Problém s Qvo6 VYŘEŠENO

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Mods_junior, Security team

Re: Problém s Qvo6

Odeslatod true » 18 Črc 2013 20:18

ComboFix 13-07-18.02 - zuzi 18.07.2013 19:54:55.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1033.18.2038.861 [GMT 2:00]
Spuštěný z: c:\users\zuzi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-18 do 2013-07-18 )))))))))))))))))))))))))))))))
.
.
2013-07-18 18:08 . 2013-07-18 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-16 18:26 . 2013-07-16 18:26 -------- d-----w- c:\windows\ERUNT
2013-07-16 16:41 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-16 16:41 . 2013-07-16 16:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-16 16:17 . 2013-07-16 16:17 -------- d-----w- c:\users\zuzi\AppData\Local\Apple Computer
2013-07-16 12:37 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E89AE26D-0F80-4F72-B189-5329C1EA11FF}\mpengine.dll
2013-07-11 12:39 . 2013-07-13 18:11 -------- d-----w- c:\users\zuzi\AppData\Roaming\Seznam.cz
2013-07-11 10:23 . 2013-06-04 01:50 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-06-23 14:11 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-23 14:11 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-23 14:11 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-06-23 14:11 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll
2013-06-23 14:11 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-23 14:11 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-06-23 14:10 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-23 14:10 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-23 14:10 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-23 14:10 . 2013-04-24 04:00 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-23 14:10 . 2013-04-24 04:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-23 14:10 . 2013-04-24 04:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-23 14:10 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-23 14:03 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-23 13:41 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-06-23 13:41 . 2013-06-27 20:24 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-23 13:41 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 20:24 . 2011-12-02 22:16 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 20:24 . 2010-07-19 20:24 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2010-07-19 20:24 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2010-07-19 20:24 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2010-07-19 20:24 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2010-07-19 20:24 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2010-07-19 20:23 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2010-07-19 20:23 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2009-10-03 11:22 238872 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-03-10 262144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"SpyEmergency"="c:\program files\NETGATE\Spy Emergency\SpyEmergency.exe" [2011-03-02 2394752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-12 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-12 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2006-11-12 36864]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\zuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]
Samsung Auto Backup Guage.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFGuage.exe [2010-12-25 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2010-12-25 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFTimerD.exe [2010-12-25 102400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-166558573-3448494969-501337719-1003]
"EnableNotificationsRef"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMPROTECTOR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 19:48 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-25 22:04]
.
2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-25 22:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/?gws_rd=cr
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKCU-Run-MediaGet2 - c:\users\zuzi\AppData\Local\MediaGet2\mediaget.exe
HKCU-Run-AdobeBridge - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-WinGimp-2.0_is1 - c:\program files\GIMP-2.0\setup\unins000.exe
AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-18 20:09
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b4
.
Celkový čas: 2013-07-18 20:12:30
ComboFix-quarantined-files.txt 2013-07-18 18:12
.
Před spuštěním: 27 273 412 608 bytes free
Po spuštění: 26 980 913 152 bytes free
.
- - End Of File - - 451E1598F907C701B5FE9CAC3A97D088
5C616939100B85E558DA92B899A0FC36
true
nováček
 
Věrnost fóru:
Věrnost fóru
 
Příspěvky: 18
Pohlaví: Žena

google adsense
Google
 

Re: Problém s Qvo6

Odeslatod memphisto » 18 Črc 2013 22:10

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
Folder::
c:\program files\NETGATE

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpyEmergency"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-166558573-3448494969-501337719-1003]
"EnableNotificationsRef"=dword:00000000

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b4

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Uživatelský avatar
memphisto
Moderátor
Guru Level 13
Guru Level 13
 
