PROSIM POMOC !!! infikovany komp

Polys

zdar tak mam dost velky problem aspon premna. Vkuse mi vyhadzuje ze mam infikovany komp Worm win32 booster spyware, trojana a vsetko mozne ze som obet internetoveho utoku a vyskakuje mi stale system alert neviem co stym uz som skusal aviru, spyware doctor, avast, aware, spyboot a stale to tam mam kazdu sekundu mi vyskakuje alert a posiela ma na stranky antivirusovych programov prosim pomozte. Zacalo to potom ako som na jedne stranke dal stiahnut ovladace na prehravanie clipu dik moc

tomas2893

Myslim, ze toho by si sa uplne nezbavil aj keby chces, najjednoduchsie bude FORMAT DISK. Zmen si nazov threadub do vystiznej podoby

Polys

super takze mozem kupit externy hdd skopirovat veci ktore potrebujem a sformatovat pc nieje ine riesenie? a co mam zmenit?

skus postnut screen tej hlasky. ak ta odkazuje na "nejake antiviry", tak pravdepodobne ide o smitfraud.

v tom pripade pomoze toto:
http://siri.geekstogo.com/SmitfraudFix.php

skus ale postnut viac info. najlepsie zacat tym screenom hlasok.
popripade postni log z HijackThis.

br4n0

Screeny nemusis, tie hlasky dobre poznam. Smitfraudfix mozes skusit (v nudzovom rezime) a prihoD log z combofix.

//Nestahuj taketo blbosti, na video nepotrebujes nijaky extra kodek, je to podvod.

Polys

tak skusam ten fraud nechcem nic pokazit takze som dal search a mam log co mam robit dalej? clean? dik moc za ochotu

br4n0

Clean. Log je len na kontrolu.

Polys

ja len zeby som vsetko nevymazal nahodou lebo tam je killing

v tomto smere som lama dik za trpezlivost

Polys

takze som dal clean po restarte mi uz len vyhadilo antispyware master ako stale to bol program ktory sa automaticky stiahol po hlaskach typu system alert a odkazoval ma stale na zaplatenie licensie. Zatial vsetko vyzera ok tak uvidim dik kazdemu

br4n0

Ak mas stale problem, posli combofix log.

Polys

omboFix 08-04-18.3 - poly 2008-04-19 12:34:30.1 - NTFSx86
System Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.2300 [GMT 1:00]
Running from: C:\Documents and Settings\poly.REBORN\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\poly.REBORN\Application Data\inst.exe
C:\Documents and Settings\poly.REBORN\Desktopblackbird.jpg
C:\Documents and Settings\poly.REBORN\DesktopEditorFKWP1.5.exe
C:\Documents and Settings\poly.REBORN\DesktopEditorFKWP2.0.exe
C:\Documents and Settings\poly.REBORN\Desktopfilemanagerclient.exe
C:\Documents and Settings\poly.REBORN\Desktopfkwp1.5.exe
C:\Documents and Settings\poly.REBORN\Desktopfkwp2.0.exe
C:\Documents and Settings\poly.REBORN\Desktopfwebd.exe
C:\Documents and Settings\poly.REBORN\DesktopFWebdEditor.exe
C:\Documents and Settings\poly.REBORN\DesktopTrojan.Win32.BlackBird.exe
C:\WINDOWS\a.bat
C:\WINDOWS\bdn.com
C:\WINDOWS\iTunesMusic.exe
C:\WINDOWS\mssecu.exe
C:\WINDOWS\rs.txt
C:\WINDOWS\system32\setupzorg.exe
C:\WINDOWS\system32\Ultra.dll
C:\WINDOWS\system32\WvwFffii.ini
C:\WINDOWS\system32\WvwFffii.ini2
C:\WINDOWS\system32akttzn.exe
C:\WINDOWS\system32anticipator.dll
C:\WINDOWS\system32awtoolb.dll
C:\WINDOWS\system32bdn.com
C:\WINDOWS\system32bsva-egihsg52.exe
C:\WINDOWS\system32dpcproxy.exe
C:\WINDOWS\system32emesx.dll
C:\WINDOWS\system32h@tkeysh@@k.dll
C:\WINDOWS\system32hoproxy.dll
C:\WINDOWS\system32hxiwlgpm.dat
C:\WINDOWS\system32hxiwlgpm.exe
C:\WINDOWS\system32medup012.dll
C:\WINDOWS\system32medup020.dll
C:\WINDOWS\system32msgp.exe
C:\WINDOWS\system32msnbho.dll
C:\WINDOWS\system32mssecu.exe
C:\WINDOWS\system32msvchost.exe
C:\WINDOWS\system32mtr2.exe
C:\WINDOWS\system32mwin32.exe
C:\WINDOWS\system32netode.exe
C:\WINDOWS\system32newsd32.exe
C:\WINDOWS\system32ps1.exe
C:\WINDOWS\system32psof1.exe
C:\WINDOWS\system32psoft1.exe
C:\WINDOWS\system32regc64.dll
C:\WINDOWS\system32regm64.dll
C:\WINDOWS\system32Rundl1.exe
C:\WINDOWS\system32sncntr.exe
C:\WINDOWS\system32ssurf022.dll
C:\WINDOWS\system32ssvchost.com
C:\WINDOWS\system32ssvchost.exe
C:\WINDOWS\system32sysreq.exe
C:\WINDOWS\system32taack.dat
C:\WINDOWS\system32taack.exe
C:\WINDOWS\system32temp#01.exe
C:\WINDOWS\system32thun.dll
C:\WINDOWS\system32thun32.dll
C:\WINDOWS\system32VBIEWER.OCX
C:\WINDOWS\system32vbsys2.dll
C:\WINDOWS\system32vcatchpi.dll
C:\WINDOWS\system32winlogonpc.exe
C:\WINDOWS\system32winsystem.exe
C:\WINDOWS\system32WINWGPX.EXE
C:\WINDOWS\Web\def.htm

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_NWSAPAGENT
-------\Service_6to4
-------\Service_NwSapAgent

((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 )))))))))))))))))))))))))))))))
.

2008-04-19 12:34 . 2008-04-19 12:34 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-04-19 12:32 . 2008-04-19 12:41 137,248 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-19 12:32 . 2008-04-19 12:37 2,420 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-19 11:50 . 2008-04-19 12:24 3,024 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-19 11:49 . 2008-04-19 11:57 <DIR> d-------- C:\Documents and Settings\poly.REBORN\SmitfraudFix
2008-04-19 11:49 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-19 11:49 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-19 11:49 . 2008-04-14 19:28 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-19 11:49 . 2008-04-12 13:49 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-19 11:49 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-19 11:49 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-19 11:49 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-19 11:46 . 2008-04-19 11:47 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-04-19 11:38 . 2008-04-19 12:38 <DIR> d-------- C:\Program Files\Trojan Remover
2008-04-19 11:38 . 2008-04-19 11:38 <DIR> d-------- C:\Documents and Settings\poly.REBORN\Application Data\Simply Super Software
2008-04-19 11:38 . 2008-04-19 11:38 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Simply Super Software
2008-04-19 11:38 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-04-19 11:38 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-04-19 11:31 . 2008-04-19 11:31 <DIR> d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Moje dokumenty
2008-04-19 11:09 . 2008-04-19 11:20 <DIR> d-------- C:\Program Files\Norton AntiVirus
2008-04-19 11:05 . 2008-04-19 11:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-19 10:54 . 2008-04-19 12:11 <DIR> d-------- C:\Program Files\AntiSpywareMaster
2008-04-19 10:52 . 2008-04-19 11:21 1,540,677 ---hs---- C:\WINDOWS\system32\feoqraxw.ini
2008-04-19 10:15 . 2008-04-19 10:15 <DIR> d-------- C:\install
2008-04-19 09:56 . 2008-04-19 11:39 <DIR> d-------- C:\Program Files\ASUS WiFi-AP Solo
2008-04-19 09:56 . 2006-06-16 08:30 176,128 --a------ C:\WINDOWS\system32\drivers\RTL8187.sys
2008-04-19 09:56 . 2008-04-19 09:56 21,035 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2008-04-19 09:56 . 2006-03-31 04:39 13,532 --a------ C:\WINDOWS\system32\drivers\SjyPkt.sys
2008-04-18 23:43 . 2008-04-18 23:43 0 --ah----- C:\Documents and Settings\poly.REBORN\ntuser.dat_TU_72642.LOG
2008-04-18 23:43 . 2008-04-18 23:43 0 --ah----- C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT_TU_88673.LOG
2008-04-18 23:43 . 2008-04-18 23:43 0 --ah----- C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat_TU_41591.LOG
2008-04-18 21:34 . 2008-04-19 11:20 <DIR> d-------- C:\Documents and Settings\poly.REBORN\Application Data\TmpRecentIcons
2008-04-18 21:20 . 2008-04-18 23:24 <DIR> d-------- C:\Program Files\ICQToolbar
2008-04-18 21:14 . 2008-04-18 21:20 <DIR> d-------- C:\Program Files\ICQ6
2008-04-18 20:51 . 2008-04-18 23:31 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-04-18 18:56 . 2008-04-18 21:32 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\apsnmpwj
2008-04-18 18:56 . 2008-04-18 16:48 94,208 --a------ C:\WINDOWS\npqtsrak.exe
2008-04-18 18:56 . 2008-04-18 16:48 81,920 --a------ C:\WINDOWS\rtqmekwg.exe
2008-04-13 17:52 . 2008-04-13 17:52 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-13 17:52 . 2008-04-13 17:52 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-06 17:05 . 2008-04-06 17:05 <DIR> d-------- C:\Program Files\GameShadow
2008-03-23 14:45 . 2008-04-19 09:55 25,742 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-03-22 18:22 . 2008-03-22 18:22 <DIR> d-------- C:\Program Files\thriXXX
2008-03-22 14:23 . 2008-03-22 14:23 <DIR> d-------- C:\Program Files\Raven
2008-03-22 12:26 . 2008-03-22 12:26 <DIR> d-------- C:\Program Files\Activision Value
2008-03-21 23:32 . 2008-03-21 23:32 <DIR> d-------- C:\Program Files\Webteh
2008-03-21 23:25 . 2008-03-21 23:25 <DIR> d-------- C:\Program Files\ratDVD

