centrum zabespeceni nefungovalo

Zpráva

jarek26 · #1 Příspěvek od **jarek26** » 05 zář 2010 11:00

dobry den,
chcel by jsem se zeptat jak mam pokracovat,protoze notebook,som si koupil primo v obchode ale original windows jsem nedostal,a nemam jak si ho preinstalovat.a dnes jsem se nomohl dostat do centa zabezpeceni.stahnul jsem si combofix,kde nize posilam svoj log,ale nevim jestli je vse v poradku.
pouzivam jenom internet explorer
dekuji

ComboFix 10-09-04.06 - okaynetbook . 09. 2010 10:58:03.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1029.18.1015.548 [GMT 2:00]
Running from: c:\documents and settings\okaynetbook\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\sshnas21.dll
c:\windows\system32\Thumbs.db
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

c:\windows\explorer.exe . . . is infected!!

c:\windows\system32\winlogon.exe . . . is infected!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Legacy_SSHNAS
-------\Service_SSHNAS

((((((((((((((((((((((((( Files Created from 2010-08-05 to 2010-09-05 )))))))))))))))))))))))))))))))
.

2010-09-03 20:53 . 2010-09-03 20:53 -------- d-----w- c:\program files\NETGATE
2010-08-29 13:14 . 2010-08-29 16:34 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-08-29 09:42 . 2005-04-01 15:40 13696 ------w- c:\windows\system32\drivers\NVXBAR.SYS
2010-08-29 09:42 . 2005-04-01 15:40 25442 ------w- c:\windows\system32\drivers\NVTVSND.SYS
2010-08-29 09:42 . 2005-04-01 15:40 21906 ------w- c:\windows\system32\drivers\NVTUNEP.SYS
2010-08-29 09:42 . 2005-04-01 15:40 123614 ------w- c:\windows\system32\drivers\NVCAP.SYS
2010-08-29 09:42 . 2010-08-29 09:42 -------- d-----w- C:\NVIDIA
2010-08-29 08:12 . 2010-08-29 08:12 -------- d-----w- c:\program files\Driver-Soft
2010-08-22 19:33 . 2010-08-22 19:36 48 ----a-w- c:\windows\ELP0102.dat
2010-08-22 19:03 . 2000-08-06 15:00 430080 ----a-w- c:\windows\system32\Msrepl35.dll
2010-08-22 19:03 . 1998-06-17 22:00 89360 ----a-w- c:\windows\system32\vb5db.dll
2010-08-22 19:03 . 1997-06-24 00:04 78848 ----a-w- c:\windows\system32\IC32.DLL
2010-08-22 19:03 . 1995-05-22 06:00 640512 ----a-w- c:\windows\system32\OC30.DLL
2010-08-22 19:03 . 1998-06-08 22:00 137216 ----a-w- c:\windows\system32\MSDERUN.DLL
2010-08-22 19:03 . 1998-04-23 22:00 252176 ----a-w- c:\windows\system32\MSRD2X35.DLL
2010-08-22 19:03 . 2001-04-05 08:43 77824 ----a-w- c:\windows\system32\msbind.dll
2010-08-22 19:03 . 1999-06-10 07:34 570128 ----a-w- c:\windows\system32\DAO350.DLL
2010-08-22 19:03 . 1998-06-17 22:00 299008 ----a-w- c:\windows\system32\MSDBRPTR.DLL
2010-08-22 18:06 . 2010-08-22 18:06 -------- dc-h--w- c:\windows\ie8
2010-08-22 17:41 . 2010-08-22 17:41 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-22 17:37 . 2010-08-22 17:37 -------- d-----w- c:\windows\XSxS
2010-08-22 17:01 . 2007-02-13 22:34 1754 ----a-w- c:\windows\system32\CHOICE.COM
2010-08-22 17:01 . 2005-01-22 17:05 20480 ----a-w- c:\windows\system32\wbload.dll
2010-08-22 17:01 . 2003-02-26 19:27 36864 ------w- c:\windows\system32\wbsys.dll
2010-08-22 17:01 . 2010-08-22 17:01 -------- d-----w- c:\program files\Stardock
2010-08-22 17:00 . 2010-05-04 02:40 -------- d-----w- c:\windows\Icons
2010-08-22 16:59 . 2010-02-10 17:13 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-22 16:58 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-22 16:58 . 2009-07-14 00:15 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-22 16:58 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-22 16:58 . 2009-07-14 00:15 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-22 16:58 . 2010-04-16 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-22 16:58 . 2010-08-22 17:55 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-22 16:53 . 2010-08-22 17:50 -------- d-----w- c:\program files\AIMP2
2010-08-22 16:45 . 2010-08-22 16:45 30272 ----a-w- c:\windows\system32\drivers\pssdk31.drv
2010-08-22 16:10 . 2003-07-06 12:07 372736 ----a-w- c:\windows\system32\ijl15.dll
2010-08-22 16:10 . 2002-03-06 23:19 454656 ----a-w- c:\windows\system32\PaintX.dll
2010-08-22 16:10 . 2000-03-13 22:00 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-08-22 14:02 . 2010-08-22 14:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-18 13:23 . 1998-11-18 14:33 144384 ----a-w- c:\windows\system32\Iacenc.dll
2010-08-18 13:23 . 1997-06-13 06:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2010-08-18 13:20 . 2010-08-18 13:20 -------- d-----w- c:\program files\WMV9_VCM
2010-08-15 19:02 . 2010-08-15 19:25 -------- d-----w- c:\program files\Common Files\Lingea Shared
2010-08-15 13:47 . 2010-08-15 13:47 -------- d-----w- c:\program files\Conduit
2010-08-15 13:44 . 2010-08-15 13:44 -------- d-----w- c:\program files\Google-Translator
2010-08-09 17:06 . 2010-08-09 17:06 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-08-09 17:06 . 2010-08-09 17:06 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-08-07 20:31 . 2010-08-07 20:31 81920 ----a-w- c:\windows\system32\winxqa32.dll
2010-08-07 19:45 . 2010-08-07 19:45 -------- d-----w- c:\windows\solcache
2010-08-07 19:42 . 1998-09-02 06:28 38160 ----a-w- c:\windows\system32\LMRTREND.dll
2010-08-07 19:42 . 1998-08-27 04:51 182032 ----a-w- c:\windows\system32\dxtmsft3.dll
2010-08-07 19:42 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-08-07 19:42 . 1998-09-02 08:28 63488 ----a-w- c:\windows\system32\unam4ie.exe
2010-08-07 19:42 . 1998-09-02 08:02 194320 ----a-w- c:\windows\system32\qcut.dll
2010-08-07 19:42 . 1998-08-17 09:21 10240 ----a-w- c:\windows\system32\vidx16.dll
2010-08-07 19:42 . 1998-08-17 09:21 11776 ----a-w- c:\windows\system32\mciqtz.drv
2010-08-07 19:42 . 2010-08-07 19:42 4608 ----a-w- c:\windows\system32\w95inf32.dll
2010-08-07 19:42 . 2010-08-07 19:42 2272 ----a-w- c:\windows\system32\w95inf16.dll
2010-08-07 19:41 . 2010-08-07 19:42 -------- d-----w- c:\program files\Sierra On-Line
2010-08-07 19:40 . 2010-08-07 19:40 -------- d-----w- c:\documents and settings\okaynetbook\WINDOWS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-05 08:17 . 2009-09-01 22:27 79714 ----a-w- c:\windows\system32\perfc005.dat
2010-09-05 08:17 . 2009-09-01 22:27 432632 ----a-w- c:\windows\system32\perfh005.dat
2010-08-29 16:49 . 2010-05-05 16:51 -------- d-----w- c:\program files\CCleaner
2010-08-29 09:42 . 2009-09-01 21:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-22 19:32 . 2004-03-28 16:35 48 ----a-w- c:\windows\ELP0103.dat
2010-08-22 18:23 . 2010-07-25 18:08 -------- d-----w- c:\program files\Java
2010-08-22 17:54 . 2010-07-25 00:27 -------- d-----w- c:\program files\Internet Download Manager
2010-08-18 13:23 . 2009-09-01 20:59 -------- d-----w- c:\program files\Intel
2010-08-08 17:49 . 2010-05-08 15:08 -------- d-----w- c:\program files\Scorpions WinCheater
2010-07-31 10:44 . 2010-07-31 10:44 -------- d-----w- c:\program files\Chessmaster Challenge
2010-07-31 10:42 . 2010-07-31 10:42 -------- d-----w- c:\program files\ReflexiveArcade
2010-07-31 10:36 . 2010-07-31 10:36 -------- d-----w- c:\program files\DAMN NFO Viewer
2010-07-25 18:09 . 2010-07-25 18:09 -------- d-----w- c:\program files\Common Files\Java
2010-07-25 18:08 . 2010-07-25 18:09 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-25 17:29 . 2010-05-08 13:49 -------- d-----w- c:\program files\ESET
2010-07-25 17:28 . 2010-07-25 17:23 -------- d-----w- c:\program files\ICQ7.2
2010-07-25 17:27 . 2010-07-25 17:27 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-13 20:17 . 2010-07-13 20:17 -------- d-----w- c:\program files\KC Softwares
2010-07-11 16:58 . 2010-07-11 16:58 724992 ----a-w- c:\windows\iun6002.exe
2010-07-09 21:40 . 2009-09-01 21:27 -------- d-----w- c:\program files\Microsoft Works
2010-07-09 21:40 . 2010-05-23 02:27 -------- d-----w- c:\program files\MSBuild
2010-07-09 21:38 . 2010-07-09 21:38 -------- d-----w- c:\program files\Microsoft.NET
2010-07-09 21:36 . 2010-07-09 21:36 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-07 15:38 . 2010-07-07 15:37 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-07-01 09:18 . 2010-07-01 09:18 4096 ----a-w- c:\windows\d3dx.dat
2010-06-30 12:33 . 2009-09-01 22:26 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-25 20:29 . 2010-06-25 20:29 8 ----a-w- c:\windows\system32\vcexts.sys
2010-06-24 12:27 . 2009-09-01 22:26 1210368 ----a-w- c:\windows\system32\urlmon(4).dll
2010-06-24 09:02 . 2009-09-01 22:26 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2009-09-01 22:26 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2009-09-01 22:26 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-09-01 20:37 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2009-09-01 22:26 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-05-05 16:01 . 2010-05-05 16:01 6024 ----a-w- c:\program files\un_Internet Download Manager_16575.txt
2008-09-28 20:00 . 2010-05-05 16:01 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2008-03-09 05:25 . 2010-05-17 19:18 236 ----a-w- c:\program files\Common Files\dx.reg
.

