Logfile of random's system information tool 1.09 (written by random/random)
Run by Silar at 2011-08-23 14:53:21
Microsoft Windows 7 Professional
System drive C: has 89 GB (59%) free of 152 GB
Total RAM: 4094 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:28, on 23.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\TC UP\TC UP.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrintNShareProxyUI.exe
C:\Program Files (x86)\TC UP\totalcmd.exe
C:\Windows\update.tray-12-0\svchost.exe
C:\Windows\update.tray-7-0\svchost.exe
C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrnNShareWebAPI.exe
C:\Windows\systemup.exe
C:\Windows\l1rezerv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\silar\Desktop\GoogleChromePortable\GoogleChromePortable.exe
C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe
C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe
C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe
C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe
C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe
C:\Program Files\trend micro\Silar.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TC UP] "C:\Program Files (x86)\TC UP\TC UP.exe" /wnd=min
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Heleni Uploader] C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrintNShareProxyUI.exe
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-12-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\Windows\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [7257190.exe] "C:\Windows\Temp\7257190.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [8698239.exe] "C:\Users\silar\AppData\Local\Temp\8698239.exe"
O4 - HKLM\..\Run: [systemup] "C:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [29004779-loader2.exe] "C:\Windows\Temp\29004779-loader2.exe"
O4 - HKLM\..\Run: [7327027.exe] "C:\Windows\Temp\7327027.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKLM\..\Run: [2441227.exe] "C:\Windows\Temp\2441227.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\silar\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Správce systému Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
O4 - Global Startup: TdmNotify.lnk = C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = daphk.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = daphk.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = daphk.local
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing)
O23 - Service: Správce systému Dell ControlPoint System Manager (dcpsysmgrsvc) - Dell Inc. - c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
O23 - Service: ddservice - Unknown owner - C:\Windows\update.7.1\svchostdriver.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBM Network License Server (IBM LUM LMD) - IBM - C:\IFOR\WIN\BIN\I4LMD.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmarTeam Diagnostic Agent - Dassault Systemes - C:\Aplikace\SmarTeam\Diagnostics\Bin\SmarTeam.Std.Diagnostics.Agent.Host.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe
--
End of file - 12215 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\update.7.1\svchostdriver.exe srv
C:\IFOR\WIN\BIN\I4LMD.EXE
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
CMD.EXE /C "C:\IFOR\WIN\BIN\I4LS.EXE 1> C:\ifor\ls\conf\I4LMD.TRC 2>&1 "
C:\Windows\System32\svchost.exe -k HPZ12
\??\C:\Windows\system32\conhost.exe "-815446857-692451572473614113994462310-79199591320942737402693091351739048639
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\IFOR\WIN\BIN\I4LS.EXE
C:\Windows\update.5.0\svchost.exe srv
"C:\Windows\update.7.1\svchostdriver.exe" stand
C:\Windows\update.2\svchost.exe srv
"C:\Windows\update.5.0\svchost.exe" stand
C:\Windows\sysdriver32.exe srv
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Windows\update.1\svchost.exe srv
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2b87b3f0-361c-4e55-a2b5-6cc42daa6d4c -SystemEventPortName:HostProcess-88877950-194a-4fc3-a7f5-642a26be132a -IoCancelEventPortName:HostProcess-adbf5954-ed1f-41af-b743-ecee1869c8df -NonStateChangingEventPortName:HostProcess-873c8cdb-d6d7-453c-9959-cecf8a68fd30 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:24218edf-5760-4457-aa87-e945494cb377
"C:\Windows\update.2\svchost.exe" stand
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe"
"C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe"
"C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"C:\Program Files (x86)\TC UP\TC UP.exe" /wnd=min
"C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe" -startup
"C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrintNShareProxyUI.exe"
totalcmd.exe /i="C:\Program Files (x86)\TC UP\wincmd.ini" /wnd=min
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Windows\update.tray-12-0\svchost.exe"
"C:\Windows\update.tray-7-0\svchost.exe"
"C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrnNShareWebAPI.exe"
\??\C:\Windows\system32\conhost.exe "2065752731-670971249-1241561073404964811-518277300-1515913311-1063188060420528109
"C:\Windows\systemup.exe" stand
"C:\Windows\l1rezerv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {DFBFB679-4C27-4C92-BE24-57E46E8D4BEC}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\ufa\ufa.exe -o http://127.0.0.1:55697