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 11:42 --------- d-----w C:\Documents and Settings\poly.REBORN\Application Data\Skype
2008-04-19 11:39 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-04-19 11:24 --------- d-----w C:\Program Files\FlashGet
2008-04-19 11:16 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-19 10:39 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2008-04-19 10:16 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-04-19 10:16 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-04-19 10:16 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-04-19 10:16 --------- d-----w C:\Program Files\Symantec
2008-04-19 09:09 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2008-04-19 08:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-18 22:54 --------- d-----w C:\Program Files\CyberLink
2008-04-18 21:24 --------- d-----w C:\Program Files\Morpheus
2008-04-13 17:26 --------- d-----w C:\Program Files\Mv2Player
2008-04-11 16:55 --------- d-----w C:\Program Files\Ares
2008-04-06 15:49 --------- d-----w C:\Program Files\Eidos
2008-04-06 15:45 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-04-06 14:18 --------- d-----w C:\Program Files\TV JOJ Media Player
2008-04-05 18:55 --------- d-----w C:\Program Files\Spyware Doctor
2008-04-04 21:02 --------- d-----w C:\Program Files\Czech Soccer Manager 2002 FE
2008-03-17 20:38 --------- d-----w C:\Program Files\Activision
2008-03-15 14:49 --------- d-----w C:\Program Files\Common Files\DirectX
2008-03-15 14:35 --------- d-----w C:\Program Files\EA GAMES
2008-03-12 20:41 --------- d-----w C:\Program Files\Codemasters
2008-03-12 20:20 --------- d-----w C:\Program Files\Ubisoft
2008-03-10 20:50 --------- d-----w C:\Documents and Settings\poly.REBORN\Application Data\Winamp
2008-03-10 17:51 --------- d-----w C:\Documents and Settings\poly.REBORN\Application Data\PC Tools
2008-03-09 21:23 --------- d-----w C:\Program Files\Naevius 3GP Converter
2008-03-09 15:10 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-07 20:06 --------- d-----w C:\Program Files\Warcraft III
2008-03-05 17:07 --------- d-----w C:\Documents and Settings\poly.REBORN\Application Data\Ubisoft
2008-03-05 17:07 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2008-02-28 14:21 102,400 ----a-w C:\WINDOWS\AwdSLP.exe
2008-02-28 12:49 --------- d-----w C:\Program Files\TweakXP 2
2008-02-28 00:22 --------- d-----w C:\Program Files\RivaTuner v2.06
2008-02-26 23:44 --------- d-----w C:\Program Files\Lavasoft
2008-02-26 22:09 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
2008-02-26 22:02 --------- d-----w C:\Documents and Settings\poly.REBORN\Application Data\SiteAdvisor
2008-02-25 23:32 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-01-18 04:09 22,328 ----a-w C:\Documents and Settings\poly.REBORN\Application Data\PnkBstrK.sys
2007-12-05 20:14 47,360 ----a-w C:\Documents and Settings\poly.REBORN\Application Data\pcouffin.sys
2007-10-17 21:15 21 ------w C:\Program Files\Common Files\appop.log
2004-08-09 23:30 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

Kód: Vybrať všetko

<pre>
----a-w         6,637,696 2006-12-07 12:24:48  C:\Documents and Settings\poly.REBORN\My Documents\programy\Alcohol_120__1.9.6_4719\Alcohol 120% 1.9.6 (4719) Retail\Alcohol 120% 1.9.6 (4719) Retail .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 13:00 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 14:31 22880040]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 20:25 81920]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-10-11 14:43 181496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 07:22 843776]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-05-18 15:26 729088]
"KMCONFIG"="C:\Program Files\Silvercrest OM1007 driver\StartAutorun.exe" [2007-03-06 15:51 212992]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-11-06 21:00 8523776]
"nwiz"="nwiz.exe" [2007-11-06 21:00 1626112 C:\WINDOWS\system32\nwiz.exe]
"D3DOverrider"="C:\Program Files\RivaTuner v2.06\Tools\D3DOverrider\D3DOverrider.exe" [2007-10-30 19:05 53248]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 13:55 1103240]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-09-03 04:04 84640]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2006-09-05 22:22 26248]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-04-19 11:41 503376]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"AVP"="C:\Documents and Settings\All Users.WINDOWS\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.04.2008_15-47.exe" [2007-10-12 16:29 212992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"qWc0suysZM"= C:\Documents and Settings\All Users.WINDOWS\Application Data\apsnmpwj\wlgxufsj.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)
"NoLogoff"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJCVomj]
mlJCVomj.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"Comrade.exe"=C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
"btbb_wcm_McciTrayApp"=C:\Program Files\btbb_wcm\McciTrayApp.exe
"Launch Ai Booster"="C:\Program Files\ASUS\AI Booster\OverClk.exe"
"Ai Gear Help"="C:\Program Files\ASUS\Ai Gear\GearHelp.exe"
"Flashget"=C:\Program Files\FlashGet\flashget.exe /min
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"C:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe"=
"C:\\Program Files\\BitLord\\Downloads\\Counter-Strike 1.6 + Half-Life\\hl.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files\Silvercrest OM1007 driver\KMWDSrv.exe [2007-06-16 10:30]
R2 UxTuneUp;TuneUp rozsiøeni vzhledu;C:\WINDOWS\System32\svchost.exe [2002-12-31 13:00]
R3 KMWDFilter;KMWDFilter;C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [2007-06-13 12:09]
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2002-12-31 13:00]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 08:30]
S2 setup_7.0.0.180_18.04.2008_15-47;setup_7.0.0.180_18.04.2008_15-47;"C:\Documents and Settings\All Users.WINDOWS\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.04.2008_15-47.exe" -r []
S3 BS_DEF;BS_DEF;C:\Program Files\ASUS\AsusUpdate\BS_DEF.sys []
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2006-03-31 04:39]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-04-06 16:45]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\setup\rsrc\Autorun.exe
\Shell\dinstall\command - E:\Directx\dxsetup.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-19 10:13:46 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - poly.job"
- C:\PROGRA~1\NORTON~1\Navw32.exep/TASK:
"2008-04-19 11:38:36 C:\WINDOWS\Tasks\uklid 1 kliknutim.job"

br4n0

Slusna nadielka.

Stiahni otmoveit a skopiruj donho:

Kód: Vybrať všetko

C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\feoqraxw.ini
C:\WINDOWS\npqtsrak.exe
C:\WINDOWS\rtqmekwg.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\apsnmpwj
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run\\qWc0suysZM
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJCVomj
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E

a moveit!

kaspersky mozes odinstalovat kliknutim na Complete Antivirus Protection

Polys

no tak som to spravil ako si poradil este neake instrukcie????

br4n0

Vsetko. Ide to dobre?

Polys

jasne zatial vsetko fachci dik moc vazne ti dakujem