Before we put a new drive for extra space, we'd like to know if this one is clean. Thank you in advance... you are the only one we trust.:drinks: Our fingers are crossed, and we eagerly await your reply. Thanks again.:beer:
Printable View
Before we put a new drive for extra space, we'd like to know if this one is clean. Thank you in advance... you are the only one we trust.:drinks: Our fingers are crossed, and we eagerly await your reply. Thanks again.:beer:
Hello.
As far as I see, there is nothing definitely harmful in your logs. But there are several files that look suspicious for me. If you want to check them, please, execute the script:[code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe','');
QuarantineFile('C:\WINDOWS\system32\ShellExt\HashCheck.dll','');
QuarantineFile('C:\WINDOWS\system32\ShellExt\CmdOpen.dll','');
QuarantineFile('C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll','');
QuarantineFile('C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll','');
BC_ImportquarantineList;
BC_Activate;
RebootWindows(true);
end.[/code] After restart, upload quarantine via the link [url]http://virusinfo.info/upload_virus_eng.php?tid=55084[/url] as it's described in app.3 of the rules.
I'd say also that your Internet Explorer's settings are of very low security, even dangerous. If you want to make them slightly better, execute the second script:[code]begin
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
end.[/code] [b]Internet Explorer must be closed when you execute it[/b].
And
[QUOTE=jmattes;470839]Thank you in advance... you are the only one we trust.:drinks: [/QUOTE]You have to trust nobody, because everybody can make mistakes. We aren't exclusion ;)
[size="1"][color="#666686"][B][I]Добавлено через 10 часов 54 минуты[/I][/B][/color][/size]
Ok. All files you've uploaded are clean, so, think, your PC is clean as well.
:clapping::clapping::clapping::clapping::clapping::clapping::clapping:i love you people!!