tady jsou logy:
Incident Status Location
Potentially unwanted tool:application/winfixer2005 Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\UWFX5_0001_N56M0311NetInstaller.exe
Adware:adware/azesearch Not disinfected C:\WINDOWS\efefdfddfsdh.tmp
Adware:adware/cws.searchmeup Not disinfected C:\WINDOWS\uniq
Adware:adware/ist.istbar Not disinfected Windows Registry
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\kysela_jaroslav\Cookies\kysela_jaroslav@toplist[1].txt
Joke:Joke/Geschenk Not disinfected Složky archivu\Smazaná pošta\Doručená pošta\Pepa\FW: Držák na kafe\Držák.zip[Droák.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\kysela_jaroslav\Dokumenty\Záloha\SOFTWARE\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\kysela_jaroslav\Dokumenty\Záloha\SOFTWARE\smitRem.exe[Process.exe]
Joke:Joke/MouseShoot Not disinfected C:\Documents and Settings\kysela_jaroslav\Dokumenty\Záloha\SOFTWARE\ZÁLOHOVÁNO 11.1.06\Myš na monitoru.zip[Gmickey.exe]
Adware:Adware/IST.ISTBar Not disinfected C:\Program Files\Jubster\Downloads\Hi Tack - Say Say Say (tocadisco Radio Mix).mp3[Ogg-Mp3 Plugin.exe]
Adware:Adware/IST.ISTBar Not disinfected C:\Program Files\Jubster\Downloads\Hi Tack - Say Say Say (tocadisco Radio Mix).mp3[Ogg License(ACCEPT TERMS OF USE FIRST!).exe]
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\WINDOWS\Downloaded Program Files\UWFX5_0001_N56M0311NetInstaller.exe
Virus:Exploit/iFrame Disinfected Mstn sloky\Doruen pota\Mail Delivery (failure beranek.marek@meva.cz)\~0000003.~
Virus:Exploit/iFrame Disinfected Mstn sloky\Doruen pota\Undeliverable: Mail Delivery (failure kmebfdlaa.jradova@uti.cz)\~0000006.~
Ad-Aware SE Build 1.06r1
Logfile Created on:10. února 2006 12:30:44
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R90 03.02.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
10.2.2006 12:30:44 - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 532
ThreadCreationTime : 10.2.2006 8:52:42
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 588
ThreadCreationTime : 10.2.2006 8:52:45
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 612
ThreadCreationTime : 10.2.2006 8:52:46
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 656
ThreadCreationTime : 10.2.2006 8:52:48
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Operační systém Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Všechna práva vyhrazena.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 668
ThreadCreationTime : 10.2.2006 8:52:49
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 832
ThreadCreationTime : 10.2.2006 8:52:51
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 892
ThreadCreationTime : 10.2.2006 8:52:52
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1016
ThreadCreationTime : 10.2.2006 8:52:53
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 10.2.2006 8:52:54
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1188
ThreadCreationTime : 10.2.2006 8:52:56
BasePriority : Normal
FileVersion : 5.1.2600.1699 (xpsp2.050610-1533)
ProductVersion : 5.1.2600.1699
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:11 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1452
ThreadCreationTime : 10.2.2006 8:53:03
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:12 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1508
ThreadCreationTime : 10.2.2006 8:53:03
BasePriority : Normal
FileVersion : 7,1,0,364
ProductVersion : 7.1.0.364
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:13 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1520
ThreadCreationTime : 10.2.2006 8:53:04
BasePriority : Normal
FileVersion : 7,0,0,346
ProductVersion : 7.0.0.346
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:14 [kpf4ss.exe]
FilePath : C:\Program Files\Kerio\Personal Firewall 4\
ProcessID : 1560
ThreadCreationTime : 10.2.2006 8:53:04
BasePriority : Normal
FileVersion : 4.2.2
ProductVersion : 4.2.2
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - Service
InternalName : kpf4ss
LegalCopyright : Copyright (C) 1997-2005 Kerio Technologies
OriginalFilename : kpf4ss.EXE
Comments : Kerio Personal Firewall 4 - Service
#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1640
ThreadCreationTime : 10.2.2006 8:53:05
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Průzkumník Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Všechna práva vyhrazena.
OriginalFilename : EXPLORER.EXE
#:16 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ProcessID : 1836
ThreadCreationTime : 10.2.2006 8:53:11
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe
#:17 [kpf4gui.exe]
FilePath : C:\Program Files\Kerio\Personal Firewall 4\
ProcessID : 1928
ThreadCreationTime : 10.2.2006 8:53:12
BasePriority : Normal
FileVersion : 4.2.2
ProductVersion : 4.2.2
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright (C) 1997-2005 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI
#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 188
ThreadCreationTime : 10.2.2006 8:53:15
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:19 [kpf4gui.exe]
FilePath : C:\Program Files\Kerio\Personal Firewall 4\
ProcessID : 120
ThreadCreationTime : 10.2.2006 8:53:38
BasePriority : Normal
FileVersion : 4.2.2
ProductVersion : 4.2.2
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright (C) 1997-2005 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI
#:20 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2728
ThreadCreationTime : 10.2.2006 11:13:00
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : S-1-5-21-1187956126-3989087272-3002280659-1115\Software\Microsoft\Internet Explorer\MainStart Pageseznam.cz
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Disk Scan Result for C:\DOCUME~1\KYSELA~1\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 0
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1187956126-3989087272-3002280659-1115\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1187956126-3989087272-3002280659-1115\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1187956126-3989087272-3002280659-1115\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
12:36:14 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:30.499
Objects scanned:70964
Objects identified:0
Objects ignored:0
New critical objects:0
Kontrolu logu - sám se vypíná pc + ps guard
-
mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
Měl bys to dělat všechno v nouzáku. V plném režimu se to asi zase nepovede. Nemůžeš zrušit to přihlašování a zrušit hesla? Určitě to jde. Měl by tu být ještě log z HJT, a udělat to všechno v součinnosti. Takže tohle zatím ještě nedělej, a pošli ten log. Já ti potom dopíšu co dělat. Hlavně zkoušej ten nouzák:
Panda ti napsala, že nevyléčila soubory:
C:\WINDOWS\DOWNLOADED PROGRAM FILES\UWFX5_0001_N56M0311NetInstaller.exe = Winfixer 2005C:\WINDOWS\efefdfddfsdh.tmp = Adware-ZSearch [McAfee], Trojan.Magise [Symantec], TROJ_MAGISE.A [TREND], teď má zase jiné jméno!
najdi a smaž
Tyhle soubory zkontroluj na Jottiscanu:
C:\WINDOWS\uniq
C:\Program Files\Jubster\Downloads\Hi Tack - Say Say Say (tocadisco Radio Mix).mp3[Ogg-Mp3 Plugin.exe]
C:\Program Files\Jubster\Downloads\Hi Tack - Say Say Say (tocadisco Radio Mix).mp3[Ogg License(ACCEPT TERMS OF USE FIRST!).exe] = řádí v nich Ist.ISTbar
Stáhni si Counter Spya projeď komp.
Koukni se do kompu po těchto souborech:
uopcjly.exe
ztoolber.dll
ztoolbar.dll
ztoolb009.dll
ztoolb006.dll
ztoolb005.dll
ztoolb004.dll
ztoolb002.dll
zsettings.dll
zolker005.dll
Co najdeš, smaž
V registrech:
HKEY_CLASSES_ROOT\clsid\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}
HKEY_CLASSES_ROOT\clsid\{b75f75b8-93f3-429d-ff34-660b206d897a}
HKEY_CLASSES_ROOT\clsid\{d7bf3304-138b-4dd5-86ee-491bb6a2286c}
HKEY_CLASSES_ROOT\clsid\{fff5092f-7172-4018-827b-fa5868fb0478}
HKEY_CLASSES_ROOT\interface\{6deee498-08cc-43f0-bca0-dbb5a25c9501}
HKEY_CLASSES_ROOT\interface\{dcfab192-4a0e-4720-8e24-70d5f0cb8c39}
HKEY_CLASSES_ROOT\interface\{f4394f24-163d-430b-b5af-b68b56031b99}
HKEY_CLASSES_ROOT\typelib\{84c94803-b5ec-4491-b2be-7b113e013b77}
HKEY_CLASSES_ROOT\ztoolbar.activator
HKEY_CLASSES_ROOT\ztoolbar.activator.1
HKEY_CLASSES_ROOT\ztoolbar.paramwr
HKEY_CLASSES_ROOT\ztoolbar.paramwr.1
HKEY_CLASSES_ROOT\ztoolbar.stockbar
HKEY_CLASSES_ROOT\ztoolbar.stockbar.1
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar {a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar a6790aa5-c6c7-4bcf-a46d-0fdac4ea99eb
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{fff5092f-7172-4018-827b-fa5868fb0478}
HKEY_LOCAL_MACHINE\software\zsearchco
HKEY_LOCAL_MACHINE\software\zsearchco\zsearch
najdi a smaž.
V doručené poště ti to vykazuje viry:
Joke:Joke/Geschenk Not disinfected Složky archivu\Smazaná pošta\Doručená pošta\Pepa\FW: Držák na kafe\Držák.zip[Droák.exe]
Virus:Exploit/iFrame Disinfected Mstn sloky\Doruen pota\Mail Delivery (failure beranek.marek@meva.cz)\~0000003.~
Virus:Exploit/iFrame Disinfected Mstn sloky\Doruen pota\Undeliverable: Mail Delivery (failure kmebfdlaa.jradova@uti.cz)\~0000006.~
Najdi a smaž
Panda ti napsala, že nevyléčila soubory:
C:\WINDOWS\DOWNLOADED PROGRAM FILES\UWFX5_0001_N56M0311NetInstaller.exe = Winfixer 2005C:\WINDOWS\efefdfddfsdh.tmp = Adware-ZSearch [McAfee], Trojan.Magise [Symantec], TROJ_MAGISE.A [TREND], teď má zase jiné jméno!
najdi a smaž
Tyhle soubory zkontroluj na Jottiscanu:
C:\WINDOWS\uniq
C:\Program Files\Jubster\Downloads\Hi Tack - Say Say Say (tocadisco Radio Mix).mp3[Ogg-Mp3 Plugin.exe]
C:\Program Files\Jubster\Downloads\Hi Tack - Say Say Say (tocadisco Radio Mix).mp3[Ogg License(ACCEPT TERMS OF USE FIRST!).exe] = řádí v nich Ist.ISTbar
Stáhni si Counter Spya projeď komp.
Koukni se do kompu po těchto souborech:
uopcjly.exe
ztoolber.dll
ztoolbar.dll
ztoolb009.dll
ztoolb006.dll
ztoolb005.dll
ztoolb004.dll
ztoolb002.dll
zsettings.dll
zolker005.dll
Co najdeš, smaž
V registrech:
HKEY_CLASSES_ROOT\clsid\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}
HKEY_CLASSES_ROOT\clsid\{b75f75b8-93f3-429d-ff34-660b206d897a}
HKEY_CLASSES_ROOT\clsid\{d7bf3304-138b-4dd5-86ee-491bb6a2286c}
HKEY_CLASSES_ROOT\clsid\{fff5092f-7172-4018-827b-fa5868fb0478}
HKEY_CLASSES_ROOT\interface\{6deee498-08cc-43f0-bca0-dbb5a25c9501}
HKEY_CLASSES_ROOT\interface\{dcfab192-4a0e-4720-8e24-70d5f0cb8c39}
HKEY_CLASSES_ROOT\interface\{f4394f24-163d-430b-b5af-b68b56031b99}
HKEY_CLASSES_ROOT\typelib\{84c94803-b5ec-4491-b2be-7b113e013b77}
HKEY_CLASSES_ROOT\ztoolbar.activator
HKEY_CLASSES_ROOT\ztoolbar.activator.1
HKEY_CLASSES_ROOT\ztoolbar.paramwr
HKEY_CLASSES_ROOT\ztoolbar.paramwr.1
HKEY_CLASSES_ROOT\ztoolbar.stockbar
HKEY_CLASSES_ROOT\ztoolbar.stockbar.1
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar {a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar a6790aa5-c6c7-4bcf-a46d-0fdac4ea99eb
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{fff5092f-7172-4018-827b-fa5868fb0478}
HKEY_LOCAL_MACHINE\software\zsearchco
HKEY_LOCAL_MACHINE\software\zsearchco\zsearch
najdi a smaž.
V doručené poště ti to vykazuje viry:
Joke:Joke/Geschenk Not disinfected Složky archivu\Smazaná pošta\Doručená pošta\Pepa\FW: Držák na kafe\Držák.zip[Droák.exe]
Virus:Exploit/iFrame Disinfected Mstn sloky\Doruen pota\Mail Delivery (failure beranek.marek@meva.cz)\~0000003.~
Virus:Exploit/iFrame Disinfected Mstn sloky\Doruen pota\Undeliverable: Mail Delivery (failure kmebfdlaa.jradova@uti.cz)\~0000006.~
Najdi a smaž
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti