VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Je skutecne odstraneno?

https://forum.viry.cz:443/viewtopic.php?t=107122

Stránka 1 z 1

Je skutecne odstraneno?

Napsal: 01 pro 2010 14:09
od HVLAD
Dobry den,

mel bych dotaz. pred par dny jsem k notebooku pripojil flash disk moji mamy a nahral na nej nejake soubory. Anitivr (kaspersky internet security 2010) mi hodil hlaseni o pritomnosti viru (nejaky worm) a ze jej odstranil. Proskenoval jsem celou flashku a nasel dalsi dva wormy i ty byly odstraneny. Kdyz jsem pak flash projel jeste jednou uz nic nenasel. V hlaseni udalosti jsou vsechny viry napsany jako odstranene a nezobrazuji se jako aktivni hrozby. Pri skenu pocitace antivir taky nic nenasel. Chci se zeptat nakolik je mozne ze se mi do pocitace neco dostalo i kdyz antivir nic nehlasi?

Diky moc

Re: Je skutecne odstraneno?

Napsal: 01 pro 2010 17:01
od earl
Zdravim,

pripojte usb flash disk k notebooku a provedte nasledujici:

:arrow: Nainstalujte a spustte AutorunRemover

:arrow: Stahnete,ulozte na plochu a spustte FlashDisinfector

:arrow: Stahnete RSIT ,

spustte, kliknete na continue, po dokonceni by se mel otevrit textovy soubor - pokud se tak

nestane, nachazi se zde: C:\rsit\log.txt.Obsah logu vlozte sem.V pripade nejasnosti navod

zde

Re: Je skutecne odstraneno?

Napsal: 01 pro 2010 17:51
od HVLAD
Diky,

dostanu se k tomu az behem vikendu. Predpokladam ze log mam pak vlozit sem?

Re: Je skutecne odstraneno?

Napsal: 01 pro 2010 17:59
od earl
Samozrejme.

Pocitejte ale s tim,ze vir v notebooku je a muze dal rozvijet svou cinnost...

Re: Je skutecne odstraneno?

Napsal: 04 pro 2010 12:56
od HVLAD
Dobry den,

tak jsem pouzil ten autoremover, nenašel virz ani na Flash, ani na disku ani v paměti. Flashdisinfektor se mi nepovedlo spustit.
Zde je log z RSIT.

aLogfile of random's system information tool 1.08 (written by random/random)
Run by VL at 2010-12-04 12:54:37
Microsoft Windows 7 Home Premium
System drive C: has 158 GB (34%) free of 465 GB
Total RAM: 3999 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:54:50, on 4.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe
C:\Program Files\trend micro\VL.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4941d929
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4941d929
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4941d929
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4941d929
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9848 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" -r
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
"C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtblfs.exe" -Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b58cdd85-100b-44a4-ba9a-6ac52d2a2fb4 -SystemEventPortName:HostProcess-17b2b248-1c52-4024-a08d-acae353d5f6e -IoCancelEventPortName:HostProcess-26d21f22-f1f7-49fb-bb11-ffaaf6a0ad4c -NonStateChangingEventPortName:HostProcess-50a314de-f4b1-4e30-a956-2cf27121d975 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0be16163-81ec-4c8f-9c51-e477ebc18b9d
"C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"taskhost.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\VL\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll [2009-10-20 61456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [2009-10-20 345104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-09-27 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA5A2A9E-DF07-4a8e-B423-BC5CD4D1880C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-08 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-08 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-08 365592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-30 200704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-08-22 340520]
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-09-27 202256]
"AutorunRemover.exe"=C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe [2010-11-30 3956224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2009-10-20 224272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-04 12:46:28 ----D---- C:\Program Files\trend micro
2010-12-04 12:46:25 ----D---- C:\rsit
2010-12-04 12:12:42 ----D---- C:\Program Files (x86)\AutorunRemover
2010-11-16 21:07:31 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-16 21:05:19 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-11-16 21:05:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-11-16 21:05:16 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-11-16 21:05:16 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-16 21:03:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-11-16 20:59:41 ----A---- C:\Windows\system32\mfps.dll
2010-11-16 20:59:40 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2010-11-16 20:59:40 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2010-11-16 20:59:40 ----A---- C:\Windows\system32\mfreadwrite.dll
2010-11-16 20:59:38 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-11-16 20:59:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2010-11-16 20:59:37 ----A---- C:\Windows\system32\mf.dll
2010-11-06 11:39:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-11-06 11:39:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-11-06 11:39:18 ----A---- C:\Windows\SYSWOW64\java.exe
2010-11-06 11:39:18 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-11-06 11:33:58 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-11-06 11:33:58 ----A---- C:\Windows\system32\msdri.dll
2010-11-06 11:33:57 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-06 11:33:34 ----A---- C:\Windows\system32\drivers\Diskdump.sys

======List of files/folders modified in the last 1 months======

2010-12-04 12:54:43 ----D---- C:\Windows\Temp
2010-12-04 12:46:28 ----RD---- C:\Program Files
2010-12-04 12:12:51 ----D---- C:\Windows\System32
2010-12-04 12:12:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-04 12:12:50 ----D---- C:\Windows\inf
2010-12-04 12:12:42 ----RD---- C:\Program Files (x86)
2010-12-04 12:02:06 ----D---- C:\Windows\system32\config
2010-12-04 11:51:19 ----D---- C:\Windows\Prefetch
2010-12-04 11:50:45 ----SHD---- C:\System Volume Information
2010-12-04 11:49:27 ----D---- C:\Windows\system32\catroot
2010-12-04 11:46:06 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-28 12:33:21 ----D---- C:\Windows
2010-11-28 12:21:33 ----D---- C:\Windows\winsxs
2010-11-28 12:08:59 ----SHD---- C:\Windows\Installer
2010-11-28 12:08:49 ----HD---- C:\ProgramData
2010-11-21 13:12:07 ----D---- C:\Windows\Microsoft.NET
2010-11-21 11:51:17 ----D---- C:\Windows\debug
2010-11-21 11:47:05 ----D---- C:\Program Files (x86)\Windows Live
2010-11-21 11:43:58 ----RSD---- C:\Windows\assembly
2010-11-21 11:42:30 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-11-21 11:41:42 ----SD---- C:\ProgramData\Microsoft
2010-11-21 11:41:09 ----D---- C:\Windows\SysWOW64
2010-11-21 11:40:49 ----D---- C:\Windows\system32\drivers
2010-11-21 11:38:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-18 20:58:00 ----D---- C:\ProgramData\Microsoft Help
2010-11-18 20:51:32 ----A---- C:\Windows\system32\MRT.exe
2010-11-17 13:03:30 ----A---- C:\Windows\cdplayer.ini
2010-11-17 11:04:40 ----D---- C:\Windows\system32\catroot2
2010-11-16 21:14:08 ----SD---- C:\Users\VL\AppData\Roaming\Microsoft
2010-11-16 21:02:11 ----D---- C:\Windows\SoftwareDistribution
2010-11-13 16:37:51 ----D---- C:\Windows\rescache
2010-11-07 20:36:08 ----D---- C:\Users\VL\AppData\Roaming\Real
2010-11-07 16:50:49 ----D---- C:\Windows\ehome
2010-11-06 23:56:36 ----D---- C:\Windows\AppPatch
2010-11-06 11:58:56 ----D---- C:\Windows\system32\NDF
2010-11-06 11:39:11 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 KLBG;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 157712]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-03-06 353296]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 27152]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-08-22 340520]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-------------

Jeste bych jen doplnil ze kdyz jsem k pocitaci pripojil druhou falshku(tu jsem bez premysleni pripojil k notebooku po zachyceni vyse zminene infekce a pak i ke stolnimu pocitaci, takže předpokládám, že pokud mam v notebooku vir tak se dostal i do stolního) tak ten autoronvirsu remover našel na flashce virus (antivir nic nezachytil)
- autorun.inf ale na tehle flashce je nainstalovaný portableapps a ten soubor jsem na disku normálně našel. Neodstranil jsem ho protože remover chce plnou verzi aby jej mohl odstranit - navic je ten autorun mozna v poradku.
V antiviru sem si takz našel jake viry zachytil:
1*P2P-Worm.Win32.Palevo.awww
3*Worm.Win32.AutoIt.xl
2*P2P-Worm.Win32.Palevo.ayal

Re: Je skutecne odstraneno?

Napsal: 04 pro 2010 22:07
od earl
Ja jsem samozrejme mel na mysli tu flashku,po jejimz pripojeni do pc hlasil antivir virus.

Takze soubor,ktery antivir oznacuje za virus otestujte na VIRUSTOTALu a JOTTISCANu
(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledky sem vlozte)

Pokud skener napíše, že soubor již byl testován, dejte otestovat znovu.

Mate v pc Kasperskeho,McAfee a Nortona - takze dva z nich odinstalujte pres uninstal a pc vycistete Ccleanerem.,at se tam ty antiviry netlucou.

Re: Je skutecne odstraneno?

Napsal: 05 pro 2010 11:55
od HVLAD
Diky za odpověď,

omlouvám se nevyjádřil jsem se jasně.
1. Jsem použil míminu flashku na které byly výše zmíněné viry. Ty jsou hlášené jako odstraněné a neaktivní hrozby - tváří se jako neutralizované. Scan Kasperskym na notebooku ani na stolním počítači už nic nenachází a hlásí že tam nejsou žádné hrozby. Autorun Virus Remover nic nenašel ani na táhle flashce.
2. Když jste psal ať počítám že se mi virz dostalz do počítače znervózněl jsem a protože jsem po té co mi počítač hlásil vyr na první flashce ještě k němu připojoval druhou flashku tak jsem otestoval i tu(později jsem jí připojoval i ke stolnímu počítači a bál jsem abz vir nedostal i on. Nicméně kaspersky ani na této flashce nic nenašel, ale Autorun Virus remover našel Autorun.inf(na flashce mám portable apps). Jak jste napsal poslal jsem ten soubor na virus scan. zde je výsledek:
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
Autorun.inf
Submission date:
2010-12-05 10:34:31 (UTC)
Current status:
queued (#3) queued (#3) analysing finished
Result:
2/ 43 (4.7%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.12.05.00 2010.12.04 -
AntiVir 7.10.14.189 2010.12.03 -
Antiy-AVL 2.0.3.7 2010.12.05 -
Avast 4.8.1351.0 2010.12.04 -
Avast5 5.0.677.0 2010.12.04 -
AVG 9.0.0.851 2010.12.04 -
BitDefender 7.2 2010.12.05 -
CAT-QuickHeal 11.00 2010.12.04 -
ClamAV 0.96.4.0 2010.12.05 -
Command 5.2.11.5 2010.12.04 -
Comodo 6952 2010.12.05 -
DrWeb 5.0.2.03300 2010.12.05 -
Emsisoft 5.0.0.50 2010.12.05 -
eSafe 7.0.17.0 2010.12.02 -
eTrust-Vet 36.1.8018 2010.12.05 -
F-Prot 4.6.2.117 2010.12.04 -
F-Secure 9.0.16160.0 2010.12.05 -
Fortinet 4.2.254.0 2010.12.04 -
GData 21 2010.12.05 -
Ikarus T3.1.1.90.0 2010.12.05 -
Jiangmin 13.0.900 2010.12.05 -
K7AntiVirus 9.70.3162 2010.12.04 -
Kaspersky 7.0.0.125 2010.12.05 -
McAfee 5.400.0.1158 2010.12.05 Generic!atr.b
McAfee-GW-Edition 2010.1C 2010.12.05 -
Microsoft 1.6402 2010.12.05 -
NOD32 5674 2010.12.04 -
Norman 6.06.10 2010.12.04 -
nProtect 2010-12-05.01 2010.12.05 -
Panda 10.0.2.7 2010.12.05 -
PCTools 7.0.3.5 2010.12.05 -
Prevx 3.0 2010.12.05 -
Rising 22.76.05.00 2010.12.05 -
Sophos 4.60.0 2010.12.05 -
SUPERAntiSpyware 4.40.0.1006 2010.12.05 -
Symantec 20101.2.0.161 2010.12.05 -
TheHacker 6.7.0.1.094 2010.12.01 Trojan/Small.autorun
TrendMicro 9.120.0.1004 2010.12.05 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.05 -
VBA32 3.12.14.2 2010.12.03 -
VIPRE 7517 2010.12.05 -
ViRobot 2010.12.4.4185 2010.12.04 -
VirusBuster 13.6.74.0 2010.12.04 -
Additional information
Show all
MD5 : 412ac30ceb48b331d3ee412ba2ee18b0
SHA1 : eddbbe9ab815f555b88e1162e4decb1351af5898
SHA256: 3337ec3fd5456ebb1d34d42fcc4307e00717bcb63a59d626f87fb767e6bb891f
ssdeep: 3:03BqVucAXipB/W0rBkPKypB/WyiK4AXipB/W0rCHsYyREpB/Wym:SqwcAQpQHpJ4AQp+yippG
File size : 122 bytes
First seen: 2009-03-15 17:33:39
Last seen : 2010-12-05 10:34:31
TrID:
Generic INI configuration (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

jettiscan je momentálně nefunkční, když bude potřeba tak jej ještě dopošlu.
3. McAffe a Norton - Norton jsem na počítači měl, ale to už je dlouho. Teď už tam je jen Norton Online Backup - ani ho nemám aktivovaný, MCAfee nemůžu v počítači najít, ale mám dojem že jsem jeden čas měl nainstalovaný site advisor od McAfee. Žádný ze dvou výše zmíněných antivirů nemám v sezanmu programu ani ve Windows ani v CCcleaneru.

Jinak je log čistý?

Díkz moc

Re: Je skutecne odstraneno?

Napsal: 05 pro 2010 12:04
od earl
Takze dle meho nazoru je to ok.

:arrow: Jeste osetrete obe flashky Flash Disinfectorem,dle mnou popsaneho navodu.

:arrow: Stahnete OTC

spustte a klepnete na CleanUp.

Obrázek

:arrow: Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo :D )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

A hotovo.

Re: Je skutecne odstraneno?

Napsal: 05 pro 2010 12:51
od HVLAD
Diky moc, ulevilo se mi, že je komp čistej a log v pohodě. Jinak projel sem ho CCcleanerem jak jste poradil (mmch já ho používám tak jednou do měsíce a historii stránek ani cookies neukládám). Jediný problém je že ten flashdisinfektor mi nějak nefunguje. Prostě se nespustí(I když ho spustím jako správce).

Každopádně díky

Re: Je skutecne odstraneno?

Napsal: 06 pro 2010 18:35
od earl
Ono to skoro nejde poznat,ze se spustil.Trva to tak sekundu.

A jinak nemate samozrejme zac.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz