Ahojte, pocitac se mi docela hodne zpomalil, tak by jsem Vas chtel poprosit o preventivku.
Logfile of random's system information tool 1.08 (written by random/random)
Run by UTHAYA at 2010-09-23 16:39:48
Microsoft Windows XP Professional Service Pack 3
System drive D: has 33 GB (72%) free of 46 GB
Total RAM: 502 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:40:01 PM, on 9/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
D:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
D:\Program Files\Pure Networks\Network Magic\nmapp.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
D:\Program Files\Lexmark X125\LEX125SU.exe
D:\Program Files\WinZip\WZQKPICK.EXE
D:\WINDOWS\system32\lxducoms.exe
D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
D:\WINDOWS\system32\devldr32.exe
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
D:\WINDOWS\system32\wuauclt.exe
D:\RSIT.exe
D:\Program Files\trend micro\UTHAYA.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - D:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - D:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [lxdumon.exe] "D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "D:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "D:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LMPDPSRV] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [nmctxth] "D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "D:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [igfxtray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [NSSInstallation] D:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe /runonce /rm
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PPWebCap] D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSN Optimized;US)" -"http://www.drivearcade.com/preroll.php?g_id=1320"
O4 - Global Startup: Lexmark X125 Settings Utility.lnk = D:\Program Files\Lexmark X125\LEX125SU.exe
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Open in new background tab - res://D:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?fcc5fe1cd69242e6a648c814df1979fe
O8 - Extra context menu item: Open in new foreground tab - res://D:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?fcc5fe1cd69242e6a648c814df1979fe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - D:\WINDOWS\system32\lxducoms.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - D:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - D:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
--
End of file - 10494 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\Install.job
D:\WINDOWS\tasks\Norton Security Scan for UTHAYA.job
D:\WINDOWS\tasks\OGALogon.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{C843166D-DA22-4EB3-8B3E-AF9A5FE23CA4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Toolbar - D:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - D:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - D:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-13 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-22 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-22 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - D:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - D:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - D:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Toolbar - D:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-22 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"lxdumon.exe"=D:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [2008-09-10 676520]
"lxduamon"=D:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10 16040]
"Lexmark 5600-6600 Series Fax Server"=D:\Program Files\Lexmark 5600-6600 Series\fm3032.exe [2008-09-10 311976]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"LMPDPSRV"=D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE [2002-07-11 45056]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"nmctxth"=D:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2008-05-16 648504]
"nmapp"=D:\Program Files\Pure Networks\Network Magic\nmapp.exe [2008-05-21 451896]
"igfxtray"=D:\WINDOWS\system32\igfxtray.exe [2005-08-24 94208]
"igfxhkcmd"=D:\WINDOWS\system32\hkcmd.exe [2005-08-24 77824]
"igfxpers"=D:\WINDOWS\system32\igfxpers.exe [2005-08-24 114688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NSSInstallation"=D:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe [2010-09-23 497016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=D:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"Skype"=D:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-09 39408]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"PPWebCap"=D:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe [2000-03-01 48128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-31 468408]
D:\Documents and Settings\All Users\Start Menu\Programs\Startup
Lexmark X125 Settings Utility.lnk - D:\Program Files\Lexmark X125\LEX125SU.exe
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
D:\WINDOWS\system32\igfxdev.dll [2005-08-24 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\WINDOWS\system32\lxducoms.exe"="D:\WINDOWS\system32\lxducoms.exe:*:Enabled:5600-6600 Series Server"
"D:\WINDOWS\system32\spool\drivers\w32x86\3\LMpdpsrv.exe"="D:\WINDOWS\system32\spool\drivers\w32x86\3\LMpdpsrv.exe:*:Disabled:PDP RPC Server"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"="D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"D:\Program Files\MSN Messenger\livecall.exe"="D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2010-09-23 16:39:50 ----D---- D:\Program Files\trend micro
2010-09-23 16:39:48 ----D---- D:\rsit
2010-09-23 16:39:08 ----A---- D:\RSIT.exe
2010-09-23 16:32:47 ----D---- D:\WINDOWS\pss
2010-09-23 07:48:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2160329$
2010-09-23 02:20:02 ----HDC---- D:\WINDOWS\$NtUninstallKB980232$
2010-09-23 02:19:48 ----HDC---- D:\WINDOWS\$NtUninstallKB975713$
2010-09-23 02:19:38 ----HDC---- D:\WINDOWS\$NtUninstallKB2079403$
2010-09-23 02:19:21 ----HDC---- D:\WINDOWS\$NtUninstallKB981322$
2010-09-22 10:17:27 ----HDC---- D:\WINDOWS\$NtUninstallKB980218$
2010-09-22 10:16:54 ----HDC---- D:\WINDOWS\$NtUninstallKB982214$
2010-09-22 10:16:27 ----HDC---- D:\WINDOWS\$NtUninstallKB2259922$
2010-09-22 10:16:17 ----HDC---- D:\WINDOWS\$NtUninstallKB980195$
2010-09-22 10:16:03 ----HDC---- D:\WINDOWS\$NtUninstallKB979402_WM9$
2010-09-22 10:15:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2115168$
2010-09-22 10:15:43 ----HDC---- D:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-22 10:15:27 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-09-22 10:13:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2229593$
2010-09-22 10:13:37 ----HDC---- D:\WINDOWS\$NtUninstallKB978037$
2010-09-22 10:12:07 ----HDC---- D:\WINDOWS\$NtUninstallKB978338$
2010-09-22 10:10:30 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-09-22 10:08:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2347290$
2010-09-22 10:08:26 ----HDC---- D:\WINDOWS\$NtUninstallKB981852$
2010-09-22 10:02:42 ----HDC---- D:\WINDOWS\$NtUninstallKB2121546$
2010-09-22 10:02:24 ----HDC---- D:\WINDOWS\$NtUninstallKB982802$
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\zh-TW
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\zh-HK
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\tr-TR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\sv-SE
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\pt-BR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\nl-NL
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\nb-NO
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\ko-KR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\it-IT
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\he-IL
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\fr-FR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\fi-FI
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\es-ES
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\el-GR
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\de-DE
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\da-DK
2010-09-22 09:58:18 ----D---- D:\WINDOWS\system32\ar-SA
2010-09-22 09:57:05 ----HDC---- D:\WINDOWS\$NtUninstallKB975560$
2010-09-22 09:56:52 ----HDC---- D:\WINDOWS\$NtUninstallKB977816$
2010-09-22 09:54:39 ----HDC---- D:\WINDOWS\$NtUninstallKB981793$
2010-09-22 09:54:26 ----HDC---- D:\WINDOWS\$NtUninstallKB978601$
2010-09-22 09:53:56 ----HDC---- D:\WINDOWS\$NtUninstallKB980436$
2010-09-22 09:51:39 ----HDC---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2010-09-22 09:42:32 ----HDC---- D:\WINDOWS\$NtUninstallKB977914$
2010-09-22 09:39:29 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2010-09-22 09:38:41 ----HDC---- D:\WINDOWS\$NtUninstallKB2286198$
2010-09-22 09:38:15 ----HDC---- D:\WINDOWS\$NtUninstallKB979309$
2010-09-22 09:37:49 ----HDC---- D:\WINDOWS\$NtUninstallKB979482$
2010-09-22 09:37:14 ----HDC---- D:\WINDOWS\$NtUninstallKB978706$
2010-09-22 09:36:45 ----HDC---- D:\WINDOWS\$NtUninstallKB981997$
2010-09-22 09:36:20 ----HDC---- D:\WINDOWS\$NtUninstallKB975562$
2010-09-22 09:35:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2141007$
2010-09-22 09:28:40 ----HDC---- D:\WINDOWS\$NtUninstallKB982665$
2010-09-22 07:06:10 ----A---- D:\WINDOWS\system32\igfxres.dll
2010-09-22 06:29:43 ----D---- D:\Program Files\Symantec
2010-09-22 06:29:43 ----A---- D:\WINDOWS\system32\S32EVNT1.DLL
2010-09-22 06:29:43 ----A---- D:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-09-22 06:27:15 ----D---- D:\WINDOWS\system32\drivers\NAV
2010-09-22 06:27:15 ----D---- D:\Program Files\Windows Sidebar
2010-09-22 06:27:03 ----D---- D:\Program Files\Norton AntiVirus
======List of files/folders modified in the last 1 months======
2010-09-23 16:39:50 ----RD---- D:\Program Files
2010-09-23 16:39:40 ----D---- D:\WINDOWS\Temp
2010-09-23 16:39:31 ----D---- D:\WINDOWS\Prefetch
2010-09-23 16:38:51 ----D---- D:\Documents and Settings
2010-09-23 16:32:47 ----D---- D:\WINDOWS
2010-09-23 14:56:05 ----SD---- D:\WINDOWS\Tasks
2010-09-23 14:54:40 ----D---- D:\Documents and Settings\UTHAYA\Application Data\Macromedia
2010-09-23 14:54:20 ----D---- D:\WINDOWS\system32\Macromed
2010-09-23 10:06:13 ----SHD---- D:\System Volume Information
2010-09-23 10:05:14 ----D---- D:\Documents and Settings\UTHAYA\Application Data\Skype
2010-09-23 10:04:58 ----D---- D:\WINDOWS\system32
2010-09-23 07:48:32 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-09-23 07:48:14 ----HD---- D:\WINDOWS\inf
2010-09-23 07:48:10 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-09-23 07:47:30 ----D---- D:\WINDOWS\system32\CatRoot2
2010-09-23 06:37:13 ----D---- D:\WINDOWS\Microsoft.NET
2010-09-23 05:36:26 ----RSD---- D:\WINDOWS\assembly
2010-09-23 05:05:58 ----SHD---- D:\WINDOWS\Installer
2010-09-23 04:56:35 ----D---- D:\WINDOWS\Debug
2010-09-23 04:45:12 ----D---- D:\Program Files\Microsoft Silverlight
2010-09-23 02:20:05 ----D---- D:\WINDOWS\system32\drivers
2010-09-23 02:19:56 ----HD---- D:\WINDOWS\$hf_mig$
2010-09-23 02:14:42 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-09-23 02:13:02 ----D---- D:\WINDOWS\WinSxS
2010-09-23 02:01:02 ----D---- D:\WINDOWS\AppPatch
2010-09-23 02:01:01 ----D---- D:\Program Files\NortonInstaller
2010-09-22 10:15:02 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-09-22 09:57:47 ----D---- D:\Program Files\Internet Explorer
2010-09-22 09:57:28 ----D---- D:\WINDOWS\ie8updates
2010-09-22 09:39:35 ----D---- D:\Program Files\Outlook Express
2010-09-22 09:36:49 ----D---- D:\Program Files\Movie Maker
2010-09-22 09:26:19 ----D---- D:\Program Files\Google
2010-09-22 06:31:54 ----D---- D:\Program Files\Common Files\Symantec Shared
2010-09-22 06:27:03 ----D---- D:\Documents and Settings\All Users\Application Data\Norton
2010-09-22 06:17:42 ----D---- D:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-09-22 06:14:26 ----D---- D:\Documents and Settings\All Users\Application Data\avg9
2010-09-22 06:11:22 ----SD---- D:\Documents and Settings\UTHAYA\Application Data\Microsoft
2010-09-10 14:34:30 ----A---- D:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GMAEnabler;SoftGMA Enabler; D:\WINDOWS\system32\DRIVERS\GMAEnabler.sys [2005-05-23 4736]
R0 SymDS;Symantec Data Store; D:\WINDOWS\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-08-29 328752]
R0 SymEFA;Symantec Extended File Attributes; D:\WINDOWS\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; D:\WINDOWS\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); D:\WINDOWS\system32\drivers\NAV\1108000.005\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; D:\WINDOWS\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-28 116784]
R2 pnarp;Pure Networks Device Discovery Driver; D:\WINDOWS\system32\DRIVERS\pnarp.sys [2008-05-16 23992]
R2 ppsio2;PPDevice; D:\WINDOWS\system32\drivers\ppsio2.sys [1999-04-01 22400]
R2 purendis;Pure Networks Wireless Driver; D:\WINDOWS\system32\DRIVERS\purendis.sys [2008-05-16 25272]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; D:\WINDOWS\system32\DRIVERS\b57xp32.sys [2009-08-06 121472]
R3 ctljystk;Creative SBLive! Gameport; D:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); D:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); D:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 IDSxpx86;IDSxpx86; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100922.001\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100923.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\D:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100923.003\NAVEX15.SYS []
R3 sfman;Creative SoundFont Manager Driver (WDM); D:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SRTSP;Symantec Real Time Storage Protection; D:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\D:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMTDI;Symantec Network Dispatch Driver; D:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS [2010-05-05 361904]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 DgiVecp;DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 ialm;ialm; D:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-08-24 1052732]
S3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 lxdu_device;lxdu_device; D:\WINDOWS\system32\lxducoms.exe [2008-05-23 594600]
R2 NAV;Norton AntiVirus; D:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-25 126392]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nmservice;Pure Networks Platform Service; D:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2008-05-16 648504]
S2 gupdate;Google Update Service (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-22 135664]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService; D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe [2008-05-23 98984]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; D:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-09 182768]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 nmraapache;Pure Networks Net2Go Service; D:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [2008-05-21 12800]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; D:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o preventivku
Hezké odpoledne 
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosim o preventivku
Preji pekné odpoledne. Posilam uplny sken.
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org
Database version: 4690
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/25/2010 6:04:56 AM
mbam-log-2010-09-25 (06-04-56).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 203326
Time elapsed: 1 hour(s), 8 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information\_restore{D49421FB-E761-4C81-8804-061F5C4C95D6}\RP46\A0008526.exe (Patch.NetworkMagic)
D:\Documents and Settings\UTHAYA\Local Settings\Temporary Internet Files\Content.IE5\SGIFEICH\IWON[1].exe (Adware.Iwon)
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org
Database version: 4690
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/25/2010 6:04:56 AM
mbam-log-2010-09-25 (06-04-56).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 203326
Time elapsed: 1 hour(s), 8 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information\_restore{D49421FB-E761-4C81-8804-061F5C4C95D6}\RP46\A0008526.exe (Patch.NetworkMagic)
D:\Documents and Settings\UTHAYA\Local Settings\Temporary Internet Files\Content.IE5\SGIFEICH\IWON[1].exe (Adware.Iwon)
motji píše:Hezké odpoledne
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Re: Prosim o preventivku
V mbamu vše smažte.
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosim o preventivku
Moc dekuji za veskere rady. Jelikoz jsem mel problemy s internetem odepisuji az nyni.
Jeste jednou dekuji moc.
Pocitac se zda lepsi jen nekdy se mi obcas sekne.
Jeste jednou dekuji moc.
Pocitac se zda lepsi jen nekdy se mi obcas sekne.
motji píše:V mbamu vše smažte.
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Re: Prosim o preventivku
Občas - to znamená kdy, při jaké činnosti?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?