VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vir

https://forum.viry.cz:443/viewtopic.php?t=135034

Stránka 1 z 1

Vir

Napsal: 29 pro 2013 10:09
od trebor.salah
Dobrý den má v počítači asi vir když zapojím do sveho netbooku flešku tak se mi objevuje jenom zástupce s kterym nemuzu nic delat kamarád měl stejný problém a řekl at se ptám po nákým vyosek že mi prej pomuže

Re: Vir

Napsal: 29 pro 2013 10:16
od vyosek
Zdravim :)

:arrow: Nakej ten vyosek je zrovna online tak na to mrkne :D

:arrow: Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Re: Vir

Napsal: 29 pro 2013 10:26
od trebor.salah
############################## | UsbFix V 7.134 | [Deletion]

User: robert (Administrator) # ROBERT-PC
Updated 06/09/2013 by El Desaparecido
Started at 10:19:24 | 29/12/2013

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: ASUSTeK COMPUTER INC. (X101CH) (X86-based PC)
CPU: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz (1600)
RAM -> [Total : 1012 | Free : 274]
BIOS: BIOS Date: 07/30/12 09:20:47 Ver: 04.06.05
BOOT: Normal boot

OS: Microsoft Windows 7 Starter (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16660

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 298 Gb (218 Mb free - 73%) [Windows] # NTFS
D:\ -> Removable drive # 7 Gb (2 Mb free - 29%) [] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [GfxServiceInstall] - C:\Windows\system32\GfxCUIServiceInstall.vbs
HKLM\SOFTWARE | Run : [IgfxTray] - C:\Windows\system32\igfxtray.exe
HKLM\SOFTWARE | Run : [HotKeysCmds] - C:\Windows\system32\hkcmd.exe
HKLM\SOFTWARE | Run : [Persistence] - C:\Windows\system32\igfxpers.exe
HKLM\SOFTWARE | Run : [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [HotkeyMon] - AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
HKLM\SOFTWARE | Run : [HotkeyService] - AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
HKLM\SOFTWARE | Run : [CapsHook] - AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
HKLM\SOFTWARE | Run : [SuperHybridEngine] - AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
HKLM\SOFTWARE | Run : [LiveUpdate] - AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
HKLM\SOFTWARE | Run : [SynAsusAcpi] - %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2614108188-4201486478-1772553301-1000\SOFTWARE | Run : [rqcqyuxmeb] - wscript.exe //B "C:\Users\robert\AppData\Local\Temp\rqcqyuxmeb.vbs"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Stopped processes |

Stopped! C:\Windows\system32\WLANExt.exe (1332)
Stopped! C:\Windows\System32\spoolsv.exe (1436)
Stopped! C:\Windows\system32\taskhost.exe (1620)
Stopped! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1632)
Stopped! C:\Windows\system32\AsusService.exe (1680)
Stopped! C:\Windows\System32\igfxtray.exe (2200)
Stopped! C:\Windows\System32\hkcmd.exe (2220)
Stopped! C:\Windows\System32\igfxpers.exe (2260)
Stopped! C:\Windows\system32\igfxsrvc.exe (2288)
Stopped! C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (2300)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2328)
Stopped! C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe (2392)
Stopped! C:\Windows\system32\WUDFHost.exe (2400)
Stopped! C:\Program Files\ASUS\HotkeyService\HotkeyService.exe (2412)
Stopped! C:\Program Files\ASUS\CapsHook\CapsHook.exe (2512)
Stopped! C:\Program Files\ASUS\SHE\SuperHybridEngine.exe (2536)
Stopped! C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (2548)
Stopped! C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe (2624)
Stopped! C:\Windows\System32\wscript.exe (2756)
Stopped! C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (3140)
Stopped! C:\Windows\system32\SearchIndexer.exe (3424)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (3544)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3820)
Stopped! C:\Users\robert\AppData\Local\Google\Chrome\Application\chrome.exe (2272)
Stopped! C:\Users\robert\AppData\Local\Google\Chrome\Application\chrome.exe (2368)
Stopped! C:\Users\robert\AppData\Local\Google\Chrome\Application\chrome.exe (3228)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (2420)
Stopped! C:\Windows\system32\SearchFilterHost.exe (1408)
Stopped! C:\Windows\system32\DllHost.exe (3748)

################## | Files # Infected Folders |

Deleted ! D:\rqcqyuxmeb.vbs
Deleted ! C:\Users\robert\AppData\Local\Temp\rqcqyuxmeb.vbs
Deleted ! D:\.lnk
Deleted ! D:\Jackass 1 Cz (J).lnk
Deleted ! D:\Jackass 2.lnk
Deleted ! D:\JACKASS-3.lnk
Deleted ! D:\Jackass-3-CZ.lnk
Deleted ! D:\pstfsvapsu.lnk
Deleted ! D:\default-capability.lnk
Deleted ! D:\customized-capability.lnk
Deleted ! C:\Users\robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rqcqyuxmeb.vbs
Deleted ! D:\pstfsvapsu.vbs

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|rqcqyuxmeb

################## | Mountpoints2 |


################## | Listing |

[07/09/2013 - 11:05:55 | SHD ] C:\$Recycle.Bin
[10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat
[10/06/2009 - 22:42:20 | N | 10] C:\config.sys
[04/01/2013 - 09:21:08 | N | 37] C:\DevMgr.bat
[14/07/2009 - 05:53:55 | SHD ] C:\Documents and Settings
[08/09/2013 - 13:02:34 | N | 332] C:\fftrlog.txt
[29/09/2013 - 12:16:08 | D ] C:\filmy
[29/12/2013 - 09:54:15 | ASH | 795824128] C:\hiberfil.sys
[08/09/2013 - 12:51:25 | D ] C:\hudba
[22/07/2013 - 15:55:11 | D ] C:\Intel
[29/12/2013 - 09:54:18 | ASH | 1073741824] C:\pagefile.sys
[14/07/2009 - 03:37:05 | D ] C:\PerfLogs
[03/11/2013 - 08:18:04 | D ] C:\Program Files
[08/09/2013 - 15:31:24 | HD ] C:\ProgramData
[08/09/2013 - 13:27:08 | D ] C:\programy
[07/09/2013 - 11:03:49 | SHD ] C:\Recovery
[22/07/2013 - 16:06:18 | N | 2035] C:\RHDSetup.log
[22/07/2013 - 16:56:59 | D ] C:\RPKTools
[22/07/2013 - 16:54:49 | N | 273] C:\siw_debug.txt
[29/12/2013 - 10:19:13 | D ] C:\stah
[22/10/2013 - 16:51:32 | SHD ] C:\System Volume Information
[04/01/2013 - 09:21:08 | D ] C:\Tools
[29/12/2013 - 10:21:46 | D ] C:\UsbFix
[29/12/2013 - 10:22:41 | A | 6454] C:\UsbFix [Clean 1] ROBERT-PC.txt
[07/09/2013 - 11:05:02 | D ] C:\Users
[08/09/2013 - 13:45:05 | D ] C:\Windows
[25/11/2013 - 20:06:34 | D ] D:\LOST.DIR
[25/11/2013 - 20:06:36 | N | 12743] D:\default-capability.xml
[25/11/2013 - 20:06:38 | N | 145] D:\customized-capability.xml
[24/05/2013 - 12:24:00 | N | 112] D:\.~lock.Ústecký Kraj.odp#
[06/10/2013 - 15:07:24 | D ] D:\manowar 2002
[18/12/2012 - 21:06:40 | N | 768788480] D:\Jackass 1 Cz (J).avi
[18/12/2012 - 21:06:40 | N | 737134592] D:\Jackass 2.avi
[18/12/2012 - 21:06:40 | N | 729323520] D:\JACKASS-3.5-(2012)-akční,-komedie-CZ-DABING.avi
[18/12/2012 - 21:06:40 | N | 725897216] D:\Jackass-3-CZ.avi

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net |

Re: Vir

Napsal: 29 pro 2013 10:55
od vyosek
:arrow: tak tohle bychom meli

:arrow: Nyni poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=24&t=130784

Re: Vir

Napsal: 29 pro 2013 11:00
od trebor.salah
Logfile of random's system information tool 1.09 (written by random/random)
Run by robert at 2013-12-29 10:58:27
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 223 GB (73%) free of 305 GB
Total RAM: 1012 MB (31% free)


======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2614108188-4201486478-1772553301-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2614108188-4201486478-1772553301-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GfxServiceInstall"=C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-02-26 131]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-26 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-26 168960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-26 161280]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-09-28 11004520]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-30 2274600]
"HotkeyMon"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
"CapsHook"=AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-06-30 83240]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\robert\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-29 116648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-26 224768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-29 10:56:30 ----D---- C:\Program Files\trend micro
2013-12-29 10:56:29 ----D---- C:\rsit
2013-12-29 10:32:31 ----D---- C:\Program Files\GUM62C8.tmp
2013-12-29 10:22:42 ----RASHD---- C:\Autorun.inf
2013-12-29 10:19:24 ----A---- C:\UsbFix [Clean 1] ROBERT-PC.txt
2013-12-29 10:18:50 ----D---- C:\UsbFix

======List of files/folders modified in the last 1 month======

2013-12-29 10:59:01 ----D---- C:\Windows\Prefetch
2013-12-29 10:58:34 ----D---- C:\Windows\Temp
2013-12-29 10:58:13 ----D---- C:\stah
2013-12-29 10:56:30 ----D---- C:\Program Files
2013-12-29 10:32:30 ----D---- C:\Windows\Tasks
2013-12-29 10:32:30 ----D---- C:\Windows\system32\Tasks
2013-12-29 09:58:20 ----D---- C:\Windows\System32
2013-12-29 09:58:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-29 09:58:19 ----D---- C:\Windows\inf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2012-01-10 2231808]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-02-26 1344512]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-02-26 419328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-04 3681000]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-12-23 90736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-30 1353008]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S2 AsusService;Asus Launcher Service; C:\Windows\system32\AsusService.exe [2012-01-11 224680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: Vir

Napsal: 29 pro 2013 11:29
od vyosek
:arrow: Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"NtVdmSrv"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-

:files
C:\Windows\inf\ntvdm.vbe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2614108188-4201486478-1772553301-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2614108188-4201486478-1772553301-1000UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Kliknete na cervene tlacitko MoveIt!
  • Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

Re: Vir

Napsal: 29 pro 2013 11:41
od trebor.salah
All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
========== FILES ==========
C:\Windows\inf\ntvdm.vbe moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2614108188-4201486478-1772553301-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2614108188-4201486478-1772553301-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: robert
->Temp folder emptied: 172458118 bytes
->Temporary Internet Files folder emptied: 4059526 bytes
->Google Chrome cache emptied: 374682946 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 76995456 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 39576003 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 637,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: robert

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: robert

Total Java Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 12292013_113611

Re: Vir

Napsal: 29 pro 2013 11:45
od vyosek
Jak se chova nas pacient??

Re: Vir

Napsal: 29 pro 2013 11:49
od trebor.salah
už je to v poho takže moc děkuji a kdyby něco vím na koho se obrátím a ještě jedna otázka můžu odstranit ti soubory co jsem stáhl ještě jednou děkuji si borec!!!!!

Re: Vir

Napsal: 29 pro 2013 11:52
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Re: Vir

Napsal: 29 pro 2013 12:37
od vyosek
Vas ucet byl zablokovan - pouzivejte puvodni robert.halas http://forum.viry.cz/memberlist.php?mod ... le&u=53507
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz