Stránka 1 z 2
Kontrola
Napsal: 23 lis 2011 15:34
od er7xt
Dobrý den
Re: Kontrola
Napsal: 23 lis 2011 17:24
od vyosek
Zdravim a pekny podvecer preji
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v
Přidat nebo odebrat programy
Stahnete
RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost 2 a potvrte enterem
- Utilita provede svou cinnost a da log - ten sem vlozte
- Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu
Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
Re: Kontrola
Napsal: 23 lis 2011 18:14
od er7xt
-
Re: Kontrola
Napsal: 23 lis 2011 18:36
od vyosek
Fajn, pokracujte ComboFixem
Re: Kontrola
Napsal: 23 lis 2011 19:06
od er7xt
-
Re: Kontrola
Napsal: 23 lis 2011 19:10
od vyosek
Restartujte PC do nouzoveho PC (restart, mackat F8, zvolit Stav nouze s praci v siti)
Spustte ComboFix zde
Re: Kontrola
Napsal: 23 lis 2011 19:33
od er7xt
-
Re: Kontrola
Napsal: 23 lis 2011 19:37
od vyosek
Restart PC, to pomuze...
Re: Kontrola
Napsal: 23 lis 2011 19:43
od er7xt
ComboFix
Re: Kontrola
Napsal: 23 lis 2011 21:30
od vyosek
Pokud nemate, tak presunte
Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll::
Folder::
c:\windows\SysWow64\drivers\AVG
c:\programdata\AVG2012
c:\program files (x86)\AVG
c:\users\Admin\AppData\Roaming\IObit
c:\program files (x86)\Zrychleni Pocitace
c:\windows\system32\drivers\AVG
c:\users\Admin\AppData\Roaming\AVG
C:\Program Files (x86)\Ask.com
File::
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\searchplugins\askcom.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\searchplugins\avg-secure-search.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\searchplugins\eventscripts-addon-manager.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\searchplugins\hellspy.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\searchplugins\icqplugin-1.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\searchplugins\icqplugin.xml
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\extensions\toolbar@ask.com
DDS::
uStart Page = hxxp://eu.ask.com/?l=dis&o=14597
Firefox::
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92ftmyzw.default\
FF - prefs.js: browser.search.selectedEngine - HellSpy
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1320940755
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1320942801
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1320942680
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1315318860
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1315403940
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1320931654
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.bdtoolbar.browserdefender - true
FF - user.js: browser.bdtoolbar.community - false
FF - user.js: browser.bdtoolbar.enabled - true
FF - user.js: browser.bdtoolbar.eulaaccepted - false
FF - user.js: browser.bdtoolbar.heuristic - true
FF - user.js: browser.bdtoolbar.installed - true
FF - user.js: browser.bdtoolbar.orig_keyword_url - chrome://browser-region/locale/region.properties
FF - user.js: browser.bdtoolbar.pagelinks - false
FF - user.js: browser.bdtoolbar.safersearch - true
FF - user.js: browser.bdtoolbar.search_dns - false
FF - user.js: browser.bdtoolbar.search_keyword - false
FF - user.js: browser.bdtoolbar.search_searchbar - false
FF - user.js: browser.bdtoolbar.securesites - true
FF - user.js: browser.bdtoolbar.titlebox - true
FF - user.js: browser.bdtoolbar.toolbarsize - 1
FF - user.js: browser.bdtoolbar.uniqueid - 0af0acf5e642ac27aac6d900972310c6
FF - user.js: browser.bdtoolbar.unknownurlcacheage - 600
FF - user.js: browser.bdtoolbar.version - 3.0.0.313
FF - user.js: browser.bdtoolbar.visible - true
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 1048576
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.dir - c:\\Users\\Admin\\Desktop
FF - user.js: browser.download.folderList - 0
FF - user.js: browser.download.lastDir - c:\\Users\\Admin\\Desktop
FF - user.js: browser.fullscreen.autohide - false
FF - user.js: browser.history_expire_days.mirror - 180
FF - user.js: browser.migration.version - 5
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.preferences.advanced.selectedTabIndex - 0
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.defaultenginename - ICQ Search
FF - user.js: browser.search.selectedEngine - HellSpy
FF - user.js: browser.search.useDBForOrder - true
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage - hxxp://www.youtube.com/
FF - user.js: browser.startup.homepage_override.buildID - 20111104165243
FF - user.js: browser.startup.homepage_override.mstone - rv:8.0
FF - user.js: browser.syncPromoViewsLeft - 0
FF - user.js: browser.tabs.warnOnClose - false
FF - user.js: browser.taskbar.lastgroupid - Mozilla.Firefox.8.0
FF - user.js: browser.visited_color - #800080
FF - user.js: dwhelper.conv-conf.auto.bc1e2619f37bea59f347c7c0c775df02 - true
FF - user.js: dwhelper.convert-free - true
FF - user.js: dwhelper.first-time - false
FF - user.js: dwhelper.last-media-host-blacklist - pop6.com|redlightcenter.com|dtiserv.com|mp3tunes.com|netflix.com
FF - user.js: dwhelper.last-shared-blacklist - 1320780337691
FF - user.js: dwhelper.last-version - 4.9.7
FF - user.js: dwhelper.mediaweight - 1024
FF - user.js: dwhelper.menu-expiration - 60
FF - user.js: dwhelper.passwords-migrated - true
FF - user.js: dwhelper.safe-mode - false
FF - user.js: dwhelper.smartnamer.last-shared - 1320869403
FF - user.js: dwhelper.storagedirectory - c:\\Users\\Admin\\Desktop
FF - user.js: extensions.adblockplus.currentVersion - 1.3.10
FF - user.js: extensions.adblockplus.recentReports - [{\site\:\047.zovdrakona.ru\,\reportURL\:\hxxps://reports.adblockplus.org/ef851e09-fab2-45bb-8165-be7ec4a1083c\,\time\:1319651097880}]
FF - user.js: extensions.blocklist.pingCountTotal - 61
FF - user.js: extensions.blocklist.pingCountVersion - 2
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.daphttpheader.exclude - false
FF - user.js: extensions.daphttpheader.excludeRegexp - .gif$|.jpg$|.ico$|.css$|.js$
FF - user.js: extensions.daphttpheader.filter - false
FF - user.js: extensions.daphttpheader.filterRegexp - /$|.html$
FF - user.js: extensions.daphttpheader.mode - 1
FF - user.js: extensions.daphttpheader.style - 0
FF - user.js: extensions.daphttpheader.tab - false
FF - user.js: extensions.databaseSchema - 6
FF - user.js: extensions.downloadyoutubevideosasmp.firstVersion - 5.6
FF - user.js: extensions.downloadyoutubevideosasmp.firstrun - false
FF - user.js: extensions.downloadyoutubevideosasmp.optIn - true
FF - user.js: extensions.downloadyoutubevideosasmp.userId - cb30380e-e767-4b8e-b3d4-ae514ba3925e
FF - user.js: extensions.downloadyoutubevideosasmp.version - 5.6
FF - user.js: extensions.enabledAddons - youtube2mp3@mondayx.de:1.2.3,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10,{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7,info@youtube-mp3.org:1.0.4,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7,{972ce4c6-7e08-4474-a285-3208198ce6fd}:8.0
FF - user.js: extensions.enabledItems - {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9,youtube2mp3@mondayx.de:1.2.3,{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.21
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\DivX\\\\DivX Plus Web Player\\\\firefox\\\\DivXHTML5\,\mtime\:1314285964686}}},{\name\:\app-global\,\addons\:{\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1320873432619},\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\,\mtime\:1319376163690}}},{\name\:\winreg-app-user\,\addons\:{\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\DAP\\\\DAPFireFox\,\mtime\:1314881457346}}},{\name\:\app-profile\,\addons\:{\info@youtube-mp3.org\:{\descriptor\:\c:\\\\Users\\\\Admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\92ftmyzw.default\\\\extensions\\\\info@youtube-mp3.org.xpi\,\mtime\:1320940105218},\youtube2mp3@mondayx.de\:{\descriptor\:\c:\\\\Users\\\\Admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\92ftmyzw.default\\\\extensions\\\\youtube2mp3@mondayx.de\,\mtime\:1314399038085},\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\:{\descriptor\:\c:\\\\Users\\\\Admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\92ftmyzw.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\,\mtime\:1320944898870},\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\:{\descriptor\:\c:\\\\Users\\\\Admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\92ftmyzw.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\,\mtime\:1317239060501}}}]
FF - user.js: extensions.lastAppVersion - 8.0
FF - user.js: extensions.lastPlatformVersion - 8.0
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.ui.lastCategory - addons://list/extension
FF - user.js: extensions.ui.locale.hidden - true
FF - user.js: extensions.update.notifyUser - false
FF - user.js: icqtoolbar.allowSendURL - false
FF - user.js: icqtoolbar.engineVerified - false
FF - user.js: icqtoolbar.geolastmodified - 1320523366
FF - user.js: icqtoolbar.hiddenElements - itb_options
FF - user.js: icqtoolbar.history - spyware%20terminator||jak%20si%20chr%C3%A1nit%20po%C4%8D%C3%ADta%C4%8D%20internet||v%C3%BDhody%20ve%C5%99ejn%C3%A9%20ip||%5Bwarning%5D%20perhaps%20a%20server%20is%20already%20running%20on%20that%20port%3F||warning%5D%20perhaps%20a%20server%20is%20already%20running%20on%20that%20port%3F||status%20blackout%20gaming||counter%20strike%20source%20port%20number||SSD%20disky||SSD||echolife%20hg520i||showip||does%20i%20have%20a%20public%20ip||do%20i%20have%20public%20ip%3F||jak%20zjistit%20jestli%20m%C3%A1m%20ve%C5%99ejnou%20ip||8GB%20DDR3
FF - user.js: icqtoolbar.hpChange - true
FF - user.js: icqtoolbar.icqgeo - 42
FF - user.js: icqtoolbar.installTime - 1320684140
FF - user.js: icqtoolbar.newtab_state - 1
FF - user.js: icqtoolbar.numberOfSearches - 0
FF - user.js: icqtoolbar.previousFFVersion - 7.0.1
FF - user.js: icqtoolbar.skip_default_search - no
FF - user.js: icqtoolbar.uninstStatSent - true
FF - user.js: icqtoolbar.uniqueID - 132049991413205001541320523366318
FF - user.js: icqtoolbar.usageStatstTimestamp - 1320758505
