Omlouvám se. Tady je ten log z HJT.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:16, on 24.4.2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Users\Anett\Downloads\hijackthis(2).exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SetDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVRedirector - AVSoftware, Ltd - C:\Program Files (x86)\Hide The IP\data\AVLib.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Roxio File Backup Service (CEEBC40A-FDED-4C59-B354-939132350B01) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hide The IP Service (htisvcfwm) - AVSoftware - C:\Program Files (x86)\Hide The IP\data\htisvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8930 bytes
Combofix
ComboFix 12-04-24.02 - Anett 24.04.2012 21:49:27.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4077.2647 [GMT 2:00]
Spuštěný z: c:\users\Anett\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Anett\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\combofix\CF28718.3XE"
"c:\windows\inst_tsp.exe"
"c:\windows\inst_tspx.exe"
"c:\windows\killproc.exe"
"c:\windows\winsbak.reg"
"c:\windows\winsbak2.reg"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\inst_tsp.exe
c:\windows\inst_tspx.exe
c:\windows\killproc.exe
c:\windows\winsbak.reg
c:\windows\winsbak2.reg
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-24 do 2012-04-24 )))))))))))))))))))))))))))))))
.
.
2012-04-24 19:53 . 2012-04-24 19:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-24 19:09 . 2012-04-24 19:09 -------- d-----w- c:\windows\LastGood.Tmp
2012-04-24 19:08 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-04-24 19:08 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-04-24 19:08 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-04-24 19:07 . 2012-04-24 19:07 -------- d-----w- c:\program files\iPod
2012-04-24 19:07 . 2012-04-24 19:08 -------- d-----w- c:\program files\iTunes
2012-04-24 19:07 . 2012-04-24 19:08 -------- d-----w- c:\program files (x86)\iTunes
2012-04-24 19:07 . 2012-04-24 19:07 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-04-24 19:07 . 2012-04-24 19:07 -------- d-----w- c:\program files\Common Files\Apple
2012-04-24 19:06 . 2012-04-24 19:06 -------- d-----w- c:\program files\Bonjour
2012-04-24 19:06 . 2012-04-24 19:06 -------- d-----w- c:\program files (x86)\Bonjour
2012-04-24 19:06 . 2012-04-24 19:07 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-04-22 14:07 . 2012-04-22 14:07 -------- d-----w- c:\program files\Defraggler
2012-04-20 12:58 . 2012-04-22 13:44 -------- d-----w- c:\users\Anett\AppData\Roaming\EPSON
2012-04-20 12:44 . 2012-04-20 12:44 -------- d-----w- c:\programdata\UDL
2012-04-20 12:42 . 2012-04-20 12:42 -------- d-----w- c:\program files\Epson Software
2012-04-17 22:03 . 2012-04-17 22:03 -------- d-----w- c:\users\Anett\creepy
2012-04-17 22:03 . 2012-04-22 13:58 -------- d-----w- c:\program files (x86)\creepy
2012-04-10 22:55 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-10 22:55 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-10 22:55 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-10 22:55 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-10 22:55 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-10 22:55 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-10 22:55 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-09 17:23 . 2012-04-09 17:23 -------- d-----w- c:\users\Anett\AppData\Roaming\Auslogics
2012-04-09 16:35 . 2012-04-09 16:35 -------- d-----w- c:\program files\ESET
2012-04-04 11:56 . 2012-04-07 22:28 -------- d-----w- c:\users\Anett\AppData\Local\PokerStars.NET
2012-04-04 11:56 . 2012-04-04 11:56 -------- d-----w- c:\program files (x86)\PokerStars.NET
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-04-02 08:08 . 2012-04-13 20:08 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-02 07:41 . 2012-04-13 20:08 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 20:08 . 2011-11-14 09:56 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-09 17:09 . 2012-01-04 10:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-20 05:50 . 2012-03-20 05:50 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-02-24 15:36 . 2012-02-24 15:36 572928 ----a-w- c:\windows\SysWow64\msvcp90.dll
