třeba tady:
http://www.microsoft.com/downloads/deta ... layLang=en
změň si jen dole jazyk na czech
trojan
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
pozdrav
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
S tou instalací SP2 ještě chvíli počkej.
Stáhni si SUPERAntiSpyware
Nainstaluj a spusť ho a klikni na tlačítko Check for Updates...
Po provedení Update klikni na tlačítko: Scan your computer
Zvol možnost: Perform Complete Scan a klikni na tlačítko Další >
Proběhne kontrola, po skončení vypíše vše co našel.
Ujisti se že všechny položko jsou zaškrtnuty a pak zvol tlačítko Další
Pak klikni na tlačítko Finish a měl by ses dostat na úvodní obrazovku.
Tam klikni na tlačítko: Preferences... a tam zvol záložku Statistics/Logs
Tam klikni na log s dnešním datem který tam bude a dej tlačítko: View Log...
Otevře se ti Okno s logem tak jeho obsah sem zkopíruj.
+
dej nový log z HJT.
Stáhni si SUPERAntiSpyware
Nainstaluj a spusť ho a klikni na tlačítko Check for Updates...
Po provedení Update klikni na tlačítko: Scan your computer
Zvol možnost: Perform Complete Scan a klikni na tlačítko Další >
Proběhne kontrola, po skončení vypíše vše co našel.
Ujisti se že všechny položko jsou zaškrtnuty a pak zvol tlačítko Další
Pak klikni na tlačítko Finish a měl by ses dostat na úvodní obrazovku.
Tam klikni na tlačítko: Preferences... a tam zvol záložku Statistics/Logs
Tam klikni na log s dnešním datem který tam bude a dej tlačítko: View Log...
Otevře se ti Okno s logem tak jeho obsah sem zkopíruj.
+
dej nový log z HJT.
Kdyz jsem dnes zapnul PC, objevili se mi tyhle dve okna:
Zprava od system Alert dne 31.10. 2007 8:05:27
Stop! Windows Requires immediate atention.
Windiws has found critical systemerrors.
Run registry repair from http://fix64.com
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORUPTION!
A DRUHA ZPRAVA:
ZPRAVA OD REGISTRY PRO SYSTEM dne31.10 8:10:12
Stop! registry errors can cause severe data loss
SCAN CRITICAL SYSTEM ERRORS:
to scan and fix errors please di the folowing:
1. download registry cleaner from http://www.scanpc32.com
2. instal registry cleaner
3. run registry cleaner 4.reboot your computer
failure to act may lead to data loss and coruption!
tak co s tim? mam postupovat podle toho navodu?
Zprava od system Alert dne 31.10. 2007 8:05:27
Stop! Windows Requires immediate atention.
Windiws has found critical systemerrors.
Run registry repair from http://fix64.com
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORUPTION!
A DRUHA ZPRAVA:
ZPRAVA OD REGISTRY PRO SYSTEM dne31.10 8:10:12
Stop! registry errors can cause severe data loss
SCAN CRITICAL SYSTEM ERRORS:
to scan and fix errors please di the folowing:
1. download registry cleaner from http://www.scanpc32.com
2. instal registry cleaner
3. run registry cleaner 4.reboot your computer
failure to act may lead to data loss and coruption!
tak co s tim? mam postupovat podle toho navodu?
Nebude rychlejší zformátovat disk a preinstalovat xp?? už mě to nebaví, peru sae s tím 3dny, AVG našlo spoustu souboru z infekcí, smazal jsem je, vše je asi tak 8x pomalejší, pořád se seká počítač. scan se superantispyware uz jede 3a pul hodiny a projel toho tolik co rano za pul hodiny. zničim ten vir formatem?
