kontrola notebooku

[kasper]

prosím o kontrolu logu, je to od kamarádky spolubydlící která je v zahraničí a pracuje tam

tak jsem zjistil ,že jsem překročil maximální počet písmenek pro jeden příspěvek nevím jak je to možné

tady to je a omluvám se za problémy
http://www.edisk.cz/stahni/61794/log_za ... .81KB.html

[vyosek]

Zdravim a pekny den preji

At koukam jak se divam, tak log nikde nevidim

[kasper]

tak log vložím ještě jednou
http://www.edisk.cz/stahni/61794/log_za ... .81KB.html

[vyosek]

Prosim needitujte, nemusim si toho vsimnout jelikoz se mi to nezobrazuje jako novy prispevek

Ja sem log pro prehlednost vlozim - vynecham cast Debugger

Logfile of random's system information tool 1.08 (written by random/random)
Run by Carlos at 2010-12-31 11:47:46
Microsoft Windows 7 Professional
System drive C: has 37 GB (49%) free of 75 GB
Total RAM: 2038 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:49:11, on 31-12-2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\ProgramData\c168ec\PIc16_302.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Carlos\Desktop\Nova pasta\Telia mobile broadband\Telia mobile broadband.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Users\Carlos\Desktop\RSIT.exe
C:\Program Files\trend micro\Carlos.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programa Auxiliar de Início de Sessăo do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [HUAWEI E620 Data Card] C:\PROGRA~1\Kanguru\Kanguru.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Personal Internet Security 2011] "C:\ProgramData\c168ec\PIc16_302.exe" /s /d
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Serviço de rede')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{189EC083-DE3C-4071-B4CB-772323186863}: NameServer = 195.67.199.18 195.67.199.19
O17 - HKLM\System\CS1\Services\Tcpip\..\{189EC083-DE3C-4071-B4CB-772323186863}: NameServer = 195.67.199.18 195.67.199.19
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8181 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programa Auxiliar de Início de Sessăo do Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]
"HUAWEI E620 Data Card"=C:\PROGRA~1\Kanguru\Kanguru.exe []
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-06-04 322352]
"Personal Internet Security 2011"=C:\ProgramData\c168ec\PIc16_302.exe [2010-12-28 5181952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Personal Internet Security 2011]
C:\ProgramData\c168ec\PIc16_302.exe [2010-12-28 5181952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-06-04 322352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2009-12-08 2717024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE [2004-02-11 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisallowRun"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-31 11:47:47 ----D---- C:\Program Files\trend micro
2010-12-31 11:47:46 ----D---- C:\rsit
2010-12-30 03:43:52 ----SHD---- C:\Config.Msi
2010-12-29 16:00:21 ----D---- C:\Windows\system32\Wat
2010-12-29 12:02:15 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2010-12-29 12:02:15 ----A---- C:\Windows\system32\drivers\ks.sys
2010-12-29 11:48:08 ----D---- C:\Program Files\TrendMicro
2010-12-29 11:25:35 ----A---- C:\Windows\system32\iertutil.dll
2010-12-29 11:25:30 ----A---- C:\Windows\system32\mshtml.dll
2010-12-29 11:24:54 ----A---- C:\Windows\system32\ieframe.dll
2010-12-29 11:24:52 ----A---- C:\Windows\system32\mstime.dll
2010-12-29 11:24:52 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-29 11:24:51 ----A---- C:\Windows\system32\urlmon.dll
2010-12-29 11:24:50 ----A---- C:\Windows\system32\wininet.dll
2010-12-29 11:24:50 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-29 11:24:49 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-29 11:24:49 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-29 11:24:48 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-29 11:24:48 ----A---- C:\Windows\system32\ieui.dll
2010-12-29 11:24:48 ----A---- C:\Windows\system32\iepeers.dll
2010-12-29 11:24:47 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-29 11:24:47 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-29 11:24:40 ----A---- C:\Windows\system32\ole32.dll
2010-12-29 11:24:39 ----A---- C:\Windows\system32\spoolsv.exe
2010-12-29 11:24:37 ----A---- C:\Windows\system32\t2embed.dll
2010-12-29 11:24:30 ----A---- C:\Windows\system32\tzres.dll
2010-12-29 11:24:15 ----A---- C:\Windows\system32\msdri.dll
2010-12-29 11:24:15 ----A---- C:\Windows\system32\CPFilters.dll
2010-12-29 11:24:08 ----A---- C:\Windows\system32\schannel.dll
2010-12-29 11:24:07 ----A---- C:\Windows\system32\taskschd.dll
2010-12-29 11:24:07 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-29 11:24:06 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-29 11:24:06 ----A---- C:\Windows\system32\taskeng.exe
2010-12-29 11:24:06 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-29 11:24:06 ----A---- C:\Windows\system32\schtasks.exe
2010-12-29 11:24:04 ----A---- C:\Windows\system32\comctl32.dll
2010-12-29 11:24:02 ----A---- C:\Windows\system32\mfc40u.dll
2010-12-29 11:24:02 ----A---- C:\Windows\system32\mfc40.dll
2010-12-29 11:23:51 ----A---- C:\Windows\system32\wmp.dll
2010-12-29 11:23:49 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-29 11:23:47 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-12-29 11:23:46 ----A---- C:\Windows\system32\atmlib.dll
2010-12-29 11:23:46 ----A---- C:\Windows\system32\atmfd.dll
2010-12-29 11:23:45 ----A---- C:\Windows\system32\webio.dll
2010-12-29 11:23:30 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-29 11:23:30 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-29 11:23:30 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-29 11:23:30 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-29 11:23:27 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-29 11:23:25 ----A---- C:\Windows\system32\consent.exe
2010-12-29 11:23:23 ----A---- C:\Windows\system32\oleaut32.dll
2010-12-29 11:23:22 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-12-29 11:23:19 ----A---- C:\Windows\system32\win32k.sys
2010-12-29 11:03:29 ----D---- C:\Program Files\Common Files\Adobe
2010-12-28 14:30:44 ----D---- C:\Windows\pss
2010-12-28 13:37:38 ----SHD---- C:\Users\Carlos\AppData\Roaming\Personal Internet Security 2011
2010-12-28 13:31:09 ----SHD---- C:\ProgramData\PIMUIDIS
2010-12-28 13:29:28 ----SHD---- C:\ProgramData\c168ec
2010-12-24 03:38:58 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2010-12-24 03:38:58 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2010-12-24 03:38:58 ----A---- C:\Windows\system32\drivers\ewusbdev.sys
2010-12-24 03:38:57 ----A---- C:\Windows\system32\drivers\ewdcsc.sys

======List of files/folders modified in the last 1 months======

2010-12-31 11:49:09 ----D---- C:\Windows\Temp
2010-12-31 11:48:17 ----D---- C:\Windows\Prefetch
2010-12-31 11:47:47 ----RD---- C:\Program Files
2010-12-31 11:41:25 ----D---- C:\Windows\system32\config
2010-12-31 11:39:43 ----D---- C:\Users\Carlos\AppData\Roaming\uTorrent
2010-12-31 10:56:45 ----D---- C:\Windows\System32
2010-12-31 10:56:45 ----D---- C:\Windows\inf
2010-12-31 10:56:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-31 10:56:22 ----SHD---- C:\System Volume Information
2010-12-31 00:41:51 ----D---- C:\Users\Carlos\AppData\Roaming\Skype
2010-12-31 00:02:46 ----D---- C:\Users\Carlos\AppData\Roaming\skypePM
2010-12-30 13:20:04 ----D---- C:\Windows\system32\catroot2
2010-12-30 05:01:29 ----D---- C:\Windows\Microsoft.NET
2010-12-30 05:01:27 ----RSD---- C:\Windows\assembly
2010-12-30 03:45:11 ----SHD---- C:\Windows\Installer
2010-12-30 03:44:01 ----D---- C:\Windows\system32\en-US
2010-12-30 03:43:59 ----D---- C:\Program Files\Microsoft.NET
2010-12-30 03:13:03 ----D---- C:\ProgramData\Microsoft Help
2010-12-29 16:03:15 ----D---- C:\Windows\winsxs
2010-12-29 16:00:24 ----D---- C:\Windows\system32\pt-PT
2010-12-29 16:00:24 ----D---- C:\Windows\ehome
2010-12-29 16:00:24 ----D---- C:\Program Files\Windows Mail
2010-12-29 16:00:23 ----D---- C:\Windows\system32\migration
2010-12-29 16:00:23 ----D---- C:\Windows\AppPatch
2010-12-29 16:00:23 ----D---- C:\Program Files\Windows Media Player
2010-12-29 16:00:23 ----D---- C:\Program Files\Internet Explorer
2010-12-29 16:00:22 ----D---- C:\Windows\system32\drivers
2010-12-29 16:00:20 ----D---- C:\Windows\system32\DriverStore
2010-12-29 12:02:24 ----D---- C:\Windows\system32\catroot
2010-12-29 11:48:10 ----SD---- C:\Users\Carlos\AppData\Roaming\Microsoft
2010-12-29 11:03:49 ----D---- C:\ProgramData\Adobe
2010-12-29 11:03:29 ----D---- C:\Program Files\Common Files
2010-12-29 00:49:27 ----D---- C:\Windows
2010-12-29 00:49:16 ----SD---- C:\ProgramData\Microsoft
2010-12-29 00:45:47 ----D---- C:\Windows\system32\drivers\etc
2010-12-28 14:26:41 ----D---- C:\Program Files\Microsoft Silverlight
2010-12-28 14:15:01 ----D---- C:\ProgramData\Alwil Software
2010-12-28 13:31:09 ----HD---- C:\ProgramData
2010-12-27 01:00:29 ----D---- C:\Program Files\Risk
2010-12-26 02:05:46 ----D---- C:\Windows\system32\NDF
2010-12-24 20:17:26 ----D---- C:\Windows\ModemLogs
2010-12-14 18:57:50 ----D---- C:\Program Files\Microsoft Security Essentials
2010-12-08 21:34:08 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-04 691696]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-21 1218048]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-07 103168]
R3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-08-05 171520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-12-19 249888]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 15216]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a12agcwn;a12agcwn; C:\Windows\system32\drivers\a12agcwn.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-10 185712]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 iPod Service;Serviço iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-29 1343400]

-----------------EOF-----------------

[vyosek]

Mate tam zhavou novinku mezi haveti - Internet Security 2011 - podvodny antivir

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• V zadnem pripade ted nerestartujte PC - prisli byste o ucinek RKillu

Pri stahovani ComboFixu - navod nize, jej ulozte jako Beruska.com

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[kasper]

zdravím v novém roce a přikládam logy

Combofix

ComboFix 11-01-01.02 - Carlos 02-01-2011 10:22:10.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.351.2070.18.2038.1350 [GMT 1:00]
Executando de: c:\users\Carlos\Desktop\Beruska.com
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Outras Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Carlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Personal Internet Security 2011.lnk
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\cb.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\cb.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\cb.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\cid.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\cid.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\CLSV.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\CLSV.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\ddv.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\delfile.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\eb.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\eb.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\eb.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\energy.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\energy.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\energy.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\energy.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\exec.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\exec.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\exec.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\fix.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\fix.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\FS.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\PE.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\PE.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\PE.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\PE.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\ppal.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\ppal.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\runddl.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\sld.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\sld.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\sld.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\SM.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\snl2w.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\snl2w.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\std.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\std.drv
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\std.sys
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\tempdoc.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\tjd.dll
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\tjd.exe
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Recent\tjd.tmp
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Personal Internet Security 2011.lnk
c:\users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Personal Internet Security 2011.lnk
c:\users\Carlos\AppData\Roaming\Personal Internet Security 2011
c:\users\Carlos\Desktop\Personal Internet Security 2011.lnk

.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-12-02 to 2011-01-02 ))))))))))))))))))))))))))))
.

