volných bajtů: 551 418 068 992
.
- - End Of File - - 8BD1BA7BCF08123D4185AE4F5E71B70B

Milan111 · #19 Příspěvek od **Milan111** » 07 úno 2014 21:31

odkazy svítí zeleně ,jakmile najedu myší přes odkaz tak se mi objeví tabulka s nabídkou a dole je ads by media player

#20 Příspěvek od **Rudy** » 07 úno 2014 22:12

Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Milan111 · #21 Příspěvek od **Milan111** » 08 úno 2014 11:17

stále při kliknutí na různé odkazy nejdříve reklama na hru
ComboFix 14-02-05.02 - Datart 08.02.2014 10:53:59.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2221 [GMT 1:00]
Spuštěný z: c:\users\Datart\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Datart\Desktop\CFScript.txt..txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-08 do 2014-02-08 )))))))))))))))))))))))))))))))
.
.
2014-02-08 10:00 . 2014-02-08 10:00 -------- d-----w- c:\programdata\Acer
2014-02-08 09:59 . 2014-02-08 09:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-08 09:59 . 2014-02-08 09:59 -------- d-----w- c:\users\Marťánek\AppData\Local\temp
2014-02-08 09:59 . 2014-02-08 09:59 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-02-08 09:59 . 2014-02-08 09:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-07 19:53 . 2014-02-07 19:53 -------- d-----w- C:\rsit
2014-02-07 19:48 . 2014-02-07 19:48 -------- d-----w- c:\program files\CCleaner
2014-02-07 19:32 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-02-07 13:17 . 2014-02-07 13:17 -------- d-----w- c:\users\Datart\AppData\Roaming\AVAST Software
2014-02-07 13:16 . 2014-02-07 13:16 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-02-07 13:16 . 2014-02-07 13:16 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-02-07 13:16 . 2014-02-07 13:16 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-07 13:16 . 2014-02-07 13:16 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-07 13:16 . 2014-02-07 13:16 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-07 13:16 . 2014-02-07 13:16 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-07 13:16 . 2014-02-07 13:16 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-07 13:16 . 2014-02-07 13:16 43152 ----a-w- c:\windows\avastSS.scr
2014-02-07 13:09 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-02-07 13:09 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-02-07 13:09 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-07 13:09 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-06 20:48 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-02-06 20:48 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-02-06 20:48 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-02-06 20:48 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-02-06 20:48 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-02-06 19:23 . 2014-02-06 19:26 -------- d-----w- c:\windows\system32\MRT
2014-02-06 17:12 . 2014-02-06 17:17 -------- d-----w- C:\AdwCleaner
2014-02-06 16:55 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-02-06 16:55 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-02-06 16:55 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-02-06 16:55 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-02-06 16:53 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-02-06 16:52 . 2013-08-02 02:13 424448 ----a-w- c:\windows\system32\KernelBase.dll
2014-02-06 16:51 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-06 16:49 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2014-02-06 16:49 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2014-02-06 16:49 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2014-02-06 16:49 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2014-02-06 16:49 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-02-06 16:49 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-02-06 16:49 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-02-06 16:49 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-02-06 16:49 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-02-06 16:47 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-02-06 16:34 . 2014-02-06 16:34 -------- d-----w- c:\users\Datart\AppData\Roaming\Malwarebytes
2014-02-06 16:33 . 2014-02-06 16:33 -------- d-----w- c:\programdata\Malwarebytes
2014-02-06 13:59 . 2014-02-06 13:59 -------- d-----w- c:\users\Datart\AppData\Roaming\Vso
2014-02-06 13:59 . 2014-02-06 13:59 99384 ----a-w- c:\users\Datart\AppData\Roaming\inst.exe
2014-02-06 13:59 . 2014-02-06 13:59 82816 ----a-w- c:\users\Datart\AppData\Roaming\pcouffin.sys
2014-02-06 13:59 . 2014-02-07 19:49 -------- d-----w- c:\programdata\VSO
2014-02-06 13:59 . 2014-02-06 13:59 -------- d-----w- c:\program files (x86)\VSO
2014-02-01 19:12 . 2014-02-01 19:12 -------- d-----w- c:\users\Datart\AppData\Local\ElevatedDiagnostics
2014-01-27 15:28 . 2014-01-27 15:28 -------- d-----w- c:\program files (x86)\Ashampoo
2014-01-25 19:27 . 2014-01-25 19:27 -------- d-----w- c:\program files\Codemasters
2014-01-25 19:22 . 2014-01-25 19:22 -------- d-----w- c:\programdata\BlueStacks
2014-01-21 18:35 . 2014-02-07 12:47 -------- d-----w- c:\program files (x86)\VideoPlayerV3
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-07 19:28 . 2014-02-07 19:28 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-02-07 19:28 . 2014-02-07 19:28 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-02-07 13:16 . 2012-01-03 05:45 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-06 08:19 . 2013-08-09 19:18 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-06 08:19 . 2011-07-21 13:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-06 15:20 . 2012-01-08 17:08 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-11-10 20:21 . 2013-09-15 12:56 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Datart\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"NextLive"="c:\users\Datart\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-07 3767096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Datart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 06:40 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-09 08:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-07 13:16 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2014-02-08 11:06:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-08 10:06
ComboFix2.txt 2014-02-07 20:22
.
Před spuštěním: Volných bajtů: 551 500 709 888
Po spuštění: Volných bajtů: 551 416 569 856
.
- - End Of File - - 6997157A5D9EF880503B676C2007F71C

Milan111 · #22 Příspěvek od **Milan111** » 08 úno 2014 11:26

zkoušel jsem prohlížeč explorer , tam je vše vpořádku , žádná reklama a žádné barevné části slov , je to jen na google chrome

#23 Příspěvek od **Rudy** » 08 úno 2014 11:39

Zazálohujte profil Chrome pmocí ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak Chrome odinstalujte vč. jeho profilu. Nainstalujte nový a zpět ze zálohy nakopírujte pouze záložky.

Milan111 · #24 Příspěvek od **Milan111** » 08 úno 2014 12:49

tak jsem přeinstaloval google chrome a bohužel žádná změna, díval jsem se do rozšíření a mám tam media player 1.1 který nelze odebrat

#25 Příspěvek od **Rudy** » 08 úno 2014 16:44

OK. Zkusme toto:

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Milan111 · #26 Příspěvek od **Milan111** » 08 úno 2014 17:05

nejdřív vám chci poděkovat za trpělivost a zde je scan
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Datart on so 08.02.2014 at 16:53:43,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
NextLive REG_SZ C:\Windows\SysWOW64\rundll32.exe "C:\Users\Datart\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2861580021-3864893085-3440772476-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4D923740-A0E4-45A0-824A-E86DDB25AD21}

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{0494B1FF-7A6D-4221-A0B4-C5EA1DFCEEA4}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{05F4275A-0F55-4578-830C-ECE889D4CA42}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{0BBD5A28-5AF3-4A77-94CB-C9D06C26ED5F}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{0E7EF602-0025-416A-B064-438A8B64F97A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{16B76BFE-3A5E-46FC-933B-343126E2ED63}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{197DC497-CD1C-4C0B-B22E-5505E26ED02F}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{1AF92C70-99DC-48FA-A0BB-A325D8BEE82C}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{1CA7ABA5-A598-404C-8AE9-4FF696B1B17C}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{1D71D2A5-9DA0-4904-AAB4-0351A263E03A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{2093CAB1-FD72-45E3-B7D2-89373448CAE5}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{22AB88F4-1AAC-4044-9D6A-487D57F5674F}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{2B476126-EC83-4D47-8D2B-C964D661F923}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{2D743161-2EE2-4369-93E3-4E1154DAF0AB}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{31B7481C-2E88-4163-B8D0-A5D40EFF3DCE}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{325B803B-0376-4B2E-B76B-68A7A5502184}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{3647683B-8002-4695-9364-43D712260A87}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{37C1FCD3-B6E2-40F4-B455-3E16BBF108D7}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{380FAC49-7E51-47B8-AA19-7C5B8066A486}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{3DCEF817-798A-4FA7-A9FE-EEFC5233D312}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{3DD17F34-20C5-42AC-9033-357223AF0693}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{46307968-4592-4547-9EE9-778D21B3E934}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{46A6CE8C-30BE-478B-9FB8-C806FB407040}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{4D999511-634D-4D68-AA4A-B3CB09583531}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{56C29718-54E0-42C5-BDA8-9996520F69D2}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{57600BA2-BEE9-4623-BDE4-F1ACF82829CD}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{57894D17-B42C-4D31-8A6F-6A5AAF4266CF}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{5F46DBB6-B708-42CE-8030-7B2B156124F9}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{626EFA0D-0EE3-44AF-9E0C-D945E46A772F}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{6A41AF60-8BEC-413C-9B1A-6EBFF705EC8A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{72D3F3D6-2C92-4675-AF6C-9E382A68B3DF}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{882F5BC8-69D5-41EC-91D0-B5EC711013D5}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{8C9F0785-B0EA-42E3-B3C4-E7457F181C0A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{8E81678B-D4FD-46B5-99E7-C3E07A7D49A8}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{9691BE2A-BEAA-48B7-86B8-93773C18BE77}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{98BD2DFC-0D70-47B3-B1F6-4C93CE695F49}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{9AF657E5-2F05-413B-BD32-472E374D9A3A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{9D553259-C47E-4665-A731-C9170EA8C020}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{A276E611-79ED-4924-A675-B90EAB4E6C1A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{A56CCC78-3BCD-4947-9629-1C7A138E8047}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{AD56681A-DF8E-4017-9000-ADD525B34238}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{ADB6D1AA-176D-4D38-A9F3-65466211C739}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{AE5AA710-8153-43F7-B6CC-2B5709C4433C}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{AEFDBEA9-B0FE-44B0-947C-580D476632E6}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{AFD30A25-D0A5-4EE3-B5AD-F266224F6D3A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{B53DD276-2990-4963-B3EE-9D07A424CCDE}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{B65D3F8D-5E62-4164-ABFB-CC26CA14C86D}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{BB597D11-AD5C-4F57-9AC3-251994F2CCD2}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{C1CBC4B5-7F3A-4970-A894-EF38D1C964F5}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{C791FF38-6249-47D0-929E-AFAF1A87E4D1}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{C87A8C2D-FB61-48D5-8987-2A70447B0B5B}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{CB853E26-59C8-41D9-8176-34312967FF37}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{CF90C8CD-7D3E-4999-90E0-1FBA98AB0B8C}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{D2192508-3687-433F-9449-50F162BE7B00}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{D7D624A1-B21A-4F67-8603-911418956E68}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{DA54FB35-6B48-4E08-9A3E-83C1F6F21E3A}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{DFB14445-AD0B-43A0-AECB-DB5029DC8529}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{E2FDCC91-2CA6-43A9-AF38-A2BAF0414E7C}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{E3E0F82A-C28E-4E85-8DDD-9EAB44947C68}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{E68FD3AF-0C82-40CE-888C-370595959165}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{E9E39EE9-8F55-4555-A39D-BE8BD1E79938}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{EAF70696-AB02-415A-B216-E6B461198848}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{EED50A97-45E2-4BB6-A821-4206E82B94C1}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{EFEDF0A6-05D2-41FB-82D5-71C6BEEE7D5F}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{F0694B16-201F-4B5E-82FE-013F98ECC9AD}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{F2312A9A-1D5A-4DB7-812F-620A1B406F72}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{F4E13D6B-8114-4C3A-BBBF-105DC1E422BD}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{FC2E5C3A-E9E8-4562-9B3B-39CC5AA47186}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{FDF8E6F6-3C00-4CD1-917E-4CA31716A085}
Successfully deleted: [Empty Folder] C:\Users\Datart\appdata\local\{FF186DA3-5E84-4576-9E69-3C65AA017C9F}

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 08.02.2014 at 17:03:27,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#27 Příspěvek od **Rudy** » 08 úno 2014 17:44

OK. Nastala nějaká změna?

Milan111 · #28 Příspěvek od **Milan111** » 08 úno 2014 17:51

zatím se mi neotevřela reklama , ale stále mám na stránkách určitá slova nebo části slov dvojitě podtržené a jakmile na ně najedu myší , tak se objeví ta nabídka co jsem posílal na obrázku

Milan111 · #29 Příspěvek od **Milan111** » 08 úno 2014 18:01

obrázek s podtrženými písmeny nebo slovy

Milan111 · #30 Příspěvek od **Milan111** » 08 úno 2014 18:08

na jakékoli stránce reklamy na ten ads by media player ,teď se aspoň nespouštějí v novém okně, jen v malých oknech na stránce

VIRY.CZ

Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir

Re: Prosím o kontrolu vir