tohle je z raniho scanu:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/31/2007 at 09:05 AM
Application Version : 3.9.1008
Core Rules Database Version : 3334
Trace Rules Database Version: 1335
Scan type : Complete Scan
Total Scan Time : 00:37:01
Memory items scanned : 356
Memory threats detected : 0
Registry items scanned : 3849
Registry threats detected : 19
File items scanned : 12194
File threats detected : 67
Trojan.Media-Codec/V4
HKLM\Software\Classes\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\Implemented Categories
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\InprocServer32
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ADD-ON\ICTMDL.DLL
HKLM\Software\Classes\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}#xxx
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}\InprocServer32
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ADD-ON\ISFMDL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
C:\Program Files\Video Add-on\icmntr.exe
C:\Program Files\Video Add-on\ictun.exe
C:\Program Files\Video Add-on\isfmm.exe
C:\Program Files\Video Add-on\isfmntr.exe
C:\Program Files\Video Add-on\isfun.exe
C:\Program Files\Video Add-on\ot.ico
C:\Program Files\Video Add-on\ts.ico
C:\Program Files\Video Add-on
Trojan.Smitfraud Variant
HKLM\Software\Classes\CLSID\{75a65a53-15c9-4a0c-bb40-a7ca8b24f544}
HKCR\CLSID\{75A65A53-15C9-4A0C-BB40-A7CA8B24F544}
HKCR\CLSID\{75A65A53-15C9-4A0C-BB40-A7CA8B24F544}\InProcServer32
HKCR\CLSID\{75A65A53-15C9-4A0C-BB40-A7CA8B24F544}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\UGBTNA.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{75a65a53-15c9-4a0c-bb40-a7ca8b24f544}
Adware.Tracking Cookie
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[5].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@revsci[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@mediaplex[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.cmedia.com[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@atwola[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[4].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@c-media[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@toplist[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@rambler[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@showit[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@2o7[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@zedo[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@cgi[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@ads.foceni[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@ad.allstar[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.malwareburn[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.antivirgear[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@counter.cnw[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@cmedia.com[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.viruslocker[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@jizdnirady.idnes[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@ad.wz[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@ad.yieldmanager[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@ads.adbrite[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atdmt[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atwola[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@css-cansei-de-ser-sexy-bra~37265[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@doubleclick[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@flixbanner.bearshare[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@mediablog[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@mediaservices.myspace[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@revsci[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@statsadv.dada[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@toplist[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@upspiral[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@windowsmedia[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@www.upspiral[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@atwola[2].txt
C:\Documents and Settings\PETRA\Cookies\petra@clickteam[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@toplist[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@2o7[2].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@atdmt[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@atwola[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@doubleclick[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@edsa.122.2o7[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@sonyeurope.112.2o7[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@statse.webtrendslive[2].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@toplist[1].txt
Malware.LocusSoftware Inc/BestSellerAntivirus
C:\DOCUMENTS AND SETTINGS\ANYTKA\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\5ORRAGLO\INSTALL_EN[1].EXE
C:\DOCUMENTS AND SETTINGS\SLWUŠKA\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\EX0BAPO1\SETUP_EN[1].EXE
C:\DOCUMENTS AND SETTINGS\VLASTNíK\DATA APLIKACí\SETUP_EN[1].EXE
Browser Hijacker.Favorites
C:\DOCUMENTS AND SETTINGS\PETRA\OBLíBENé POLOžKY\ONLINE SECURITY TEST.URL
C:\RECYCLER\S-1-5-21-1292428093-492894223-1343024091-1006\DC3.URL
C:\RECYCLER\S-1-5-21-1292428093-492894223-1343024091-1006\DC4.URL
a tohle ted z vecera:'
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/31/2007 at 10:10 PM
Application Version : 3.9.1008
Core Rules Database Version : 3334
Trace Rules Database Version: 1335
Scan type : Complete Scan
Total Scan Time : 03:36:07
Memory items scanned : 397
Memory threats detected : 0
Registry items scanned : 3944
Registry threats detected : 0
File items scanned : 26416
File threats detected : 92
Adware.Tracking Cookie
C:\Documents and Settings\Vlastník\Cookies\vlastník@atwola[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@toplist[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@rambler[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@2o7[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@cgi[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@2o7[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atdmt[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atwola[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@doubleclick[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@fliptrack[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@toplist[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@2o7[2].txt
C:\Documents and Settings\PETRA\Cookies\petra@atwola[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@counter.cnw[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@2o7[1].txt
Malware.LocusSoftware Inc/BestSellerAntivirus
C:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP41\A0029141.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP41\A0029142.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP41\A0029143.EXE
D:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP36\A0027461.EXE
D:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP36\A0027464.EXE
D:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP36\A0027466.EXE
Trace.Known Threat Sources
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\nav_r[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\block_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\logo_bot[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\fl_sep[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\WXGZG7WF\logo_top[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\bul[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\flag_fr[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\slogan[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\main[1].css
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\b_r[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\blur[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\test[1].swf
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\WXGZG7WF\r[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\b_l[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\CXOD2J41\fl_l[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\WXGZG7WF\top_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\flag_uk[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\h[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\CXOD2J41\btn_get[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\nav_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\flash_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\QNAZIX6J\screen[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\slogan[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\flag_uk[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\block_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\main[1].css
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\fl_sep[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\blur[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\logo_top[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\button_support[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\nav_r[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\r[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\b_l[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\fl_l[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\h[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\screen[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\flag_fr[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\logo_bot[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\home[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\button_company_pressed[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\button_privacy[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\button_buy_pressed[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\b_r[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\btn_get[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\logo[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\test[1].swf
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\top_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\bul[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\special_offer[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\top_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\EX0BAPO1\flash_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\features[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\main_bg_fill[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\viruslocker[1]
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\nav_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\style[1].css
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\email[2].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\bn_download[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\button_download[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\icon_scan[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\EX0BAPO1\line_dotted[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\button_features[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\button_affiliates[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\button_company[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\viruslocker[1]
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\images[1].js
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\button_privacy_pressed[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\EX0BAPO1\button_buy[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\icon_update[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\button_support_pressed[1].gif
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/31/2007 at 09:05 AM
Application Version : 3.9.1008
Core Rules Database Version : 3334
Trace Rules Database Version: 1335
Scan type : Complete Scan
Total Scan Time : 00:37:01
Memory items scanned : 356
Memory threats detected : 0
Registry items scanned : 3849
Registry threats detected : 19
File items scanned : 12194
File threats detected : 67
Trojan.Media-Codec/V4
HKLM\Software\Classes\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\Implemented Categories
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\InprocServer32
HKCR\CLSID\{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ADD-ON\ICTMDL.DLL
HKLM\Software\Classes\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}#xxx
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}\InprocServer32
HKCR\CLSID\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\VIDEO ADD-ON\ISFMDL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B499D34E-58EF-4927-AB9F-7AF52B2C4C82}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}
C:\Program Files\Video Add-on\icmntr.exe
C:\Program Files\Video Add-on\ictun.exe
C:\Program Files\Video Add-on\isfmm.exe
C:\Program Files\Video Add-on\isfmntr.exe
C:\Program Files\Video Add-on\isfun.exe
C:\Program Files\Video Add-on\ot.ico
C:\Program Files\Video Add-on\ts.ico
C:\Program Files\Video Add-on
Trojan.Smitfraud Variant
HKLM\Software\Classes\CLSID\{75a65a53-15c9-4a0c-bb40-a7ca8b24f544}
HKCR\CLSID\{75A65A53-15C9-4A0C-BB40-A7CA8B24F544}
HKCR\CLSID\{75A65A53-15C9-4A0C-BB40-A7CA8B24F544}\InProcServer32
HKCR\CLSID\{75A65A53-15C9-4A0C-BB40-A7CA8B24F544}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\UGBTNA.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{75a65a53-15c9-4a0c-bb40-a7ca8b24f544}
Adware.Tracking Cookie
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[5].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@revsci[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@mediaplex[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.cmedia.com[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@atwola[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[4].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@c-media[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@toplist[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@rambler[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@showit[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@2o7[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@zedo[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@cgi[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@ads.foceni[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@ad.allstar[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.malwareburn[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.antivirgear[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@counter.cnw[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@cmedia.com[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@www.viruslocker[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@jizdnirady.idnes[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@ad.wz[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@ad.yieldmanager[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@ads.adbrite[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atdmt[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atwola[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@css-cansei-de-ser-sexy-bra~37265[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@doubleclick[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@flixbanner.bearshare[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@mediablog[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@mediaservices.myspace[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@revsci[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@statsadv.dada[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@toplist[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@upspiral[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@windowsmedia[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@www.upspiral[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@atwola[2].txt
C:\Documents and Settings\PETRA\Cookies\petra@clickteam[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@toplist[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@2o7[2].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@atdmt[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@atwola[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@doubleclick[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@edsa.122.2o7[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@sonyeurope.112.2o7[1].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@statse.webtrendslive[2].txt
C:\Documents and Settings\SLWUŠKA\Cookies\slwuška@toplist[1].txt
Malware.LocusSoftware Inc/BestSellerAntivirus
C:\DOCUMENTS AND SETTINGS\ANYTKA\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\5ORRAGLO\INSTALL_EN[1].EXE
C:\DOCUMENTS AND SETTINGS\SLWUŠKA\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\EX0BAPO1\SETUP_EN[1].EXE
C:\DOCUMENTS AND SETTINGS\VLASTNíK\DATA APLIKACí\SETUP_EN[1].EXE
Browser Hijacker.Favorites
C:\DOCUMENTS AND SETTINGS\PETRA\OBLíBENé POLOžKY\ONLINE SECURITY TEST.URL
C:\RECYCLER\S-1-5-21-1292428093-492894223-1343024091-1006\DC3.URL
C:\RECYCLER\S-1-5-21-1292428093-492894223-1343024091-1006\DC4.URL
a tohle ted z vecera:'
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/31/2007 at 10:10 PM
Application Version : 3.9.1008
Core Rules Database Version : 3334
Trace Rules Database Version: 1335
Scan type : Complete Scan
Total Scan Time : 03:36:07
Memory items scanned : 397
Memory threats detected : 0
Registry items scanned : 3944
Registry threats detected : 0
File items scanned : 26416
File threats detected : 92
Adware.Tracking Cookie
C:\Documents and Settings\Vlastník\Cookies\vlastník@atwola[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@toplist[1].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@please[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@rambler[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@2o7[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@cgi[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@2o7[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atdmt[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@atwola[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@doubleclick[2].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@fliptrack[1].txt
C:\Documents and Settings\ANYTKA\Cookies\anytka@toplist[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@2o7[2].txt
C:\Documents and Settings\PETRA\Cookies\petra@atwola[1].txt
C:\Documents and Settings\PETRA\Cookies\petra@counter.cnw[2].txt
C:\Documents and Settings\Vlastník\Cookies\vlastník@2o7[1].txt
Malware.LocusSoftware Inc/BestSellerAntivirus
C:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP41\A0029141.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP41\A0029142.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP41\A0029143.EXE
D:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP36\A0027461.EXE
D:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP36\A0027464.EXE
D:\SYSTEM VOLUME INFORMATION\_RESTORE{59D60F9A-5546-400E-A643-BBE9074C5D92}\RP36\A0027466.EXE
Trace.Known Threat Sources
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\nav_r[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\block_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\logo_bot[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\fl_sep[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\WXGZG7WF\logo_top[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\bul[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\flag_fr[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\slogan[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\main[1].css
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\b_r[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\blur[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\test[1].swf
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\WXGZG7WF\r[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\b_l[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\CXOD2J41\fl_l[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\WXGZG7WF\top_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\flag_uk[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\h[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\CXOD2J41\btn_get[1].jpg
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\6H0ZEXQ5\nav_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\flash_bg[1].gif
C:\Documents and Settings\PETRA\Local Settings\Temporary Internet Files\Content.IE5\QNAZIX6J\screen[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\slogan[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\flag_uk[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\block_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\main[1].css
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\fl_sep[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\blur[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\logo_top[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\button_support[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\nav_r[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\r[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\b_l[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\fl_l[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\h[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\screen[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\flag_fr[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\logo_bot[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\home[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\button_company_pressed[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\button_privacy[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\button_buy_pressed[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\b_r[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\btn_get[1].jpg
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\logo[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\test[1].swf
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\top_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\bul[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\special_offer[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\top_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\EX0BAPO1\flash_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\features[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\main_bg_fill[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\SOGGXSP8\viruslocker[1]
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\nav_bg[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\style[1].css
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\email[2].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\bn_download[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\button_download[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\icon_scan[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\EX0BAPO1\line_dotted[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\OH6RW967\button_features[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\5ORRAGLO\button_affiliates[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\button_company[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\3AL3LANW\viruslocker[1]
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\images[1].js
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\8XAZIB0D\button_privacy_pressed[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\EX0BAPO1\button_buy[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\M7WZE9O7\icon_update[1].gif
C:\Documents and Settings\SLWUŠKA\Local Settings\Temporary Internet Files\Content.IE5\NYNTTYO1\button_support_pressed[1].gif
A tohle je HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:27, on 31.10.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\System32\svghost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\PROGRAMY\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,svghost.exe
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1292428093-492894223-1343024091-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SLWUŠKA')
O4 - HKUS\S-1-5-21-1292428093-492894223-1343024091-1004\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot (User 'SLWUŠKA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: CW App KB R9 - https://www.mojebanka.cz/jars/cwapp.cab
O16 - DPF: IB App KB R9 - https://www.mojebanka.cz/jars/ibapp.cab
O16 - DPF: KTPro SP KB R9 - https://www.mojebanka.cz/jars/ktpsp.cab
O16 - DPF: SH App KB R9 - https://www.mojebanka.cz/jars/shapp.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE (file missing)
--
End of file - 5388 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:27, on 31.10.2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\System32\svghost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\PROGRAMY\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,svghost.exe
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1292428093-492894223-1343024091-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'SLWUŠKA')
O4 - HKUS\S-1-5-21-1292428093-492894223-1343024091-1004\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot (User 'SLWUŠKA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O16 - DPF: CW App KB R9 - https://www.mojebanka.cz/jars/cwapp.cab
O16 - DPF: IB App KB R9 - https://www.mojebanka.cz/jars/ibapp.cab
O16 - DPF: KTPro SP KB R9 - https://www.mojebanka.cz/jars/ktpsp.cab
O16 - DPF: SH App KB R9 - https://www.mojebanka.cz/jars/shapp.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE (file missing)
--
End of file - 5388 bytes
dnes mi to zas hodilo tyto zpravy akorat s dnesnim datumem:
Zprava od system Alert dne 31.10. 2007 8:05:27
Stop! Windows Requires immediate atention.
Windiws has found critical systemerrors.
Run registry repair from http://fix64.com
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORUPTION!
A DRUHA ZPRAVA:
ZPRAVA OD REGISTRY PRO SYSTEM dne31.10 8:10:12
Stop! registry errors can cause severe data loss
SCAN CRITICAL SYSTEM ERRORS:
to scan and fix errors please di the folowing:
1. download registry cleaner from http://www.scanpc32.com
2. instal registry cleaner
3. run registry cleaner 4.reboot your computer
failure to act may lead to data loss and coruption!
A je tu nekdo nebo co???? uz si tu 2dny pisu sam se sebou.
Zprava od system Alert dne 31.10. 2007 8:05:27
Stop! Windows Requires immediate atention.
Windiws has found critical systemerrors.
Run registry repair from http://fix64.com
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORUPTION!
A DRUHA ZPRAVA:
ZPRAVA OD REGISTRY PRO SYSTEM dne31.10 8:10:12
Stop! registry errors can cause severe data loss
SCAN CRITICAL SYSTEM ERRORS:
to scan and fix errors please di the folowing:
1. download registry cleaner from http://www.scanpc32.com
2. instal registry cleaner
3. run registry cleaner 4.reboot your computer
failure to act may lead to data loss and coruption!
A je tu nekdo nebo co???? uz si tu 2dny pisu sam se sebou.
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Google [Bot] a 3 hosti