Wirus linkbucks usunięcie

JodaMinecraft · 26 Stycznia 2014

Witam. Od wczoraj mam następujący gdy przeglądam strony ciągle wyskakuje mi coś typu adfly a konkretnie:

http://www.ultrafiles.net/7cc02b3a/

url/http://www.mpcforum.pl/ Z tego co wyczytałem to jest to wirus próbowałem już chyba wszystkiego aby to usunąć. O to logi: Z AdwCleaner:

# AdwCleaner v3.017 - Log utworzony 26/01/2014 o 15:36:59
# Aktualizacja 12/01/2014 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : pc - PC-KOMPUTER
# Ścieżka : C:\Users\pc\Desktop\AdwCleaner.exe
# Opcja : Usuń

***** [ Usługi ] *****


***** [ Pliki / Foldery ] *****

[!] Folder Usunięto : C:\Program Files (x86)\iSafe
Folder Usunięto : C:\Users\pc\AppData\Roaming\iSafe

***** [ Skróty ] *****


***** [ Rejestr ] *****


***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Google Chrome v32.0.1700.76

[ Plik : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1534 octets] - [25/01/2014 19:48:10]
AdwCleaner[R1].txt - [990 octets] - [26/01/2014 15:36:15]
AdwCleaner[S0].txt - [1526 octets] - [25/01/2014 19:49:09]
AdwCleaner[S1].txt - [913 octets] - [26/01/2014 15:36:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [972 octets] ##########

z ComboFix

ComboFix 14-01-23.02 - pc 2014-01-26  15:45:32.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4094.2401 [GMT 1:00]
Uruchomiony z: c:\users\pc\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Symantec Endpoint Protection *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-12-26 do 2014-01-26  )))))))))))))))))))))))))))))))
.
.
2014-01-26 14:49 . 2014-01-26 14:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-26 14:37 . 2014-01-26 14:37	--------	d-----w-	c:\users\pc\AppData\Roaming\iSafe
2014-01-26 13:02 . 2014-01-26 13:02	--------	d-----w-	c:\windows\Migration
2014-01-26 13:00 . 2014-01-26 13:00	--------	d-----w-	c:\program files\Microsoft Silverlight
2014-01-26 13:00 . 2014-01-26 13:00	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2014-01-26 12:55 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2014-01-26 12:55 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-01-26 12:41 . 2014-01-26 13:31	--------	d-----w-	c:\users\pc\AppData\Roaming\.minecraft
2014-01-26 08:46 . 2014-01-26 08:46	--------	d-----w-	c:\windows\SysWow64\wbem\Logs
2014-01-25 19:06 . 2014-01-25 19:06	--------	d-----w-	c:\users\pc\AppData\Roaming\eCyber
2014-01-25 19:06 . 2014-01-25 19:06	--------	d-----w-	c:\windows\system32\log
2014-01-25 19:06 . 2014-01-26 14:38	--------	d-----w-	c:\program files (x86)\iSafe
2014-01-25 18:47 . 2014-01-26 14:37	--------	d-----w-	C:\AdwCleaner
2014-01-15 15:49 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 15:49 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 15:49 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 15:49 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 15:49 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 15:49 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 15:49 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 15:49 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-15 15:49 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-13 20:41 . 2014-01-13 20:41	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2014-01-10 21:17 . 2014-01-10 21:17	--------	d-----w-	c:\users\pc\AppData\Roaming\Cream Software
2014-01-07 11:35 . 2014-01-07 11:35	--------	d-----w-	c:\programdata\PWPW
2014-01-07 11:35 . 2014-01-07 11:35	--------	d-----w-	c:\users\pc\AppData\Roaming\PWPW
2014-01-07 11:31 . 2014-01-07 11:31	--------	d-----w-	C:\Omnikey
2014-01-07 11:30 . 2014-01-25 19:13	--------	d-----w-	c:\program files (x86)\bit4id
2014-01-05 17:08 . 2013-03-03 10:39	202112	----a-w-	c:\windows\SysWow64\cnvshell.dll
2014-01-04 22:49 . 2014-01-26 08:45	--------	d-----w-	c:\users\pc\AppData\Local\screenSHU
2014-01-04 08:57 . 2014-01-04 08:57	--------	d-----w-	c:\users\pc\AppData\Local\LogMeIn
2014-01-04 08:57 . 2014-01-04 08:57	--------	d-----w-	c:\programdata\LogMeIn
2014-01-03 20:54 . 2013-10-08 08:55	1988096	----a-w-	c:\windows\system32\libmysql_e.dll
2014-01-03 19:56 . 2014-01-03 19:56	--------	d-----w-	c:\users\pc\AppData\Local\Project_SaviriS
2014-01-03 19:10 . 2014-01-26 14:40	--------	d-----w-	c:\users\pc\AppData\Local\LogMeIn Hamachi
2014-01-03 19:00 . 2014-01-05 11:00	--------	d-----w-	c:\users\pc\VirtualBox VMs
2014-01-03 19:00 . 2014-01-06 11:13	--------	d-----w-	c:\users\pc\.VirtualBox
2014-01-03 18:27 . 2013-12-18 16:19	252688	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2014-01-03 18:27 . 2014-01-03 18:27	--------	dc----w-	c:\windows\system32\DRVSTORE
2014-01-03 18:27 . 2013-12-18 16:16	126736	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2014-01-03 18:27 . 2014-01-03 18:27	--------	d-----w-	c:\program files\Oracle
2014-01-03 17:48 . 2014-01-03 17:48	--------	d-----w-	c:\users\pc\.android
2014-01-03 17:48 . 2014-01-07 13:02	--------	d-----w-	c:\users\pc\AppData\Local\cache
2014-01-02 18:52 . 2014-01-10 16:16	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2013-12-30 17:07 . 2013-12-30 17:07	--------	d-----w-	c:\users\pc\AppData\Local\ESN
2013-12-30 14:31 . 2013-12-30 14:31	--------	d--h--w-	c:\program files (x86)\Common Files\EAInstaller
2013-12-30 14:31 . 2013-12-31 08:15	--------	d-----w-	c:\program files (x86)\Battlelog Web Plugins
2013-12-30 14:30 . 2013-12-30 14:30	--------	d-----w-	c:\programdata\Package Cache
2013-12-30 13:52 . 2013-12-30 13:52	--------	d-----w-	c:\program files (x86)\Origin Games
2013-12-30 13:52 . 2013-12-31 08:16	--------	d-----w-	c:\users\pc\AppData\Roaming\Origin
2013-12-30 13:52 . 2013-12-30 19:14	--------	d-----w-	c:\users\pc\AppData\Local\Origin
2013-12-30 13:46 . 2013-12-30 19:14	--------	d-----w-	c:\programdata\Origin
2013-12-30 13:46 . 2013-12-30 19:14	--------	d-----w-	c:\programdata\Electronic Arts
2013-12-30 13:45 . 2014-01-26 08:45	--------	d-----w-	c:\program files (x86)\Origin
2013-12-28 20:08 . 2013-12-28 20:13	--------	d-----w-	c:\users\pc\AppData\Roaming\NVIDIA
2013-12-28 20:00 . 2013-12-28 20:00	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-12-28 19:59 . 2013-11-11 15:02	6674208	----a-w-	c:\windows\system32\nvcpl.dll
2013-12-28 19:59 . 2013-11-11 15:02	3490080	----a-w-	c:\windows\system32\nvsvc64.dll
2013-12-28 19:59 . 2013-11-11 15:01	922912	----a-w-	c:\windows\system32\nvvsvc.exe
2013-12-28 19:59 . 2013-11-11 15:01	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-12-28 19:59 . 2013-11-11 15:01	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-12-28 19:59 . 2013-11-11 15:01	219424	----a-w-	c:\windows\system32\nvmctray.dll
2013-12-28 19:59 . 2013-11-14 11:56	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-12-28 19:59 . 2013-11-14 11:56	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-12-28 19:57 . 2013-11-14 11:56	25257248	----a-w-	c:\windows\system32\nvcompiler.dll
2013-12-28 19:57 . 2013-11-14 11:56	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2013-12-28 19:57 . 2013-11-14 11:56	3069608	----a-w-	c:\windows\system32\nvapi64.dll
2013-12-28 19:57 . 2013-11-14 11:56	2697248	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-12-28 19:21 . 2013-12-28 19:21	--------	d-----w-	c:\programdata\DriverGenius
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-20 15:27 . 2013-12-26 16:54	291944	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-01-20 15:27 . 2013-12-24 08:40	291944	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-01-15 21:21 . 2013-12-18 21:28	86054176	----a-w-	c:\windows\system32\MRT.exe
2014-01-10 14:30 . 2013-12-24 08:40	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-12-30 14:30 . 2013-12-24 08:40	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-12-19 21:33 . 2013-12-19 21:33	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-19 21:33 . 2013-12-19 21:33	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-12-19 21:33 . 2013-12-19 21:33	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-12-19 21:33 . 2013-12-19 21:33	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-12-19 21:33 . 2013-12-19 21:33	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-12-19 21:33 . 2013-12-19 21:33	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-12-19 21:33 . 2013-12-19 21:33	81408	----a-w-	c:\windows\system32\icardie.dll
2013-12-19 21:33 . 2013-12-19 21:33	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-12-19 21:33 . 2013-12-19 21:33	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-19 21:33 . 2013-12-19 21:33	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-19 21:33 . 2013-12-19 21:33	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-12-19 21:33 . 2013-12-19 21:33	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-12-19 21:33 . 2013-12-19 21:33	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-12-19 21:33 . 2013-12-19 21:33	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-12-19 21:33 . 2013-12-19 21:33	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-12-19 21:33 . 2013-12-19 21:33	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-12-19 21:33 . 2013-12-19 21:33	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-12-19 21:33 . 2013-12-19 21:33	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-12-19 21:33 . 2013-12-19 21:33	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-12-19 21:33 . 2013-12-19 21:33	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-12-19 21:33 . 2013-12-19 21:33	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-12-19 21:33 . 2013-12-19 21:33	413696	----a-w-	c:\windows\system32\html.iec
2013-12-19 21:33 . 2013-12-19 21:33	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-19 21:33 . 2013-12-19 21:33	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-12-19 21:33 . 2013-12-19 21:33	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-19 21:33 . 2013-12-19 21:33	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-12-19 21:33 . 2013-12-19 21:33	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-12-19 21:33 . 2013-12-19 21:33	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-12-19 21:33 . 2013-12-19 21:33	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-12-19 21:33 . 2013-12-19 21:33	247808	----a-w-	c:\windows\system32\msls31.dll
2013-12-19 21:33 . 2013-12-19 21:33	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-12-19 21:33 . 2013-12-19 21:33	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-12-19 21:33 . 2013-12-19 21:33	235520	----a-w-	c:\windows\system32\url.dll
2013-12-19 21:33 . 2013-12-19 21:33	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-12-19 21:33 . 2013-12-19 21:33	195584	----a-w-	c:\windows\system32\msrating.dll
2013-12-19 21:33 . 2013-12-19 21:33	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-12-19 21:33 . 2013-12-19 21:33	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-12-19 21:33 . 2013-12-19 21:33	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-12-19 21:33 . 2013-12-19 21:33	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-12-19 21:33 . 2013-12-19 21:33	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-12-19 21:33 . 2013-12-19 21:33	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-12-19 21:33 . 2013-12-19 21:33	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-12-19 21:33 . 2013-12-19 21:33	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-12-19 21:33 . 2013-12-19 21:33	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-12-19 21:33 . 2013-12-19 21:33	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-12-19 21:33 . 2013-12-19 21:33	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-12-19 21:33 . 2013-12-19 21:33	101376	----a-w-	c:\windows\system32\inseng.dll
2013-12-19 21:33 . 2013-12-19 21:33	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-12-19 21:33 . 2013-12-19 21:33	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-12-19 21:33 . 2013-12-19 21:33	774144	----a-w-	c:\windows\system32\jscript.dll
2013-12-19 21:33 . 2013-12-19 21:33	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-12-19 21:33 . 2013-12-19 21:33	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-12-19 21:33 . 2013-12-19 21:33	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-12-19 21:33 . 2013-12-19 21:33	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-12-19 21:33 . 2013-12-19 21:33	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-12-19 21:33 . 2013-12-19 21:33	147968	----a-w-	c:\windows\system32\occache.dll
2013-12-19 21:33 . 2013-12-19 21:33	143872	----a-w-	c:\windows\system32\wextract.exe
2013-12-19 21:33 . 2013-12-19 21:33	13824	----a-w-	c:\windows\system32\mshta.exe
2013-12-19 21:33 . 2013-12-19 21:33	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-12-18 21:58 . 2013-12-18 21:58	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-12-18 21:58 . 2013-12-18 21:58	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-12-18 21:58 . 2013-12-18 21:58	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-12-18 21:58 . 2013-12-18 21:58	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-12-18 21:58 . 2013-12-18 21:58	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-12-18 21:58 . 2013-12-18 21:58	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-12-18 21:58 . 2013-12-18 21:58	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-12-18 21:58 . 2013-12-18 21:58	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-12-18 21:58 . 2013-12-18 21:58	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-18 21:58 . 2013-12-18 21:58	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-12-18 21:58 . 2013-12-18 21:58	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-12-18 21:58 . 2013-12-18 21:58	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-12-18 21:58 . 2013-12-18 21:58	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-12-18 21:58 . 2013-12-18 21:58	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-12-18 21:58 . 2013-12-18 21:58	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-12-18 21:58 . 2013-12-18 21:58	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-12-18 21:58 . 2013-12-18 21:58	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-12-18 21:58 . 2013-12-18 21:58	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-12-18 21:58 . 2013-12-18 21:58	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-12-18 21:58 . 2013-12-18 21:58	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-12-18 21:58 . 2013-12-18 21:58	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 iSafeService;iSafeService;c:\program files (x86)\iSafe\iSafeSvc.exe;c:\program files (x86)\iSafe\iSafeSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 GemCCID;GemCCID;c:\windows\system32\DRIVERS\GemCCID.sys;c:\windows\SYSNATIVE\DRIVERS\GemCCID.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iSafeKrnl;iSafeKrnl;c:\program files (x86)\iSafe\iSafeKrnl.sys;c:\program files (x86)\iSafe\iSafeKrnl.sys [x]
R3 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 SyDvCtrl;SyDvCtrl;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20140115.011\BHDrvx64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20140115.011\BHDrvx64.sys [x]
S1 ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553};Symantec Endpoint Protection 12.1.2015.2015.105 Settings Manager;c:\windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys;c:\windows\SYSNATIVE\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20140124.011\IDSvia64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20140124.011\IDSvia64.sys [x]
S1 iSafeNetFilter;iSafeNetFilter;c:\program files (x86)\iSafe\iSafeNetFilter.sys;c:\program files (x86)\iSafe\iSafeNetFilter.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS [x]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\hamaci\hamachi-2.exe;d:\hamaci\hamachi-2.exe [x]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-17 18:51	1211672	----a-w-	c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2014-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-17 18:24]
.
2014-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18 18:25]
.
2014-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18 18:25]
.
.
--------- X64 Entries -----------
.
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 8.8.8.8 109.196.15.2
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-iSafe - c:\program files (x86)\iSafe\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SepMasterService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SmcService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe\" /prefetch:1"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2014-01-26  15:51:26
ComboFix-quarantined-files.txt  2014-01-26 14:51
.
Przed: 146 408 796 160 bajtów wolnych
Po: 146 051 403 776 bajtów wolnych
.
- - End Of File - - 7FD2B08CFA97929E6FD3F370EBEE2EA9
A36C5E4F47E84449FF07ED3517B43A31

Dodatkowo komputer był skanowany Symantec Endpoint Protection oraz programem YAC. Jeśli ktoś ma jakiś pomysł jak to naprawić to proszę o pomoc. Nagradzam likami. Tylko nie piszcie abym sformatował komputer bo to jest ostateczność.

BR3NDzik · 26 Stycznia 2014

Spróbuj Dr.Web'em.

CusT · 26 Stycznia 2014

Przeskanuj komputer antywirusem Malware Bytes (Tak chyba się pisze) U Mnie wykryło 35 zagrożeń, a inne 0.

JodaMinecraft · 27 Stycznia 2014

Z tego co widzę to na razie działa. Dzięki za pomoc. Można Cls.

Zaloguj się

👋 Witaj na MPCForum!

Wirus linkbucks usunięcie

Rekomendowane odpowiedzi

JodaMinecraft

JodaMinecraft

BR3NDzik

BR3NDzik

CusT

CusT

JodaMinecraft

JodaMinecraft

Zarchiwizowany