------- Sigcheck -------

[-] 2008-04-14 . 8456A85E9E560369CB2E79097E4C2F69 . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . B780EDCA73DB26823494F711D73EB04C . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-07-27 397312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ASUS\\Data Sync\\Clotho.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\GROOVE.EXE"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31. 7. 2008 20:45 20616]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14. 5. 2009 15:47 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14. 5. 2009 15:47 731840]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25. 7. 2010 19:27 246520]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe [4. 8. 2010 17:06 61440]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18. 8. 2009 23:44 38912]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [1. 9. 2009 23:02 1015424]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1. 9. 2009 23:01 1684736]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2. 7. 2008 14:58 26248]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [22. 8. 2010 18:45 30272]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [12. 8. 2009 8:57 39040]
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com.eg/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth...
IE: Odeslat do zařízení Bluetooth
IE: Prevziať cez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-SpyEmergency - c:\program files\NETGATE\Spy Emergency\SpyEmergency.exe
Notify-winrys32 - winrys32.dll
AddRemove-EAX Unified - c:\program files\Creative\EAX Unified\Uninst.isu

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-05 11:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3160)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2010-09-05 11:12:30 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-05 09:12

Pre-Run: Volných bajtů: 66 710 687 744
Post-Run: Volných bajtů: 66 595 508 224

- - End Of File - - E5D95ED7E89C5FB2ECC44D16275884A1

#2 Příspěvek od **Rudy** » 05 zář 2010 11:07

ale original windows jsem nedostal

Chcete říci, že vaše instalace WinXP je nelegální?

jarek26 · #3 Příspěvek od **jarek26** » 05 zář 2010 11:10

musi byt legalni,vzdyt jsem ho koupil v obchode ale jenom zikam ze jsem k notebooku nedostal zadne dvd,ani cd.

#4 Příspěvek od **Rudy** » 05 zář 2010 11:49

jarek26 píše:musi byt legalni,vzdyt jsem ho koupil v obchode ale jenom zikam ze jsem k notebooku nedostal zadne dvd,ani cd.