\??\C:\Windows\system32\conhost.exe "1573361219-377279428-93822414-11819208271580577643-513289128-2191302381272350661
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\silar\Desktop\GoogleChromePortable\GoogleChromePortable.exe"
"C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe" -user-data-dir="C:\Users\silar\Desktop\GoogleChromePortable\Data\profile" --disk-cache-dir="C:\Users\silar\AppData\Local\Temp\GoogleChromePortable"
"C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe" --type=extension --lang=cs --force-fieldtest=DnsImpact/_disabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/ --user-data-dir=C:\Users\silar\Desktop\GoogleChromePortable\Data\profile --channel=188.009AEA80.1360308493 --ignored=" --type=renderer "
"C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/DnsImpact/_disabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/ --user-data-dir=C:\Users\silar\Desktop\GoogleChromePortable\Data\profile --channel=188.06A83180.2014270836
"C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe" --type=plugin --plugin-path=C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\5.0.375.125\gcswf32.dll --user-data-dir=C:\Users\silar\Desktop\GoogleChromePortable\Data\profile --lang=cs --plugin-data-dir=C:\Users\silar\Desktop\GoogleChromePortable\Data\profile\Default --channel=188.07519000.1954126361
"C:\Users\silar\Desktop\GoogleChromePortable\App\Chrome-bin\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/DnsImpact/_disabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/ --user-data-dir=C:\Users\silar\Desktop\GoogleChromePortable\Data\profile --channel=188.07517600.42056183
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\silar\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3048634657-1988731742-3355178702-1386Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3048634657-1988731742-3355178702-1386UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-12-03 1712232]
"DellControlPoint"=C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [2009-11-02 657920]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2010-04-05 34232]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Google Update"=C:\Users\silar\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-04-23 1314816]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-06-24 140520]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"TC UP"=C:\Program Files (x86)\TC UP\TC UP.exe [2010-11-14 615936]
"PCSuiteTrayApplication"=C:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"Heleni Uploader"=C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPePrintNShareProxyUI.exe [2011-06-27 136192]
"wxpdrv"=C:\Windows\services32.exe [2011-08-22 1213440]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-12-0\svchost.exe [2011-08-22 1213440]
"tray_ico1"=C:\Windows\update.tray-7-0\svchost.exe [2011-08-22 1213440]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"7257190.exe"=C:\Windows\Temp\7257190.exe [2011-08-23 258048]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-08-23 258048]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-08-23 258048]
"8698239.exe"=C:\Users\silar\AppData\Local\Temp\8698239.exe [2011-08-23 258048]
"systemup"=C:\Windows\systemup.exe [2011-08-23 137728]
"29004779-loader2.exe"=C:\Windows\Temp\29004779-loader2.exe [2011-08-23 258048]
"7327027.exe"=C:\Windows\Temp\7327027.exe [2011-08-23 258048]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-08-23 232960]
"2441227.exe"=C:\Windows\Temp\2441227.exe [2011-08-23 635904]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Správce systému Dell ControlPoint System Manager.lnk - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
TdmNotify.lnk - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceStartMenuLogOff"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-08-23 14:53:21 ----D---- C:\rsit
2011-08-23 14:53:21 ----D---- C:\Program Files\trend micro
2011-08-23 14:45:39 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-08-23 14:45:39 ----HD---- C:\Windows\update.tray-7-0
2011-08-23 14:44:05 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-08-23 14:44:04 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-08-23 14:44:04 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-08-23 14:44:04 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-08-23 14:44:04 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-08-23 14:44:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-08-23 14:44:04 ----A---- C:\Windows\system32\aswBoot.exe
2011-08-23 14:43:58 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-08-23 14:43:58 ----A---- C:\Windows\avastSS.scr
2011-08-23 06:40:25 ----D---- C:\Windows\ufa
2011-08-23 06:40:25 ----D---- C:\Windows\rpcminer
2011-08-23 06:40:25 ----D---- C:\Windows\phoenix
2011-08-23 06:34:44 ----A---- C:\Windows\l1rezerv.exe
2011-08-23 06:32:38 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-23 06:32:20 ----HD---- C:\Windows\update.7.1
2011-08-23 06:29:48 ----HD---- C:\Windows\update.2
2011-08-23 06:29:41 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-23 06:28:54 ----HD---- C:\Windows\update.5.0
2011-08-23 06:28:16 ----A---- C:\Windows\unrar.exe
2011-08-23 06:28:16 ----A---- C:\Windows\systemup.exe
2011-08-23 06:26:51 ----A---- C:\Windows\iplist.txt
2011-08-23 06:25:46 ----A---- C:\Windows\sysdriver32_.exe
2011-08-23 06:25:32 ----A---- C:\Windows\sysdriver32.exe
2011-08-23 06:25:16 ----A---- C:\Windows\front_ip_list.txt
2011-08-23 06:24:24 ----D---- C:\Windows\av_ico
2011-08-23 06:22:54 ----HD---- C:\Windows\update.1
2011-08-23 06:22:51 ----HD---- C:\Windows\update.tray-12-0-lnk
2011-08-23 06:22:51 ----HD---- C:\Windows\update.tray-12-0
2011-08-22 14:34:58 ----A---- C:\Windows\winlog-ids.txt
2011-08-22 14:34:58 ----A---- C:\Windows\winlog-dirs.txt
2011-08-22 14:34:54 ----A---- C:\Windows\services32.exe
2011-08-18 12:14:53 ----HD---- C:\ProgramData\CanonBJ
2011-08-10 12:05:54 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-08-10 12:05:54 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-08-10 12:05:54 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-08-10 12:05:54 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-08-10 12:05:54 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-08-10 12:05:54 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 12:05:54 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 12:05:54 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 12:05:54 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-10 12:05:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 12:05:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 12:05:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-08-10 12:05:19 ----A---- C:\Windows\system32\ntvdm64.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 12:05:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 12:05:18 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-08-10 12:05:18 ----A---- C:\Windows\SYSWOW64\user.exe
2011-08-10 12:05:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-08-10 12:05:18 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-08-10 12:05:18 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-08-10 12:05:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-08-10 12:05:18 ----A---- C:\Windows\system32\wow64win.dll
2011-08-10 12:05:18 ----A---- C:\Windows\system32\wow64cpu.dll
2011-08-10 12:05:18 ----A---- C:\Windows\system32\wow64.dll
2011-08-10 12:05:18 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 12:05:18 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 12:05:18 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 12:05:18 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 12:04:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 12:00:45 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-08-10 12:00:45 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-08-10 12:00:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-10 12:00:45 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 12:00:45 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 12:00:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-10 12:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-10 12:00:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-08-10 12:00:44 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 12:00:44 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-10 12:00:44 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 12:00:43 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-10 12:00:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-10 12:00:43 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-08-10 12:00:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-10 12:00:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-08-10 12:00:43 ----A---- C:\Windows\system32\url.dll
2011-08-10 12:00:43 ----A---- C:\Windows\system32\mstime.dll
2011-08-10 12:00:43 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-10 12:00:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-10 12:00:43 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-10 12:00:43 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-10 12:00:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-10 12:00:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-08-10 12:00:42 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 12:00:42 ----A---- C:\Windows\system32\iepeers.dll
2011-08-10 12:00:40 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 12:00:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-10 12:00:39 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 12:00:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-10 12:00:38 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-08-10 12:00:38 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 12:00:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-10 12:00:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 12:00:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-08 12:59:56 ----D---- C:\Users\silar\AppData\Roaming\gtk-2.0
2011-08-08 12:50:51 ----D---- C:\Program Files (x86)\Dia
2011-08-08 05:36:09 ----D---- C:\Program Files (x86)\FlashOffliner
2011-07-27 13:14:31 ----D---- C:\Users\silar\AppData\Roaming\Hewlett-Packard
2011-07-27 13:13:30 ----A---- C:\Windows\SYSWOW64\hpcdmc32.dll
2011-07-27 13:13:30 ----A---- C:\Windows\system32\hpltlm5.dll
2011-07-27 13:13:30 ----A---- C:\Windows\system32\hpipn7sm.dll
2011-07-27 13:13:26 ----A---- C:\Windows\system32\hpprintmon.dll
2011-07-27 13:12:42 ----D---- C:\ProgramData\Downloaded Installations
======List of files/folders modified in the last 1 month======
2011-08-23 14:53:28 ----D---- C:\Windows\Prefetch
2011-08-23 14:53:21 ----RD---- C:\Program Files
2011-08-23 14:52:56 ----D---- C:\Windows\System32
2011-08-23 14:52:56 ----D---- C:\Windows\inf
2011-08-23 14:52:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-23 14:52:37 ----D---- C:\Windows\Temp
2011-08-23 14:49:47 ----D---- C:\Windows\system32\config
2011-08-23 14:48:25 ----D---- C:\Windows\system32\catroot2
2011-08-23 14:45:39 ----D---- C:\Windows
2011-08-23 14:44:05 ----D---- C:\Windows\system32\drivers
2011-08-23 14:44:04 ----D---- C:\Windows\SysWOW64
2011-08-23 14:44:03 ----SHD---- C:\Windows\Installer
2011-08-23 14:43:54 ----HD---- C:\ProgramData
2011-08-23 14:43:53 ----SHD---- C:\System Volume Information
2011-08-23 06:30:05 ----D---- C:\Windows\system32\drivers\etc
2011-08-23 06:22:52 ----RD---- C:\Program Files (x86)
2011-08-22 12:11:54 ----D---- C:\Windows\system32\drivers\Avg
2011-08-22 05:21:35 ----D---- C:\Presun
2011-08-18 14:35:20 ----D---- C:\Windows\system32\wdi
2011-08-17 08:19:45 ----D---- C:\ProgramData\boost_interprocess
2011-08-12 13:21:56 ----RSD---- C:\Windows\assembly
2011-08-12 13:21:56 ----D---- C:\Windows\Microsoft.NET
2011-08-11 05:54:25 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-08-11 05:43:47 ----D---- C:\Program Files (x86)\Common Files
2011-08-11 05:43:26 ----D---- C:\Program Files (x86)\Nvu
2011-08-11 05:30:24 ----D---- C:\Windows\winsxs
2011-08-10 14:49:15 ----D---- C:\Windows\SYSWOW64\migration
2011-08-10 14:49:15 ----D---- C:\Windows\system32\migration
2011-08-10 14:49:15 ----D---- C:\Windows\AppPatch
2011-08-10 14:49:15 ----D---- C:\Program Files\Internet Explorer
2011-08-10 14:49:15 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-10 12:05:59 ----D---- C:\Windows\system32\catroot
2011-08-10 12:04:03 ----A---- C:\Windows\win.ini
2011-08-05 06:56:58 ----RSD---- C:\Windows\Fonts
2011-07-29 13:16:13 ----SD---- C:\ProgramData\Microsoft
2011-07-27 13:13:33 ----D---- C:\Windows\system32\DriverStore
2011-07-27 13:13:24 ----D---- C:\Program Files\Hewlett-Packard
2011-07-26 09:35:34 ----D---- C:\Temp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx64;avgrkx64.sys; C:\Windows\System32\Drivers\avgrkx64.sys [2010-09-02 56008]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 32240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 AvgLdx64;AVG AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2010-09-02 269904]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2010-09-02 35536]
R1 AvgTdiA;AVG Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2011-05-06 317520]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2009-12-16 24592]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-04-23 497152]
R3 MOSUMAC;USB-Ethernet Driver; C:\Windows\system32\DRIVERS\USBMAC64.SYS [2009-12-07 55296]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-09-20 145360]
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2009-10-25 23552]
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys [2010-02-10 103424]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-08-05 41472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 dcpsysmgrsvc;Správce systému Dell ControlPoint System Manager; c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2010-02-08 515952]
R2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe [2011-08-23 382464]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 IBM LUM LMD;IBM Network License Server; C:\IFOR\WIN\BIN\I4LMD.EXE [2009-12-16 96784]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-10-27 6807656]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-12-04 383592]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-08-23 355840]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-08-23 635904]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-08-23 258048]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2010-03-29 2363240]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-08-22 1213440]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 avg9wd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-21 1436424]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2010-02-03 1558016]
S3 SmarTeam Diagnostic Agent;SmarTeam Diagnostic Agent; C:\Aplikace\SmarTeam\Diagnostics\Bin\SmarTeam.Std.Diagnostics.Agent.Host.exe [2010-05-13 12800]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-01 1255736]
S4 IBM LUM CR;IBM Central Registry License Server; C:\IFOR\WIN\BIN\I4GDB.EXE [2009-12-16 96784]
S4 IBM LUM NDL;IBM Nodelock License Server; C:\IFOR\WIN\BIN\I4LLMD.EXE [2009-12-16 96784]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Děkuji za pomoc
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Facebook vir v chatu a záhadné odinstalování AVG
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Facebook vir v chatu a záhadné odinstalování AVG
Naposledy upravil(a) Seraph83 dne 24 srp 2011 12:22, celkem upraveno 1 x.
live girls chat for singles - https://privateladyescorts.com - private dating with real women
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Facebook vir v chatu
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Facebook vir v chatu
Malwarebytes' Anti-Malware 1.51.1.1800
http://www.malwarebytes.org
Verze databáze: 7550
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
24.8.2011 7:45:54
mbam-log-2011-08-24 (07-45-46).txt
Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 574161
Uplynulý čas: 30 minut, 31 sekund
Infikované procesy v paměti: 12
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 14
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 48
Infikované procesy v paměti:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 2188 -> No action taken.
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 4692 -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2340 -> No action taken.
c:\Windows\update.tray-12-0\svchost.exe (Trojan.Dropper) -> 4616 -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 4652 -> No action taken.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> 4732 -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> 3404 -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent.Gen) -> 1232 -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 5772 -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 5852 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2028 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 1692 -> No action taken.
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7257190.exe (Trojan.Agent) -> Value: 7257190.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8698239.exe (Trojan.Agent) -> Value: 8698239.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\29004779-loader2.exe (Trojan.Agent) -> Value: 29004779-loader2.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7327027.exe (Trojan.Agent) -> Value: 7327027.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent.Gen) -> Value: systemup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7405409.exe (Trojan.Agent) -> Value: 7405409.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> No action taken.
Infikované soubory:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-12-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> No action taken.
c:\Windows\services32.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\7257190.exe (Trojan.Agent) -> No action taken.
c:\Users\silar\AppData\Local\Temp\8698239.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\29004779-loader2.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\7327027.exe (Trojan.Agent) -> No action taken.
c:\$Recycle.Bin\s-1-5-21-3048634657-1988731742-3355178702-1386\$RNGYIBX.exe (Trojan.Dropper) -> No action taken.
c:\Windows\installer\$patchcache$\Managed\cdf9e628859ed5144bf2927f08b1d7e9\5.19.0\smarteam.std.bom.copy.ui.log (Extension.Mismatch) -> No action taken.
c:\Windows\installer\$patchcache$\Managed\cdf9e628859ed5144bf2927f08b1d7e9\5.19.0\smarteam.std.bom.maps.ui.log (Extension.Mismatch) -> No action taken.
c:\Windows\Temp\2614684.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\48634_myunrar2.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\6511725.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\95520548.exe (Trojan.Downloader) -> No action taken.
c:\Windows\Temp\9631418.exe (Trojan.Agent) -> No action taken.
c:\Windows\update.tray-12-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent.Gen) -> No action taken.
c:\Windows\Temp\1880055.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\2441227.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\2840620.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\4762318.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\5424170.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\5487888.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\6153637.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\7405409.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\9966682.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\915959372.exe (Trojan.FakeAlert.Gen) -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.
Během testu mi zablokoval mbam process svchost.exe
A nabídl mi abych dal proces svchost do karanteny (backdoor agent)
Jedná se o firemní pc, nebude problém po odvirování s nastavením pošty? Jak píšete v podpisu.
Jo a je možné aby mi ten vir odinstaloval AVG? Protože jsem ho měl nainstalované a teprve jak jsem zjistil přítomnost viru v chatu, jsem chtěl provést kontrolu avg, ale bylo pryč.
http://www.malwarebytes.org
Verze databáze: 7550
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
24.8.2011 7:45:54
mbam-log-2011-08-24 (07-45-46).txt
Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 574161
Uplynulý čas: 30 minut, 31 sekund
Infikované procesy v paměti: 12
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 14
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 48
Infikované procesy v paměti:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 2188 -> No action taken.
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 4692 -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2340 -> No action taken.
c:\Windows\update.tray-12-0\svchost.exe (Trojan.Dropper) -> 4616 -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 4652 -> No action taken.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> 4732 -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> 3404 -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent.Gen) -> 1232 -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 5772 -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 5852 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2028 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 1692 -> No action taken.
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7257190.exe (Trojan.Agent) -> Value: 7257190.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8698239.exe (Trojan.Agent) -> Value: 8698239.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\29004779-loader2.exe (Trojan.Agent) -> Value: 29004779-loader2.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7327027.exe (Trojan.Agent) -> Value: 7327027.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent.Gen) -> Value: systemup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7405409.exe (Trojan.Agent) -> Value: 7405409.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> No action taken.
Infikované soubory:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-12-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> No action taken.
c:\Windows\services32.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\7257190.exe (Trojan.Agent) -> No action taken.
c:\Users\silar\AppData\Local\Temp\8698239.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\29004779-loader2.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\7327027.exe (Trojan.Agent) -> No action taken.
c:\$Recycle.Bin\s-1-5-21-3048634657-1988731742-3355178702-1386\$RNGYIBX.exe (Trojan.Dropper) -> No action taken.
c:\Windows\installer\$patchcache$\Managed\cdf9e628859ed5144bf2927f08b1d7e9\5.19.0\smarteam.std.bom.copy.ui.log (Extension.Mismatch) -> No action taken.
c:\Windows\installer\$patchcache$\Managed\cdf9e628859ed5144bf2927f08b1d7e9\5.19.0\smarteam.std.bom.maps.ui.log (Extension.Mismatch) -> No action taken.
c:\Windows\Temp\2614684.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\48634_myunrar2.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\6511725.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\95520548.exe (Trojan.Downloader) -> No action taken.
c:\Windows\Temp\9631418.exe (Trojan.Agent) -> No action taken.
c:\Windows\update.tray-12-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent.Gen) -> No action taken.
c:\Windows\Temp\1880055.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\2441227.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\2840620.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\4762318.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\5424170.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\5487888.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\6153637.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\7405409.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\9966682.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\915959372.exe (Trojan.FakeAlert.Gen) -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.
Během testu mi zablokoval mbam process svchost.exe
A nabídl mi abych dal proces svchost do karanteny (backdoor agent)
Jedná se o firemní pc, nebude problém po odvirování s nastavením pošty? Jak píšete v podpisu.
Jo a je možné aby mi ten vir odinstaloval AVG? Protože jsem ho měl nainstalované a teprve jak jsem zjistil přítomnost viru v chatu, jsem chtěl provést kontrolu avg, ale bylo pryč.
live girls chat for singles - https://privateladyescorts.com - private dating with real women
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Facebook vir v chatu a záhadné odinstalování AVG
Nezlobte se, ale pokud se jedná o firemní PC, nebudu se jím zabývat, neboť takový stroj by měl udržovat někdo kdo je za to placený. A jeho práci tady nikdo nehodlá suplovat. Patrně jste nečetl pravidla fóra: http://www.viry.cz/forum/viewtopic.php?f=12&t=2784 (bod 7). Vše co MBAM nalezl, smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Facebook vir v chatu a záhadné odinstalování AVG
Děkuji alespoň za tuto radu. Jde o to, že v podstatě v naší firmě tento informatik není. Jak je psáno v bodě 7. Jedná se pouze o externistu, který se ve firmě objeví jednou do roka. Většinou se s ním musím domluvit telefonicky a ochota něco udělat je mizivá. Většinou vše opravuji sám, jelikož studuji informatiku. Čímž bych se asi neměl chlubit, protože jsem takhle blbě naletěl. Ten vir jsem stáhl kvůli někomu jinému. Nevěděl jsem od něho že je to z facebooku. Aktualizaci jsem stáhl protože mám na prohlížení verzi chrome portable a ta se neaktualizuje sama (z toho důvodu jsem si myslel, že mi chybí aktualizace). Což mě bohužel neomlouvá. Takže jsem psal sem, protože s Vámi mám dobrou zkušenost. 
live girls chat for singles - https://privateladyescorts.com - private dating with real women
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Facebook vir v chatu a záhadné odinstalování AVG
Ono je to takhle. Množily se zde logy, které byly viditelně z PC, která jsou provozována ve velkých sítích. Uznejte, že je poněkud neomalené, abychm my, kteří to tu máme jako dobrovolnou činnost, dělali práci za často solidně placené ajťáky. Vrchol drzosti byl, když si sem dal log ke kontrole člověk, který se tím živí jako podnikatel. Já vám alespoň napovím. V této sekci najdete celou řadu zavirování FB virem a celá řešení. Soubory a adresáře se víceméně opakují, takže si to prolistujte a řešen í jistě najdete.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?