FF - user.js: icqtoolbar.userHpApproved - true
FF - user.js: icqtoolbar.voucherHideClicks - 0
FF - user.js: icqtoolbar.voucherMoreLinkClicks - 0
FF - user.js: icqtoolbar.voucherRedeemClicks - 0
FF - user.js: icqtoolbar.voucherWasShown - 0
FF - user.js: icqtoolbar.xmlEnableHomePageDsGuard - true
FF - user.js: idle.lastDailyNotification - 1320858287
FF - user.js: intl.charsetmenu.browser.cache - ISO-8859-1, ISO-8859-2, UTF-8, GB2312, windows-1252
FF - user.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.6&q=
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.proxy.type - 0
FF - user.js: places.database.lastMaintenance - 1320858287
FF - user.js: places.history.expiration.transient_current_max_pages - 128772
FF - user.js: places.last_vacuum - 1312568840
FF - user.js: pref.downloads.disable_button.edit_actions - false
FF - user.js: pref.general.disable_button.default_browser - false
FF - user.js: pref.privacy.disable_button.view_passwords_exceptions - false
FF - user.js: print_printer - Microsoft XPS Document Writer
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_bgcolor - false
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_bgimages - false
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_colorspace -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_command -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_downloadfonts - false
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_edge_bottom - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_edge_left - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_edge_right - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_edge_top - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_evenpages - true
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_footercenter -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_footerleft - &PT
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_footerright - &D
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_headercenter -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_headerleft - &T
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_headerright - &U
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_in_color - true
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_margin_bottom - 0.5
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_margin_left - 0.5
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_margin_right - 0.5
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_margin_top - 0.5
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_oddpages - true
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_orientation - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_page_delay - 50
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_paper_data - 9
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_paper_height - 11,00
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_paper_name -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_paper_size_type - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_paper_size_unit - 1
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_paper_width - 8,50
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_plex_name -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_resolution_name -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_reversed - false
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_scaling - 1,00
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit - true
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_to_file - false
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_to_filename -
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right - 0
FF - user.js: printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top - 0
FF - user.js: privacy.popups.showBrowserMessage - false
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.clients.lastSyncLocal - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: services.sync.tabs.lastSyncLocal - 0
FF - user.js: speedbit.dap_installed - true
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1318611714
FF - user.js: toolkit.telemetry.enabled - true
FF - user.js: toolkit.telemetry.prompted - true
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1322669593
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
FF - user.js: browser.xul.error_pages.enabled - True
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware (reboot)"=-
[-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Left 4 Dead 2 Bootstrap Checker]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
Reboot::
- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte
Posledni znamou konfiguraci
Re: Kontrola
Napsal: 23 lis 2011 21:54
od er7xt
ComboFix
Re: Kontrola
Napsal: 23 lis 2011 21:58
od vyosek
Prozente PC jeste timhle at odpalime zbytky AVG
http://download.avg.com/filedir/util/su ... 1_1184.exe
Napiste jak se chova PC
Re: Kontrola
Napsal: 23 lis 2011 22:05
od er7xt
-
Re: Kontrola
Napsal: 23 lis 2011 22:10
od vyosek
Re: Kontrola
Napsal: 23 lis 2011 22:24
od er7xt
-