OK, jen jsem se ptal. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\system32\winxqa32.dll
c:\windows\system32\drivers\pssdk31.drv

Driver::
PsSdk31

Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

jarek26 · #5 Příspěvek od **jarek26** » 06 zář 2010 21:44

dekuji,chci se zeptat jeste,udelal jsem to co ste psali a posilam log z combofix,je uz vse v pozadku?
ComboFix 10-09-04.06 - okaynetbook . 09. 2010 22:20:41.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1029.18.1015.655 [GMT 2:00]
Running from: c:\documents and settings\okaynetbook\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\okaynetbook\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

file zipped: c:\windows\system32\drivers\pssdk31.drv
file zipped: c:\windows\system32\winxqa32.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\pssdk31.drv
c:\windows\system32\winxqa32.dll

c:\windows\explorer.exe . . . is infected!!

c:\windows\system32\winlogon.exe . . . is infected!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_PSSDK31
-------\Service_PsSdk31

((((((((((((((((((((((((( Files Created from 2010-08-06 to 2010-09-06 )))))))))))))))))))))))))))))))
.

2010-09-03 20:53 . 2010-09-03 20:53 -------- d-----w- c:\program files\NETGATE
2010-08-29 13:14 . 2010-08-29 16:34 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-08-29 09:42 . 2005-04-01 15:40 13696 ------w- c:\windows\system32\drivers\NVXBAR.SYS
2010-08-29 09:42 . 2005-04-01 15:40 25442 ------w- c:\windows\system32\drivers\NVTVSND.SYS
2010-08-29 09:42 . 2005-04-01 15:40 21906 ------w- c:\windows\system32\drivers\NVTUNEP.SYS
2010-08-29 09:42 . 2005-04-01 15:40 123614 ------w- c:\windows\system32\drivers\NVCAP.SYS
2010-08-29 09:42 . 2010-08-29 09:42 -------- d-----w- C:\NVIDIA
2010-08-29 08:12 . 2010-08-29 08:12 -------- d-----w- c:\program files\Driver-Soft
2010-08-22 19:33 . 2010-08-22 19:36 48 ----a-w- c:\windows\ELP0102.dat
2010-08-22 19:03 . 2000-08-06 15:00 430080 ----a-w- c:\windows\system32\Msrepl35.dll
2010-08-22 19:03 . 1998-06-17 22:00 89360 ----a-w- c:\windows\system32\vb5db.dll
2010-08-22 19:03 . 1997-06-24 00:04 78848 ----a-w- c:\windows\system32\IC32.DLL
2010-08-22 19:03 . 1995-05-22 06:00 640512 ----a-w- c:\windows\system32\OC30.DLL
2010-08-22 19:03 . 1998-06-08 22:00 137216 ----a-w- c:\windows\system32\MSDERUN.DLL
2010-08-22 19:03 . 1998-04-23 22:00 252176 ----a-w- c:\windows\system32\MSRD2X35.DLL
2010-08-22 19:03 . 2001-04-05 08:43 77824 ----a-w- c:\windows\system32\msbind.dll
2010-08-22 19:03 . 1999-06-10 07:34 570128 ----a-w- c:\windows\system32\DAO350.DLL
2010-08-22 19:03 . 1998-06-17 22:00 299008 ----a-w- c:\windows\system32\MSDBRPTR.DLL
2010-08-22 18:06 . 2010-08-22 18:06 -------- dc-h--w- c:\windows\ie8
2010-08-22 17:41 . 2010-08-22 17:41 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-22 17:37 . 2010-08-22 17:37 -------- d-----w- c:\windows\XSxS
2010-08-22 17:01 . 2007-02-13 22:34 1754 ----a-w- c:\windows\system32\CHOICE.COM
2010-08-22 17:01 . 2005-01-22 17:05 20480 ----a-w- c:\windows\system32\wbload.dll
2010-08-22 17:01 . 2003-02-26 19:27 36864 ------w- c:\windows\system32\wbsys.dll
2010-08-22 17:01 . 2010-08-22 17:01 -------- d-----w- c:\program files\Stardock
2010-08-22 17:00 . 2010-05-04 02:40 -------- d-----w- c:\windows\Icons
2010-08-22 16:59 . 2010-02-10 17:13 165376 ----a-w- c:\windows\system32\unrar.dll
2010-08-22 16:58 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-22 16:58 . 2009-07-14 00:15 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-22 16:58 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-22 16:58 . 2009-07-14 00:15 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-22 16:58 . 2010-04-16 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-22 16:58 . 2010-08-22 17:55 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-22 16:53 . 2010-08-22 17:50 -------- d-----w- c:\program files\AIMP2
2010-08-22 16:10 . 2003-07-06 12:07 372736 ----a-w- c:\windows\system32\ijl15.dll
2010-08-22 16:10 . 2002-03-06 23:19 454656 ----a-w- c:\windows\system32\PaintX.dll
2010-08-22 16:10 . 2000-03-13 22:00 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2010-08-22 14:02 . 2010-08-22 14:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-18 13:23 . 1998-11-18 14:33 144384 ----a-w- c:\windows\system32\Iacenc.dll
2010-08-18 13:23 . 1997-06-13 06:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2010-08-18 13:20 . 2010-08-18 13:20 -------- d-----w- c:\program files\WMV9_VCM
2010-08-15 19:02 . 2010-08-15 19:25 -------- d-----w- c:\program files\Common Files\Lingea Shared
2010-08-15 13:47 . 2010-08-15 13:47 -------- d-----w- c:\program files\Conduit
2010-08-15 13:44 . 2010-08-15 13:44 -------- d-----w- c:\program files\Google-Translator
2010-08-09 17:06 . 2010-08-09 17:06 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-08-09 17:06 . 2010-08-09 17:06 233472 ----a-w- c:\windows\system32\REX Shared Library.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 20:21 . 2009-09-01 22:27 79714 ----a-w- c:\windows\system32\perfc005.dat
2010-09-06 20:21 . 2009-09-01 22:27 432632 ----a-w- c:\windows\system32\perfh005.dat
2010-08-29 16:49 . 2010-05-05 16:51 -------- d-----w- c:\program files\CCleaner
2010-08-29 09:42 . 2009-09-01 21:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-22 19:32 . 2004-03-28 16:35 48 ----a-w- c:\windows\ELP0103.dat
2010-08-22 18:23 . 2010-07-25 18:08 -------- d-----w- c:\program files\Java
2010-08-22 17:54 . 2010-07-25 00:27 -------- d-----w- c:\program files\Internet Download Manager
2010-08-18 13:23 . 2009-09-01 20:59 -------- d-----w- c:\program files\Intel
2010-08-08 17:49 . 2010-05-08 15:08 -------- d-----w- c:\program files\Scorpions WinCheater
2010-08-07 19:42 . 2010-08-07 19:42 4608 ----a-w- c:\windows\system32\w95inf32.dll
2010-08-07 19:42 . 2010-08-07 19:42 2272 ----a-w- c:\windows\system32\w95inf16.dll
2010-08-07 19:42 . 2010-08-07 19:41 -------- d-----w- c:\program files\Sierra On-Line
2010-07-31 10:44 . 2010-07-31 10:44 -------- d-----w- c:\program files\Chessmaster Challenge
2010-07-31 10:42 . 2010-07-31 10:42 -------- d-----w- c:\program files\ReflexiveArcade
2010-07-31 10:36 . 2010-07-31 10:36 -------- d-----w- c:\program files\DAMN NFO Viewer
2010-07-25 18:09 . 2010-07-25 18:09 -------- d-----w- c:\program files\Common Files\Java
2010-07-25 18:08 . 2010-07-25 18:09 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-25 17:29 . 2010-05-08 13:49 -------- d-----w- c:\program files\ESET
2010-07-25 17:28 . 2010-07-25 17:23 -------- d-----w- c:\program files\ICQ7.2
2010-07-25 17:27 . 2010-07-25 17:27 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-13 20:17 . 2010-07-13 20:17 -------- d-----w- c:\program files\KC Softwares
2010-07-11 16:58 . 2010-07-11 16:58 724992 ----a-w- c:\windows\iun6002.exe
2010-07-09 21:40 . 2009-09-01 21:27 -------- d-----w- c:\program files\Microsoft Works
2010-07-09 21:40 . 2010-05-23 02:27 -------- d-----w- c:\program files\MSBuild
2010-07-09 21:38 . 2010-07-09 21:38 -------- d-----w- c:\program files\Microsoft.NET
2010-07-09 21:36 . 2010-07-09 21:36 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-01 09:18 . 2010-07-01 09:18 4096 ----a-w- c:\windows\d3dx.dat
2010-06-30 12:33 . 2009-09-01 22:26 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-25 20:29 . 2010-06-25 20:29 8 ----a-w- c:\windows\system32\vcexts.sys
2010-06-24 12:27 . 2009-09-01 22:26 1210368 ----a-w- c:\windows\system32\urlmon(4).dll
2010-06-24 09:02 . 2009-09-01 22:26 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2009-09-01 22:26 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2009-09-01 22:26 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-09-01 20:37 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2009-09-01 22:26 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-05-05 16:01 . 2010-05-05 16:01 6024 ----a-w- c:\program files\un_Internet Download Manager_16575.txt
2008-09-28 20:00 . 2010-05-05 16:01 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2008-03-09 05:25 . 2010-05-17 19:18 236 ----a-w- c:\program files\Common Files\dx.reg
.

------- Sigcheck -------

[-] 2008-04-14 . 8456A85E9E560369CB2E79097E4C2F69 . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . B780EDCA73DB26823494F711D73EB04C . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-05_09.08.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-09-01 22:26 . 2010-09-05 08:17 68804 c:\windows\system32\perfc009.dat
+ 2009-09-01 22:26 . 2010-09-06 20:21 68804 c:\windows\system32\perfc009.dat
+ 2009-09-01 22:26 . 2010-09-06 20:21 435908 c:\windows\system32\perfh009.dat
- 2009-09-01 22:26 . 2010-09-05 08:17 435908 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-07-27 397312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ASUS\\Data Sync\\Clotho.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\GROOVE.EXE"=
"d:\\programy\\Microsoft Office 2007 CZ full\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31. 7. 2008 20:45 20616]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14. 5. 2009 15:47 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14. 5. 2009 15:47 731840]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25. 7. 2010 19:27 246520]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe [4. 8. 2010 17:06 61440]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18. 8. 2009 23:44 38912]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [1. 9. 2009 23:02 1015424]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1. 9. 2009 23:01 1684736]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2. 7. 2008 14:58 26248]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [12. 8. 2009 8:57 39040]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://www.google.com.eg/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth...
IE: Odeslat do zařízení Bluetooth
IE: Prevziať cez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 22:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3626335844-41941361-4021371189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2920)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2010-09-06 22:34:53 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-06 20:34
ComboFix2.txt 2010-09-05 09:12

Pre-Run: Volných bajtů: 66 560 483 328
Post-Run: Volných bajtů: 66 543 906 816

- - End Of File - - FA57AF9960B91096620A75563C6A982B

#6 Příspěvek od **Rudy** » 06 zář 2010 21:48

Soubory:

c:\windows\explorer.exe
c:\windows\system32\winlogon.exe

Ozančil CF jako infikované. Otestujte ja online na www.virustotal.com . V případě, že se infekce potvrdí, budete je muset zkopírovat z jiného (čistého systému) a překopírovat je do vašeho.

jarek26 · #7 Příspěvek od **jarek26** » 11 zář 2010 07:55

dobry den,
jo otestoval jsem si to a jsou zavirene,v notebooku mam slozku c:windows/i386 kde jsem si nasel pod souborem aj winlogon,aj explorer.sou ulozene pod typom ex_,otvoril jsem ich otestoval a jsou ciste,ale moje otazka zni ako vlozim tie soubory,kdyz ich system pouziva,neumim ich nahradit,potreboval bych nejakej navod jak nato.
dekuji

#8 Příspěvek od **Rudy** » 11 zář 2010 09:35

Ono to jde, ale jen přes instalátor. Lépe bude si je zkopírovat třeba od kamaráda z čistého systému a nakopírovat je do vašeho PC, čímž se ty infikované přepíší. Pokud by to nešlo jinak, lze kopírovat přes ComboFix.

jarek26 · #9 Příspěvek od **jarek26** » 11 zář 2010 10:53

muzete mi poslat navod pri combofixu
dekuji

#10 Příspěvek od **Rudy** » 11 zář 2010 11:22

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

jarek26 · #11 Příspěvek od **jarek26** » 12 zář 2010 12:54

dobry den,
chci se septat jestli je uz vsechn o v poradku,posilam to co mi napsal combofix
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
ADS - explorer.exe: deleted 88 bytes in 2 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\d.ini
c:\windows\system32\sshnas21.dll
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

Nakažená kopie c:\windows\explorer.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{1C2E968C-4466-43AE-B413-C12E35B10633}\RP2\A0001571.exe

Nakažená kopie c:\windows\system32\winlogon.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{1C2E968C-4466-43AE-B413-C12E35B10633}\RP5\A0002020.exe

Nakažená kopie c:\windows\explorer.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{1C2E968C-4466-43AE-B413-C12E35B10633}\RP2\A0001571.exe

nechal som ich este preskenovat cez virustatal a uz niesu nainfikovane
dekuji

#12 Příspěvek od **Rudy** » 12 zář 2010 16:51

3 položky smazány a další 2 obnoveny ze zálohy. Log ale není kompletní.

VIRY.CZ

centrum zabespeceni nefungovalo

centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo

Re: centrum zabespeceni nefungovalo