Věrnost fóru:
Věrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóru
 
Příspěvky: 20635
Obrázky: 1
Bydliště: Zlín - České Budějovice
Pohlaví: Muž

Re: Problém s Qvo6

Odeslatod true » 19 Črc 2013 16:14

ComboFix 13-07-18.02 - zuzi 19.07.2013 15:44:44.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1033.18.2038.901 [GMT 2:00]
Spuštěný z: c:\users\zuzi\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\zuzi\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\NETGATE
c:\program files\NETGATE\Spy Emergency\cpulib.dll
c:\program files\NETGATE\Spy Emergency\cpulib.txt
c:\program files\NETGATE\Spy Emergency\gateway.pem
c:\program files\NETGATE\Spy Emergency\Languages\Bulgarian\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Czech\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Dutch\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\English\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\French\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\German\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Hungarian\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\ChineseS\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\ChineseT\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Italiano\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Polish\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Portuguese\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Russian\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Slovak\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Slovenian\default.ini
c:\program files\NETGATE\Spy Emergency\Languages\Spanish\default.ini
c:\program files\NETGATE\Spy Emergency\libeay32.dll
c:\program files\NETGATE\Spy Emergency\License.txt
c:\program files\NETGATE\Spy Emergency\manual.pdf
c:\program files\NETGATE\Spy Emergency\menuext.dll
c:\program files\NETGATE\Spy Emergency\Readme.txt
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\bottom.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\bottom_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\bottom_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_help.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_large.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_max.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_medium.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_cage.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_custom.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_full.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_keeplist.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_news.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_options.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_quick.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_remove.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_scan.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_status.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_support.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_menu_system.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\button_min.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\default.ini
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\dialog_big.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\check_button.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\check_button_list.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\left.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\menu.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\right.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\right_center.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_back.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_down.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_slider1.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_slider2.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_slider3.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_tree.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\scrollbar_up.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\top.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\top_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\top_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Alienspace\top_title.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\bottom.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\bottom_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\bottom_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_help.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_large.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_max.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_medium.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_cage.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_custom.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_full.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_keeplist.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_news.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_options.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_quick.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_remove.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_scan.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_status.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_support.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_menu_system.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\button_min.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\default.ini
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\dialog_big.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\check_button.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\check_button_list.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\left.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\menu.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\right.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\right_center.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_back.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_down.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_slider1.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_slider2.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_slider3.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_tree.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\scrollbar_up.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\top.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\top_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\top_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Deepsea\top_title.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\bottom.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\bottom_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\bottom_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_help.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_large.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_max.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_medium.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_cage.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_custom.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_full.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_keeplist.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_news.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_options.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_quick.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_remove.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_scan.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_status.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_support.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_menu_system.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\button_min.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\default.ini
c:\program files\NETGATE\Spy Emergency\Skins\Default\dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\dialog_big.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\check_button.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\check_button_list.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\left.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\menu.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\right.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\right_center.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_back.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_down.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_slider1.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_slider2.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_slider3.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_tree.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\scrollbar_up.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\top.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\top_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\top_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Default\top_title.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\bottom.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\bottom_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\bottom_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_help.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_large.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_max.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_medium.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_cage.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_custom.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_full.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_keeplist.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_news.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_options.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_quick.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_remove.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_scan.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_status.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_support.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_menu_system.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\button_min.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\default.ini
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\dialog_big.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\check_button.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\check_button_list.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\left.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\menu.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\right.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\right_center.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_back.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_down.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_slider1.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_slider2.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_slider3.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_tree.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\scrollbar_up.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\top.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\top_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\top_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Metalbrown\top_title.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\bottom.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\bottom_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\bottom_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_help.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_large.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_max.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_medium.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_cage.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_custom.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_full.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_keeplist.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_news.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_options.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_quick.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_remove.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_scan.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_status.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_support.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_menu_system.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\button_min.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\default.ini
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\dialog_big.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\check_button.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\check_button_list.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\left.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\menu.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\right.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\right_center.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_back.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_down.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_slider1.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_slider2.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_slider3.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_tree.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\scrollbar_up.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\top.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\top_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\top_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Redrose\top_title.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\bottom.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\bottom_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\bottom_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_help.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_large.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_max.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_medium.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_about.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_cage.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_custom.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_full.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_keeplist.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_news.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_options.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_quick.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_remove.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_scan.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_status.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_support.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_menu_system.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\button_min.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\default.ini
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\dialog.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\dialog_big.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\check_button.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\check_button_list.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\left.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\menu.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\right.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\right_center.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_back.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_down.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_slider1.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_slider2.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_slider3.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_tree.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\scrollbar_up.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\top.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\top_left.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\top_right.png
c:\program files\NETGATE\Spy Emergency\Skins\Royalpurple\top_title.png
c:\program files\NETGATE\Spy Emergency\SpyEmergency.exe
c:\program files\NETGATE\Spy Emergency\spyemergency.chm
c:\program files\NETGATE\Spy Emergency\SpyEmergency.mof
c:\program files\NETGATE\Spy Emergency\SpyEmergencyAv.mof
c:\program files\NETGATE\Spy Emergency\SpyEmergencyCmd.exe
c:\program files\NETGATE\Spy Emergency\SpyEmergencyDel.vbs
c:\program files\NETGATE\Spy Emergency\SpyEmergencyDelAv.vbs
c:\program files\NETGATE\Spy Emergency\SpyEmergencySkin.exe
c:\program files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
c:\program files\NETGATE\Spy Emergency\ssleay32.dll
c:\program files\NETGATE\Spy Emergency\Tools\SeAnalyzerTool.exe
c:\program files\NETGATE\Spy Emergency\Trial\tp.bmp
c:\program files\NETGATE\Spy Emergency\Trial\tp.rtf
c:\program files\NETGATE\Spy Emergency\unins000.dat
c:\program files\NETGATE\Spy Emergency\unins000.exe
c:\program files\NETGATE\Spy Emergency\unrar.dll
c:\program files\NETGATE\Spy Emergency\warning.wav
c:\program files\NETGATE\Spy Emergency\webspam.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SpyEmrgSrv
-------\Service_SpyEmrgSrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-19 do 2013-07-19 )))))))))))))))))))))))))))))))
.
.
2013-07-19 13:57 . 2013-07-19 14:02 -------- d-----w- c:\users\zuzi\AppData\Local\temp
2013-07-19 13:57 . 2013-07-19 13:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-16 18:26 . 2013-07-16 18:26 -------- d-----w- c:\windows\ERUNT
2013-07-16 16:17 . 2013-07-16 16:17 -------- d-----w- c:\users\zuzi\AppData\Local\Apple Computer
2013-07-16 12:37 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E89AE26D-0F80-4F72-B189-5329C1EA11FF}\mpengine.dll
2013-07-11 12:39 . 2013-07-13 18:11 -------- d-----w- c:\users\zuzi\AppData\Roaming\Seznam.cz
2013-07-11 10:23 . 2013-06-04 01:50 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-06-23 14:11 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-23 14:11 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-23 14:11 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-06-23 14:11 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll
2013-06-23 14:11 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-23 14:11 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-06-23 14:10 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-23 14:10 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-23 14:10 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-23 14:10 . 2013-04-24 04:00 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-23 14:10 . 2013-04-24 04:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-23 14:10 . 2013-04-24 04:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-23 14:10 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-23 14:03 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-23 13:41 . 2013-05-09 08:59 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-06-23 13:41 . 2013-06-27 20:24 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-23 13:41 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 20:24 . 2011-12-02 22:16 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 20:24 . 2010-07-19 20:24 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2010-07-19 20:24 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2010-07-19 20:24 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2010-07-19 20:24 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2010-07-19 20:24 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2010-07-19 20:23 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2010-07-19 20:23 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2009-10-03 11:22 238872 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-03-10 262144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-12 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-12 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2006-11-12 36864]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-08 47904]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\zuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]
Samsung Auto Backup Guage.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFGuage.exe [2010-12-25 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2010-12-25 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFTimerD.exe [2010-12-25 102400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-166558573-3448494969-501337719-1003]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 19:48 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/?gws_rd=cr
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Spy Emergency_is1 - c:\program files\NETGATE\Spy Emergency\unins000.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Sony\Network Utility\NSUService.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2013-07-19 16:07:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-19 14:06
ComboFix2.txt 2013-07-19 11:14
ComboFix3.txt 2013-07-18 18:12
.
Před spuštěním: 29 579 005 952 bytes free
Po spuštění: 29 441 298 432 bytes free
.
- - End Of File - - 1334E6628F87CDB1A5E83A157C947252
5C616939100B85E558DA92B899A0FC36
true
nováček
 
Věrnost fóru:
Věrnost fóru
 
Příspěvky: 18
Pohlaví: Žena

Re: Problém s Qvo6

Odeslatod memphisto » 19 Črc 2013 17:56

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Uživatelský avatar
memphisto
Moderátor
Guru Level 13
Guru Level 13
 
Věrnost fóru:
Věrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóru
 
Příspěvky: 20635
Obrázky: 1
Bydliště: Zlín - České Budějovice
Pohlaví: Muž

Re: Problém s Qvo6

Odeslatod true » 19 Črc 2013 19:16

komp se zda byt rychlejsi, muzu uz odinstalovat vsechny ty cistidla?

tady je log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:02, on 19.7.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Users\zuzi\Desktop\hijackthis.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\Apntex.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?gws_rd=cr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Samsung Auto Backup Guage.lnk = ?
O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?
O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9dd84d422ecd0) (gupdate1c9dd84d422ecd0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9881 bytes
true
nováček
 
Věrnost fóru:
Věrnost fóru
 
Příspěvky: 18
Pohlaví: Žena

Re: Problém s Qvo6

Odeslatod memphisto » 19 Črc 2013 22:25

Můžeš...
V HJT fixni:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Dej start - spustit - services.msc - najdi a ukonči/zakaž tyto služby:
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Uživatelský avatar
memphisto
Moderátor
Guru Level 13
Guru Level 13
 
Věrnost fóru:
Věrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóru
 
Příspěvky: 20635
Obrázky: 1
Bydliště: Zlín - České Budějovice
Pohlaví: Muž

Re: Problém s Qvo6

Odeslatod true » 22 Črc 2013 10:47

023 mi nejdou odebrat
true
nováček
 
Věrnost fóru:
Věrnost fóru
 
Příspěvky: 18
Pohlaví: Žena

Re: Problém s Qvo6

Odeslatod memphisto » 22 Črc 2013 10:51

Jak nejdou odebrat? jako zastavit? Nebo fixnout?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Uživatelský avatar
memphisto
Moderátor
Guru Level 13
Guru Level 13
 
Věrnost fóru:
Věrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóru
 
Příspěvky: 20635
Obrázky: 1
Bydliště: Zlín - České Budějovice
Pohlaví: Muž

Re: Problém s Qvo6

Odeslatod true » 22 Črc 2013 14:00

nedavala jsem je asi fixnout...nasla jsem je pres tu cestu co jsi napsal, ale nemuzu je smazat
true
nováček
 
Věrnost fóru:
Věrnost fóru
 
Příspěvky: 18
Pohlaví: Žena

Re: Problém s Qvo6

Odeslatod jaro3 » 22 Črc 2013 18:54

Dej start - spustit - services.msc - najdi a ukonči/zakaž tyto služby:
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)


Ve správci úloh je zastav a pak smaž.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 13.5
Guru Level 13.5
 
Věrnost fóru:
Věrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóru
 
Příspěvky: 27067
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Problém s Qvo6

Odeslatod true » 24 Črc 2013 15:02

ok hotovo
true
nováček
 
Věrnost fóru:
Věrnost fóru
 
Příspěvky: 18
Pohlaví: Žena

Re: Problém s Qvo6

Odeslatod jaro3 » 24 Črc 2013 15:55

Stáhni si shortcut-cleaner
na svojí plochu. Poklepej na ploše na sc-cleaner.exe
Program se spustí a poté vyhotoví log , ten sem vlož.

Pak napiš , jak to vypadá.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 13.5
Guru Level 13.5
 
Věrnost fóru:
Věrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóruVěrnost fóru
 
Příspěvky: 27067
Bydliště: Jižní Čechy
Pohlaví: Muž

PředchozíDalší

Zpět na HiJackThis

Kdo je online

Uživatelé procházející toto fórum: CommonCrawl [Bot] a 1 anonymní uživatel