2012-02-24 15:36 . 2012-02-24 15:36 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll
2012-02-23 13:39 . 2012-02-23 13:39 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2012-02-23 13:39 . 2012-02-23 13:39 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2012-02-22 01:16 . 2012-02-24 15:33 702216 ----a-w- c:\windows\system32\mwtsp.dll
2012-02-22 01:16 . 2012-02-24 15:30 702216 ----a-w- c:\windows\SysWow64\mwtsp64.dll
2012-02-22 01:15 . 2012-02-24 15:30 629000 ----a-w- c:\windows\SysWow64\mwtsp.dll
2012-02-22 01:14 . 2012-02-24 15:33 207112 ----a-w- c:\windows\system32\mwnsp.dll
2012-02-22 01:14 . 2012-02-24 15:30 207112 ----a-w- c:\windows\SysWow64\mwnsp64.dll
2012-02-22 01:14 . 2012-02-24 15:30 212744 ----a-w- c:\windows\SysWow64\mwnsp.dll
2012-02-22 01:14 . 2012-02-24 15:30 689928 ----a-w- c:\windows\SysWow64\eslogon.dll
2012-02-22 01:14 . 2012-02-24 15:30 1877256 ----a-w- c:\windows\SysWow64\contfilt.dll
2012-02-22 01:14 . 2012-02-24 15:33 2345224 ----a-w- c:\windows\system32\contfilt.dll
2012-02-22 01:14 . 2012-02-24 15:30 2345224 ----a-w- c:\windows\SysWow64\contf64.dll
2012-02-22 01:13 . 2012-02-24 15:30 3099912 ----a-w- c:\windows\SysWow64\ASAPSDK.DLL
2012-02-17 06:38 . 2012-03-14 08:46 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 08:46 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 08:46 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 08:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 09:01 . 2012-02-15 09:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 09:01 . 2012-02-15 09:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-10 06:36 . 2012-03-14 08:48 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-14 08:48 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-08 07:13 . 2012-03-16 21:15 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{84DD5092-B915-483B-8D6E-3F622A9CD95A}\mpengine.dll
2012-02-03 04:34 . 2012-03-14 08:48 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-02 12:57 . 2012-02-02 12:57 808440 ----a-w- c:\windows\SysWow64\CDDBUI.dll
2012-02-02 12:57 . 2012-02-02 12:57 796152 ----a-w- c:\windows\SysWow64\CDDBControl.dll
2012-01-31 12:44 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-27 13:27 . 2012-01-27 13:27 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-24_14.17.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-30 21:05 . 2011-08-30 21:05 50536 c:\windows\SysWOW64\jdns_sd.dll
+ 2011-08-30 21:05 . 2011-08-30 21:05 73064 c:\windows\SysWOW64\dnssd.dll
+ 2011-08-30 21:05 . 2011-08-30 21:05 83816 c:\windows\SysWOW64\dns-sd.exe
+ 2010-11-21 03:09 . 2012-04-24 17:36 65950 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-24 17:36 45338 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-11-14 15:16 . 2012-04-24 17:36 15994 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-42510566-1014113567-1088135144-1001_UserData.bin
+ 2011-08-30 21:05 . 2011-08-30 21:05 61288 c:\windows\system32\jdns_sd.dll
+ 2012-04-24 19:08 . 2009-05-18 11:17 34152 c:\windows\system32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspiWDM.sys
- 2009-07-14 05:30 . 2012-04-20 12:45 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-04-24 19:09 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-15 09:01 . 2012-02-15 09:01 52736 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaapl64.sys
+ 2011-08-02 14:38 . 2011-08-02 14:38 22528 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\netaapl64.sys
+ 2011-08-30 21:05 . 2011-08-30 21:05 85864 c:\windows\system32\dnssd.dll
+ 2011-08-30 21:05 . 2011-08-30 21:05 96104 c:\windows\system32\dns-sd.exe
+ 2011-11-14 15:22 . 2012-04-24 14:37 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-14 15:22 . 2012-04-24 14:13 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-14 15:22 . 2012-04-24 14:13 81920 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-14 15:22 . 2012-04-24 14:37 81920 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-24 14:13 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-24 14:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-24 19:07 . 2012-04-24 19:07 27136 c:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
- 2012-04-24 14:16 . 2012-04-24 14:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-24 19:53 . 2012-04-24 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-24 14:16 . 2012-04-24 14:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-24 19:53 . 2012-04-24 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-30 21:05 . 2011-08-30 21:05 178536 c:\windows\SysWOW64\dnssdX.dll
+ 2012-04-24 19:08 . 2008-04-17 10:12 126312 c:\windows\system32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspi64.dll
+ 2012-04-24 19:08 . 2008-04-17 10:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspi.dll
- 2009-07-14 05:30 . 2012-04-20 12:45 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-04-24 19:09 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-04-20 12:36 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-04-24 19:07 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-08-30 21:05 . 2011-08-30 21:05 212840 c:\windows\system32\dnssdX.dll
- 2009-07-14 05:01 . 2012-04-24 14:16 379928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-24 19:53 379928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-24 19:08 . 2012-04-24 19:08 380928 c:\windows\Installer\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}\iTunesIco.exe
- 2012-04-24 13:54 . 2012-04-24 13:54 4876056 c:\windows\system32\FNTCACHE.DAT
+ 2012-04-24 17:34 . 2012-04-24 17:34 4876056 c:\windows\system32\FNTCACHE.DAT
+ 2012-02-15 09:01 . 2012-02-15 09:01 4547944 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_c111aaecb61e9a2b\usbaaplrc.dll
+ 2011-08-02 14:38 . 2011-08-02 14:38 1721576 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\wdfcoinstaller01009.dll
+ 2011-11-14 09:46 . 2012-04-24 17:33 4135214 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-42510566-1014113567-1088135144-1001-12288.dat
+ 2012-04-24 19:09 . 2011-08-02 16:38 4517664 c:\windows\LastGood.Tmp\System32\usbaaplrc.dll
+ 2012-03-06 17:42 . 2012-03-06 17:42 2323456 c:\windows\Installer\54d061.msi
+ 2012-03-06 17:39 . 2012-03-06 17:39 2682368 c:\windows\Installer\54d055.msi
+ 2011-11-14 09:25 . 2012-04-24 19:53 21264004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-42510566-1014113567-1088135144-1001-8192.dat
+ 2012-03-06 19:48 . 2012-03-06 19:48 48986624 c:\windows\Installer\54d065.msi
+ 2012-03-06 17:33 . 2012-03-06 17:33 11105280 c:\windows\Installer\54d05b.msi
+ 2012-03-06 16:15 . 2012-03-06 16:15 20396032 c:\windows\Installer\54d04f.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-04 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"SetDefaultSCR"="c:\program files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe" [2009-12-31 102400]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 esihdrv;esihdrv;c:\users\Anett\AppData\Local\Temp\esihdrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVRedirector;AVRedirector;c:\program files (x86)\Hide The IP\data\AVLib.EXE [2011-07-01 3208096]
S2 CEEBC40A-FDED-4C59-B354-939132350B01;Roxio File Backup Service;c:\program files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe [2010-08-30 96752]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - AVSoftwareHTIFirewall
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Anett\AppData\Roaming\Mozilla\Firefox\Profiles\e7xruh55.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:f5,5e,6e,eb,c9,ec,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e7,82,9e,31,bf,07,70,4c,aa,25,30,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e7,82,9e,31,bf,07,70,4c,aa,25,30,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hide The IP\data\htisvc.exe
.
**************************************************************************
.
Celkový čas: 2012-04-24 21:56:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-24 19:56
ComboFix2.txt 2012-04-24 17:37
ComboFix3.txt 2012-04-24 17:03
ComboFix4.txt 2012-04-24 15:35
ComboFix5.txt 2012-04-24 19:48
.
Před spuštěním: Volných bajtů: 527 822 114 816
Po spuštění: Volných bajtů: 527 785 455 616
.
- - End Of File - - AEB158922E54AB3BB95B76C0CC9AD09C
Prosím o kontrolu logu Vyřešeno
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
A ještě log z rkill.
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 24.04.2012 at 22:04:07.
Operating System: Windows 7 Home Premium
Processes terminated by Rkill or while it was running:
C:\windows\SysWOW64\rundll32.exe
Rkill completed on 24.04.2012 at 22:04:14.
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 24.04.2012 at 22:04:07.
Operating System: Windows 7 Home Premium
Processes terminated by Rkill or while it was running:
C:\windows\SysWOW64\rundll32.exe
Rkill completed on 24.04.2012 at 22:04:14.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Toto otestuj na Virustotal
c:\program files (x86)\Hide The IP\data\htisvc.exe
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.
Vlož nový log z HJT+ info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Nový log z HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:42:30, on 25.4.2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Anett\Downloads\hijackthis(2).exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SetDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVRedirector - AVSoftware, Ltd - C:\Program Files (x86)\Hide The IP\data\AVLib.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Roxio File Backup Service (CEEBC40A-FDED-4C59-B354-939132350B01) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hide The IP Service (htisvcfwm) - AVSoftware - C:\Program Files (x86)\Hide The IP\data\htisvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8705 bytes
Virustotal byl čistý na c:\program files (x86)\Hide The IP\data\htisvc.exe
Zatím vypadá, že problém se zamrzáním internetu je ok.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:42:30, on 25.4.2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Anett\Downloads\hijackthis(2).exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SetDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVRedirector - AVSoftware, Ltd - C:\Program Files (x86)\Hide The IP\data\AVLib.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Roxio File Backup Service (CEEBC40A-FDED-4C59-B354-939132350B01) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hide The IP Service (htisvcfwm) - AVSoftware - C:\Program Files (x86)\Hide The IP\data\htisvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8705 bytes
Virustotal byl čistý na c:\program files (x86)\Hide The IP\data\htisvc.exe
Zatím vypadá, že problém se zamrzáním internetu je ok.
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
A ten T-Cleaner mi nejde spustit, i když deaktivuji antivir a chci to spustit, píše to že nemám oprávnění k programu který chci pustit.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned )
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
Znáš to? mělas někdy COMODO , vypadá to že je to Comodo Secure DNS Servers...
Návod
Kód: Vybrat vše
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned )
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
Znáš to? mělas někdy COMODO , vypadá to že je to Comodo Secure DNS Servers...
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
COMODO jsem měla, ale včera odinstalovala.
ToolsCleaner2 a TFC jsem udělala.
Ale když dám fix v HJT vyskočí mi toto okno
"Hijackthis is about to remove a BHO and the corresponding file from your system. Close all Internet Explorer windows and all windows Explorer windows before continuing for the best chance of success."
přitom jsem všechny okna zavřela a nikde nevidím, že by byla otevřená další. Když okno s upozorněním odkliknu odstaní se pouze "R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local" ale ostatní zůstanou.
ToolsCleaner2 a TFC jsem udělala.
Ale když dám fix v HJT vyskočí mi toto okno
"Hijackthis is about to remove a BHO and the corresponding file from your system. Close all Internet Explorer windows and all windows Explorer windows before continuing for the best chance of success."
přitom jsem všechny okna zavřela a nikde nevidím, že by byla otevřená další. Když okno s upozorněním odkliknu odstaní se pouze "R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local" ale ostatní zůstanou.
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Zkus ho spustit jako správce
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Těd už to jde.
A tyhle mám taky dát fix?
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
A tyhle mám taky dát fix?
O17 - HKLM\System\CCS\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{41957598-A272-4B08-8A51-418486F362F2}: NameServer = 8.26.56.26,156.154.70.22
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Pokud nemáš comodo, tak taky
Jak to vypadá teď s chováním PC?
Jak to vypadá teď s chováním PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
cheztweedy
- nováček
- Příspěvky: 29
- Registrován: duben 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Vymazáno. Dneska je to po dlouhé době, co mi internet fungeje jak má. Děkuji moc za pomoc.
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu Vyřešeno
Pokud nejsou problémy, můžeš dát vyřešeno
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 116 hostů