2011-01-02 09:36 . 2011-01-02 09:37 -------- d-----w- c:\users\Carlos\AppData\Local\temp
2011-01-02 09:36 . 2011-01-02 09:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-31 10:47 . 2010-12-31 10:49 -------- d-----w- c:\program files\trend micro
2010-12-31 10:47 . 2010-12-31 10:49 -------- d-----w- C:\rsit
2010-12-29 15:00 . 2010-12-29 15:00 -------- d-----w- c:\windows\system32\Wat
2010-12-29 11:02 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-29 11:02 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-29 10:48 . 2010-12-29 10:48 388096 ----a-r- c:\users\Carlos\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-12-29 10:48 . 2010-12-29 10:48 -------- d-----w- c:\program files\TrendMicro
2010-12-29 10:03 . 2010-12-29 10:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-12-28 12:31 . 2010-12-28 12:31 -------- d-sh--w- c:\programdata\PIMUIDIS
2010-12-28 12:29 . 2010-12-28 23:44 -------- d-sh--w- c:\programdata\c168ec
2010-12-24 02:38 . 2009-12-07 18:53 103168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-12-24 02:38 . 2009-12-07 18:36 201168 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-12-24 02:38 . 2009-10-12 14:22 101120 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2010-12-24 02:38 . 2007-08-09 03:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-12-08 00:51 . 2010-12-30 18:37 -------- d-----w- c:\users\Carlos\Para o Pedro

.
((((((((((((((((((((((((((((((((((((( Relat�rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-01 23:37 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-01-01 23:37 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-12-24 20:17 . 2010-04-02 15:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-12-24 20:17 . 2010-04-02 15:00 515904 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-13 12:43 . 2010-02-05 03:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-13 12:42 . 2010-02-05 03:39 515904 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-10-19 20:51 . 2010-01-30 16:49 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-02-04 11:53 . 2010-02-04 12:07 15474026 ----a-w- c:\program files\K-Lite_Codec_Pack_570_Full.exe
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por defeito n�o s�o mostradas.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-04 322352]
"Personal Internet Security 2011"="c:\programdata\c168ec\PIc16_302.exe" [2010-12-28 5181952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 03:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-01-22 19:16 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 16:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Personal Internet Security 2011]
2010-12-28 12:35 5181952 ----a-w- c:\programdata\c168ec\PIc16_302.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 23:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-06-04 16:55 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Servi�o de Tecnologias de Activa��o do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-29 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-04 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-10 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-05 171520]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-12-19 249888]

.
.
------- Scan Suplementar -------
.
uStart Page = about:blank
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
.
- - - - ORF�OS REMOVIDOS - - - -

HKLM-Run-HUAWEI E620 Data Card - c:\progra~1\Kanguru\Kanguru.exe
MSConfigStartUp-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe


.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclus�o: 2011-01-02 10:50:27
ComboFix-quarantined-files.txt 2011-01-02 09:50

Pr�-execu��o: 44.254.035.968 bytes livres
P�s execu��o: 44.485.222.400 bytes livres

- - End Of File - - 44AB9A240359A9E3788CF4A37F11B086

rkill

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 02-01-2011 at 9:55:35.
Operating System: Windows 7 Professional


Processes terminated by Rkill or while it was running:

C:\ProgramData\c168ec\PIc16_302.exe
C:\Users\Carlos\Desktop\Nova pasta\Telia mobile broadband\Telia mobile broadband.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE


Rkill completed on 02-01-2011 at 9:55:55.

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "uTorrent"=-
  "Personal Internet Security 2011"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  [-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Personal Internet Security 2011]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
  
  Collect::
  c:\programdata\c168ec\PIc16_302.exe
  
  Folder::
  c:\programdata\c168ec
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[kasper]

všechno provedeno

ComboFix 11-01-02.02 - Carlos 02-01-2011 18:44:01.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.351.2070.18.2038.1269 [GMT 1:00]
Executando de: c:\users\Carlos\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\Carlos\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

file zipped: c:\programdata\c168ec\PIc16_302.exe
.

((((((((((((((((((((((((((((((((((((( Outras Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\c168ec
c:\programdata\c168ec\33761853c3c2eaafd08c30e774640581.ocx
c:\programdata\c168ec\7f03bff66f6ab5dd7b9cbd2b633842ed.ocx
c:\programdata\c168ec\BackUp\Bluetooth Manager.lnk
c:\programdata\c168ec\BackUp\WinZip Quick Pick.lnk
c:\programdata\c168ec\PIc16_302.exe
c:\programdata\c168ec\PIS.ico

.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-12-02 to 2011-01-02 ))))))))))))))))))))))))))))
.

2011-01-02 17:57 . 2011-01-02 17:58 -------- d-----w- c:\users\Carlos\AppData\Local\temp
2011-01-02 17:57 . 2011-01-02 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-31 10:47 . 2010-12-31 10:49 -------- d-----w- c:\program files\trend micro
2010-12-31 10:47 . 2010-12-31 10:49 -------- d-----w- C:\rsit
2010-12-29 15:00 . 2010-12-29 15:00 -------- d-----w- c:\windows\system32\Wat
2010-12-29 11:02 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-29 11:02 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-29 10:48 . 2010-12-29 10:48 388096 ----a-r- c:\users\Carlos\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-12-29 10:48 . 2010-12-29 10:48 -------- d-----w- c:\program files\TrendMicro
2010-12-29 10:03 . 2010-12-29 10:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-12-28 12:31 . 2010-12-28 12:31 -------- d-sh--w- c:\programdata\PIMUIDIS
2010-12-24 02:38 . 2009-12-07 18:53 103168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2010-12-24 02:38 . 2009-12-07 18:36 201168 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2010-12-24 02:38 . 2009-10-12 14:22 101120 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2010-12-24 02:38 . 2007-08-09 03:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2010-12-08 00:51 . 2010-12-30 18:37 -------- d-----w- c:\users\Carlos\Para o Pedro

.
((((((((((((((((((((((((((((((((((((( Relat�rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-01 23:37 . 2009-08-18 10:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-01-01 23:37 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-12-24 20:17 . 2010-04-02 15:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-12-24 20:17 . 2010-04-02 15:00 515904 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-13 12:43 . 2010-02-05 03:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-13 12:42 . 2010-02-05 03:39 515904 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-10-19 20:51 . 2010-01-30 16:49 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-02-04 11:53 . 2010-02-04 12:07 15474026 ----a-w- c:\program files\K-Lite_Codec_Pack_570_Full.exe
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por defeito n�o s�o mostradas.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Servi�o de Tecnologias de Activa��o do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-29 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-04 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-10 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-05 171520]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-12-19 249888]


--- =Outros Servi�os/Drivers Na Mem�ria ---

*NewlyCreated* - CFCATCHME
*Deregistered* - CFcatchme
.
.
------- Scan Suplementar -------
.
uStart Page = about:blank
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
.
.
Tempo para conclus�o: 2011-01-02 19:10:20
ComboFix-quarantined-files.txt 2011-01-02 18:10

Pr�-execu��o: 44.489.822.208 bytes livres
P�s execu��o: 44.330.151.936 bytes livres

- - End Of File - - 69EFDDE0F849A5BD1BAE34EA3022CD72

[vyosek]

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete SPTD http://www.duplexsecure.com/en/downloads

• Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
• Ulozte na plochu a spustte
• Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe

• Ulozte na plochu a spustte
• Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe ale nespoustejte

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  "%userprofile%\Desktop\mbr" -t

• Kliknete na OK
• Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

[kasper]

zase zdravím
vše bylo provedeno až na poslední krok MBR vše je staženo a proveden příkaz co jste napsal
,ale log ani nic jiného to nevytvořilo

buď se počítač vypne nebo a nebo to jen najde jen knihovny to je vše

děkují za radu a ochotu

[vyosek]

Mate mbr na plose

buď se počítač vypne nebo a nebo to jen najde jen knihovny to je vše

tomuto nejak nerozumim

[kasper]

ano má

1 vypne se počítač
2.nebo to neudělá nic a najde to knihovny jako možný cil

[vyosek]

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci - treti zalozka
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni