Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-07-27 15:29:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (18%) free of 30 GB
Total RAM: 1015 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:30:06, on 27.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\qip Infium\infium.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Vision\vision32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\MICROS~2\OFFICE11\XLVIEW.EXE
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
F:\instal a ovladače\netlimiter\RSIT.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5640734250
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5641478578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
--
End of file - 5227 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{DFB3540A-35A1-4435-BC9A-295BD1A399DE}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\4k90efey.default
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-11-08 137752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-05-18 18671104]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-05-17 136176]
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe:*:Enabled:Backgammon v Internetu"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-07-27 15:29:59 ----D---- C:\rsit
2011-07-27 15:29:59 ----D---- C:\Program Files\trend micro
2011-07-27 15:06:38 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Locktime
2011-07-27 15:06:33 ----D---- C:\Program Files\NetLimiter 2 Monitor
2011-07-20 09:33:34 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2011-07-15 08:13:49 ----D---- C:\s4cyklo
2011-07-15 08:11:29 ----D---- C:\totalcmd
2011-07-15 08:11:29 ----A---- C:\WINDOWS\UC.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\RAR.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\PKZIP.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\LHA.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\ARJ.PIF
2011-07-13 16:15:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 16:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-06-29 15:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
======List of files/folders modified in the last 1 month======
2011-07-27 15:30:06 ----D---- C:\WINDOWS\Prefetch
2011-07-27 15:29:59 ----RD---- C:\Program Files
2011-07-27 15:06:36 ----D---- C:\WINDOWS\system32
2011-07-27 15:06:35 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 14:34:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-27 12:45:14 ----D---- C:\WINDOWS\Temp
2011-07-27 07:21:31 ----SD---- C:\WINDOWS\Tasks
2011-07-27 07:18:00 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-20 09:33:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-18 07:10:26 ----D---- C:\WINDOWS
2011-07-15 08:56:52 ----D---- C:\WINDOWS\security
2011-07-15 08:33:57 ----HD---- C:\WINDOWS\inf
2011-07-15 08:16:21 ----A---- C:\WINDOWS\WINCMD.INI
2011-07-13 16:15:16 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 08:12:04 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-11 14:47:58 ----D---- C:\Documents and Settings\admin\Data aplikací\Mozilla
2011-07-11 14:47:50 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl2736ded9;MpKsl2736ded9; \??\C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{46245B35-AE02-45AA-AB6C-59F69C73F292}\MpKsl2736ded9.sys []
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-12-21 30720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-05-18 5870080]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2011-05-18 1684736]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2011-05-18 1389056]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
S2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe [2010-03-25 495616]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu fb vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: prosím o kontrolu fb vir
Dobré odpoledne 
,
Stáhněte MBAM a vložte sem jeho log podle návodu zde, při výběru skenu zvolte Úplný sken.
Zatím nic nemažte, MBAM může mít falešné detekce!
, Stáhněte MBAM a vložte sem jeho log podle návodu zde, při výběru skenu zvolte Úplný sken.Zatím nic nemažte, MBAM může mít falešné detekce!
Koupím trochu času, cenu respektuji.
Re: prosím o kontrolu fb vir
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 7296
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27.7.2011 17:08:57
mbam-log-2011-07-27 (17-08-19).txt
Typ kontroly: Úplný test (C:\|E:\|F:\|G:\|)
Testované objekty: 272038
Uplynulý čas: 44 minut, 32 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\program files\qip infium jadrispack\qip infium jadrispack.exe (Trojan.Downloader) -> No action taken.
mezitím mi Security Essential našel Backdoor:Win32/Delf.KV, asi smazat
www.malwarebytes.org
Verze databáze: 7296
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27.7.2011 17:08:57
mbam-log-2011-07-27 (17-08-19).txt
Typ kontroly: Úplný test (C:\|E:\|F:\|G:\|)
Testované objekty: 272038
Uplynulý čas: 44 minut, 32 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\program files\qip infium jadrispack\qip infium jadrispack.exe (Trojan.Downloader) -> No action taken.
mezitím mi Security Essential našel Backdoor:Win32/Delf.KV, asi smazat
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: prosím o kontrolu fb vir
Soubor nalezený MBAMem smažte a ten z MSE taky. Máte s PC nějaké konkrétní problémy?Koupím trochu času, cenu respektuji.
Re: prosím o kontrolu fb vir
zdravím, díky za pomoc, vše smazáno, problém asi nic konkrétního, ale mám v pc důležitá data, nerada bych aby se dostaly ven
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: prosím o kontrolu fb vir
Na infekci to nevypadá, jen drobnosti.
Stáhněte a spusťte OTM, do okna vložte následující skript a stiskněte tlačítko MoveIt! Po restartu počítače vložte log z OTM, který se vám automaticky otevře, a nový log z RSIT.
Stáhněte a spusťte OTM, do okna vložte následující skript a stiskněte tlačítko MoveIt! Po restartu počítače vložte log z OTM, který se vám automaticky otevře, a nový log z RSIT.Kód: Vybrat vše
:Commands
[EmptyTemp]
[EmptyFlash]
:Services
MpKsl2736ded9
:Files
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{46245B35-AE02-45AA-AB6C-59F69C73F292}\MpKsl2736ded9.sys
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{DFB3540A-35A1-4435-BC9A-295BD1A399DE}.job
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=-
"RTHDCPL"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-Koupím trochu času, cenu respektuji.
Re: prosím o kontrolu fb vir
výsledek z OTM
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: admin
->Temp folder emptied: 82036235 bytes
->Temporary Internet Files folder emptied: 40981621 bytes
->FireFox cache emptied: 24512082 bytes
->Google Chrome cache emptied: 324766291 bytes
->Flash cache emptied: 4966 bytes
User: All Users
User: All Users.WINDOWS
User: DanielaZenozickova
->Temp folder emptied: 1297377309 bytes
->Temporary Internet Files folder emptied: 232911167 bytes
->Java cache emptied: 69383219 bytes
->FireFox cache emptied: 55065149 bytes
->Flash cache emptied: 3468260 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 333640 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService.NT AUTHORITY
->Temp folder emptied: 200776 bytes
->Temporary Internet Files folder emptied: 33237 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148726 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1927478 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 110191905 bytes
Total Files Cleaned = 2 142,00 mb
========== SERVICES/DRIVERS ==========
Error: No service named MpKsl2736ded9 was found to stop!
Service\Driver key MpKsl2736ded9 not found.
========== FILES ==========
File/Folder C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{46245B35-AE02-45AA-AB6C-59F69C73F292}\MpKsl2736ded9.sys not found.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004UA.job moved successfully.
C:\WINDOWS\tasks\MP Scheduled Scan.job moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{DFB3540A-35A1-4435-BC9A-295BD1A399DE}.job moved successfully.
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Persistence deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RTHDCPL deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
OTM by OldTimer - Version 3.1.18.0 log created on 07282011_122519
Files moved on Reboot...
Registry entries deleted on Reboot...
výsledek RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-07-28 13:27:24
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 1015 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:27:31, on 28.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Vision\vision32.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5640734250
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5641478578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
--
End of file - 4605 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\4k90efey.default
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
chci se zeptat, ten kód, co se jste mi poslal na vložení OTM se používá na čištění registrů a nepotřebných dat? Dá se to použít když chci vyčistit zapráskaný malý notes, na kterém není téměř žádné místo? Celkem má asi3,7GB a jsou na něm XP, asi nějaky osekany. dat se tam už pak nevleze.Díky
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: admin
->Temp folder emptied: 82036235 bytes
->Temporary Internet Files folder emptied: 40981621 bytes
->FireFox cache emptied: 24512082 bytes
->Google Chrome cache emptied: 324766291 bytes
->Flash cache emptied: 4966 bytes
User: All Users
User: All Users.WINDOWS
User: DanielaZenozickova
->Temp folder emptied: 1297377309 bytes
->Temporary Internet Files folder emptied: 232911167 bytes
->Java cache emptied: 69383219 bytes
->FireFox cache emptied: 55065149 bytes
->Flash cache emptied: 3468260 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 333640 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService.NT AUTHORITY
->Temp folder emptied: 200776 bytes
->Temporary Internet Files folder emptied: 33237 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148726 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1927478 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 110191905 bytes
Total Files Cleaned = 2 142,00 mb
========== SERVICES/DRIVERS ==========
Error: No service named MpKsl2736ded9 was found to stop!
Service\Driver key MpKsl2736ded9 not found.
========== FILES ==========
File/Folder C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{46245B35-AE02-45AA-AB6C-59F69C73F292}\MpKsl2736ded9.sys not found.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1801674531-711724446-1004UA.job moved successfully.
C:\WINDOWS\tasks\MP Scheduled Scan.job moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{DFB3540A-35A1-4435-BC9A-295BD1A399DE}.job moved successfully.
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Persistence deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RTHDCPL deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
OTM by OldTimer - Version 3.1.18.0 log created on 07282011_122519
Files moved on Reboot...
Registry entries deleted on Reboot...
výsledek RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-07-28 13:27:24
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 1015 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:27:31, on 28.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Vision\vision32.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5640734250
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5641478578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
--
End of file - 4605 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\4k90efey.default
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
chci se zeptat, ten kód, co se jste mi poslal na vložení OTM se používá na čištění registrů a nepotřebných dat? Dá se to použít když chci vyčistit zapráskaný malý notes, na kterém není téměř žádné místo? Celkem má asi3,7GB a jsou na něm XP, asi nějaky osekany. dat se tam už pak nevleze.Díky
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: prosím o kontrolu fb vir
Můžete prosím udělat log z RSIT ještě jednou? Tento není kompletní.
OTM se používá pro různé mazání, bez skriptu ovšem nic neudělá. A skript je potřeba napsat pro každý počítač individuálně na základě logu. Klidně sem hoďte i log z onoho notebooku (do nového tématu prosím) a vymyslíme, jak ho trochu popohnat
.
OTM se používá pro různé mazání, bez skriptu ovšem nic neudělá. A skript je potřeba napsat pro každý počítač individuálně na základě logu. Klidně sem hoďte i log z onoho notebooku (do nového tématu prosím) a vymyslíme, jak ho trochu popohnat
.Koupím trochu času, cenu respektuji.
Re: prosím o kontrolu fb vir
ok tak znovu a celý log
Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-07-28 14:34:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 1015 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:34:53, on 28.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Vision\vision32.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5640734250
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5641478578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
--
End of file - 4380 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\4k90efey.default
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe:*:Enabled:Backgammon v Internetu"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-07-28 12:25:19 ----D---- C:\_OTM
2011-07-28 12:15:59 ----D---- C:\WINDOWS\system32\XPSViewer
2011-07-28 12:15:54 ----D---- C:\Program Files\MSBuild
2011-07-28 12:15:52 ----D---- C:\WINDOWS\system32\en-US
2011-07-28 12:15:43 ----D---- C:\Program Files\Reference Assemblies
2011-07-28 12:14:48 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-07-28 12:14:48 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-07-28 12:14:47 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-07-28 12:13:36 ----RSD---- C:\WINDOWS\assembly
2011-07-28 12:12:58 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-27 17:23:53 ----D---- C:\Documents and Settings\admin\Data aplikací\Locktime
2011-07-27 16:21:39 ----D---- C:\Documents and Settings\admin\Data aplikací\Malwarebytes
2011-07-27 16:21:36 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-27 16:21:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2011-07-27 16:21:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-27 16:21:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-27 15:29:59 ----D---- C:\rsit
2011-07-27 15:29:59 ----D---- C:\Program Files\trend micro
2011-07-27 15:06:38 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Locktime
2011-07-27 15:06:33 ----D---- C:\Program Files\NetLimiter 2 Monitor
2011-07-20 09:33:34 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2011-07-15 08:13:49 ----D---- C:\s4cyklo
2011-07-15 08:11:29 ----D---- C:\totalcmd
2011-07-15 08:11:29 ----A---- C:\WINDOWS\UC.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\RAR.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\PKZIP.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\LHA.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\ARJ.PIF
2011-07-13 16:15:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 16:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-06-29 15:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
======List of files/folders modified in the last 1 month======
2011-07-28 13:27:31 ----D---- C:\WINDOWS\Prefetch
2011-07-28 13:10:38 ----D---- C:\WINDOWS\Temp
2011-07-28 12:39:09 ----SD---- C:\WINDOWS\Tasks
2011-07-28 12:34:48 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-28 12:34:16 ----D---- C:\WINDOWS
2011-07-28 12:33:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-28 12:29:40 ----D---- C:\WINDOWS\system32
2011-07-28 12:17:03 ----SHD---- C:\WINDOWS\Installer
2011-07-28 12:17:03 ----SHD---- C:\Config.Msi
2011-07-28 12:16:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-28 12:15:54 ----RD---- C:\Program Files
2011-07-28 12:15:50 ----RSD---- C:\WINDOWS\Fonts
2011-07-28 12:15:30 ----HD---- C:\WINDOWS\inf
2011-07-28 12:15:22 ----D---- C:\WINDOWS\system32\spool
2011-07-28 12:15:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-28 12:14:00 ----D---- C:\WINDOWS\WinSxS
2011-07-28 12:13:08 ----D---- C:\WINDOWS\system32\mui
2011-07-28 12:13:08 ----D---- C:\Program Files\Internet Explorer
2011-07-28 07:49:28 ----D---- C:\Program Files\Microsoft Security Client
2011-07-27 17:26:54 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 17:23:43 ----D---- C:\WINDOWS\system32\config
2011-07-27 17:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2011-07-15 08:56:52 ----D---- C:\WINDOWS\security
2011-07-15 08:16:21 ----A---- C:\WINDOWS\WINCMD.INI
2011-07-13 16:15:16 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 08:12:04 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-11 14:47:58 ----D---- C:\Documents and Settings\admin\Data aplikací\Mozilla
2011-07-11 14:47:50 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl6dc5a790;MpKsl6dc5a790; \??\C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6A1EB152-D716-4F01-9518-A68BC37EB39A}\MpKsl6dc5a790.sys []
R1 MpKsl95042b30;MpKsl95042b30; \??\C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6A1EB152-D716-4F01-9518-A68BC37EB39A}\MpKsl95042b30.sys []
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-12-21 30720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-05-18 5870080]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2011-05-18 1684736]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2011-05-18 1389056]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe [2010-03-25 495616]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2011-07-28 14:34:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 1015 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:34:53, on 28.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Vision\vision32.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\admin\Plocha\putty.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5640734250
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5641478578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
--
End of file - 4380 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\4k90efey.default
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe:*:Enabled:Backgammon v Internetu"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-07-28 12:25:19 ----D---- C:\_OTM
2011-07-28 12:15:59 ----D---- C:\WINDOWS\system32\XPSViewer
2011-07-28 12:15:54 ----D---- C:\Program Files\MSBuild
2011-07-28 12:15:52 ----D---- C:\WINDOWS\system32\en-US
2011-07-28 12:15:43 ----D---- C:\Program Files\Reference Assemblies
2011-07-28 12:14:48 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-07-28 12:14:48 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-07-28 12:14:47 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-07-28 12:13:36 ----RSD---- C:\WINDOWS\assembly
2011-07-28 12:12:58 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-27 17:23:53 ----D---- C:\Documents and Settings\admin\Data aplikací\Locktime
2011-07-27 16:21:39 ----D---- C:\Documents and Settings\admin\Data aplikací\Malwarebytes
2011-07-27 16:21:36 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-27 16:21:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2011-07-27 16:21:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-27 16:21:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-27 15:29:59 ----D---- C:\rsit
2011-07-27 15:29:59 ----D---- C:\Program Files\trend micro
2011-07-27 15:06:38 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Locktime
2011-07-27 15:06:33 ----D---- C:\Program Files\NetLimiter 2 Monitor
2011-07-20 09:33:34 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2011-07-15 08:13:49 ----D---- C:\s4cyklo
2011-07-15 08:11:29 ----D---- C:\totalcmd
2011-07-15 08:11:29 ----A---- C:\WINDOWS\UC.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\RAR.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\PKZIP.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\LHA.PIF
2011-07-15 08:11:29 ----A---- C:\WINDOWS\ARJ.PIF
2011-07-13 16:15:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 16:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-06-29 15:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
======List of files/folders modified in the last 1 month======
2011-07-28 13:27:31 ----D---- C:\WINDOWS\Prefetch
2011-07-28 13:10:38 ----D---- C:\WINDOWS\Temp
2011-07-28 12:39:09 ----SD---- C:\WINDOWS\Tasks
2011-07-28 12:34:48 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-28 12:34:16 ----D---- C:\WINDOWS
2011-07-28 12:33:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-28 12:29:40 ----D---- C:\WINDOWS\system32
2011-07-28 12:17:03 ----SHD---- C:\WINDOWS\Installer
2011-07-28 12:17:03 ----SHD---- C:\Config.Msi
2011-07-28 12:16:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-28 12:15:54 ----RD---- C:\Program Files
2011-07-28 12:15:50 ----RSD---- C:\WINDOWS\Fonts
2011-07-28 12:15:30 ----HD---- C:\WINDOWS\inf
2011-07-28 12:15:22 ----D---- C:\WINDOWS\system32\spool
2011-07-28 12:15:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-28 12:14:00 ----D---- C:\WINDOWS\WinSxS
2011-07-28 12:13:08 ----D---- C:\WINDOWS\system32\mui
2011-07-28 12:13:08 ----D---- C:\Program Files\Internet Explorer
2011-07-28 07:49:28 ----D---- C:\Program Files\Microsoft Security Client
2011-07-27 17:26:54 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 17:23:43 ----D---- C:\WINDOWS\system32\config
2011-07-27 17:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2011-07-15 08:56:52 ----D---- C:\WINDOWS\security
2011-07-15 08:16:21 ----A---- C:\WINDOWS\WINCMD.INI
2011-07-13 16:15:16 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 08:12:04 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-11 14:47:58 ----D---- C:\Documents and Settings\admin\Data aplikací\Mozilla
2011-07-11 14:47:50 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl6dc5a790;MpKsl6dc5a790; \??\C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6A1EB152-D716-4F01-9518-A68BC37EB39A}\MpKsl6dc5a790.sys []
R1 MpKsl95042b30;MpKsl95042b30; \??\C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6A1EB152-D716-4F01-9518-A68BC37EB39A}\MpKsl95042b30.sys []
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-12-21 30720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-05-18 5870080]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2011-05-18 1684736]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2011-05-18 1389056]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe [2010-03-25 495616]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: prosím o kontrolu fb vir
Tak ještě uklidíme (některé antiviry mohou tyto utility chybně označit za vir, pokud by se tak stalo, hlášku ignorujte, popř. antivir dočasně vypněte. Po použití utility smažte):
Odinstalujte MBAM.
Stáhněte OTC, Spusťte jej a stiskněte CleanUp! Bude následovat restart.
Stáhněte TFC, spusťte jej a dejte Start.
Stáhněte CCleaner, nainstalujte a spusťte.
Odinstalujte MBAM. Stáhněte OTC, Spusťte jej a stiskněte CleanUp! Bude následovat restart. Stáhněte TFC, spusťte jej a dejte Start. Stáhněte CCleaner, nainstalujte a spusťte.
- Na záložce Čistič stiskněte tlačítko Spustit Cleaner
- Po provedení přepněte na záložku Registry, stiskněte Hledej problémy a poté Opravit vybrané problémy. Opakujte, dokud nebude po hledání problémů seznam prázdný.
Koupím trochu času, cenu respektuji.
Re: prosím o kontrolu fb vir
tak jestli je to vše, tak děkuji mockrát, založím si tedy nové téma, až budu mít u sebe zbytek kompů, jeden potřebuje pořádnou očistu a druhej má nějakej problém s neustálými restarty při práci s čímkoliv, Děkujíí
Přispějete na provoz fóra?