Potize nastaly vcera kdyz se nekolik ip adress pokusilo prihlasit na muj ucet, nez jsem dojedl obed,
tak se nekomu nejak povedlo zjistit heslo, a zmenit mi ho... to uz je ok, ale pak nastaly problemy i s emilovou chrankou... Ted jsem pro zmenu nasel 2 prusery v pc
1) traöjan
2) nwm co to je ...
NEustale mi to haze tabulku a trubi ....
Warning: Malware!
Identified by Normal as W32/Downloader Note:This worm\trojan is located in C:\%WINDIR%Temp\folder.
Note The filename spchost.exe has also ben identified with this
Keystroke Logger infection
jeste WINDEFENTED 2009 pise :
neco o Malware a ....
Davam sem pro jistotu i log z ....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:14, on 2.11.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Programy\Bluetooth Software\BTTray.exe
C:\Programy\Common\Bin\WinCinemaMgr.exe
C:\Programy\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Programy\Wallpaper Timer\walltimer.exe
C:\Programy\WinDefender\windef.exe
C:\Programy\WinDefender\windef.exe
C:\Programy\Ad-Aware SE Personal\Ad-Aware.exe
C:\Programy\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Cole2k Media Toolbar Helper - {08825191-C3C7-44e9-8CA6-07AB521FA8F2} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O2 - BHO: Game.OS - {3A303EF6-2598-4D2D-B4DA-DEFA7CD0DC51} - C:\WINDOWS\System32\gopfa.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Cole2k Media Toolbar - {015407A9-D183-4379-8452-DFD7C2297902} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Firewall auto setup] C:\DOCUME~1\Duck\LOCALS~1\Temp\winlogon.exe
O4 - HKCU\..\Run: [Walltimer] C:\Programy\Wallpaper Timer\walltimer.exe
O4 - HKCU\..\Run: [WinDefender2009] C:\Programy\WinDefender\windef.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programy\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programy\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programy\Bluetooth Software\bin\btwdins.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8315 bytes
Co mam delat, je to pro me dulezite, u pc travim casu a casu, ale nwm jak na toto,
navic hraji jednu hru, a jsem da se rici takova hlavni osoba... pl prosim pomozte pipa to kazdych 10-15 secund
Specha -Trojsky kun a kradeze hesla HiJackThis Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
Nikdy neinstalovat programy , které neznáš!!
Okamžitě odinstaluj toto:C:\Programy\WinDefender
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Okamžitě odinstaluj toto:C:\Programy\WinDefender
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
Takze jsem v posledni dobe instaloval 3 veci, dal jsem bod obnoveni systemu a vratil jsem to o mesic zpet....
tady je rychly scan:
Malwarebytes' Anti-Malware 1.30
Verze databáze: 1356
Windows 5.1.2600 Service Pack 1
3.11.2008 0:37:04
mbam-log-2008-11-03 (00-36-52).txt
Typ skenu: Rychlý sken
Objektu skenováno: 42857
Uplynulý cas: 2 minute(s), 35 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 1
Infikované klíce registru: 18
Infikované hodnoty registru: 1
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 4
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
Infikované klíce registru:
HKEY_CLASSES_ROOT\Interface\{48d78be5-cfb9-4b66-9ac4-96d4cf21de06} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7558e739-8e7c-44bb-bce7-1bf0d72b7026} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4bd2d6c3-31dc-b947-23d0-dc52ec4f0c4c} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{445a3d12-eba3-4054-ab54-587bf3ff40ea} (Trojan.Clicker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AcroIEHelper.dll (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhc5nhj0e1cv (Rogue.AntivirusXP2008) -> No action taken.
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
C:\WINDOWS\k.txt (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Duck\Oblíbené položky\SMS TRAP.url (Rogue.Link) -> No action taken.
a tady je i hloubkovi:
Malwarebytes' Anti-Malware 1.30
Verze databáze: 1356
Windows 5.1.2600 Service Pack 1
3.11.2008 0:29:29
mbam-log-2008-11-03 (00-29-15).txt
Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 156321
Uplynulý cas: 50 minute(s), 52 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 1
Infikované klíce registru: 18
Infikované hodnoty registru: 1
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 32
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
Infikované klíce registru:
HKEY_CLASSES_ROOT\Interface\{48d78be5-cfb9-4b66-9ac4-96d4cf21de06} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7558e739-8e7c-44bb-bce7-1bf0d72b7026} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4bd2d6c3-31dc-b947-23d0-dc52ec4f0c4c} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{445a3d12-eba3-4054-ab54-587bf3ff40ea} (Trojan.Clicker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AcroIEHelper.dll (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhc5nhj0e1cv (Rogue.AntivirusXP2008) -> No action taken.
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\61.tmp.vir (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\9E.tmp.vir (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\Internet Explorer\setupapi.dll.vir (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\Goldman.dll.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ffvvrrzz.sys.vir (Rootkit.Agent) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\oulurvnu.sys.vir (Rootkit.Agent) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ZZVVRRFF.sys.vir (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215965.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215968.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215969.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215970.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215971.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0216150.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0216151.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216169.scr (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216170.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216172.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216192.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216379.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216387.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216390.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216391.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216392.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216393.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP532\A0216453.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP532\A0216455.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP532\A0216468.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\k.txt (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Duck\Oblíbené položky\SMS TRAP.url (Rogue.Link) -> No action taken.
tady je rychly scan:
Malwarebytes' Anti-Malware 1.30
Verze databáze: 1356
Windows 5.1.2600 Service Pack 1
3.11.2008 0:37:04
mbam-log-2008-11-03 (00-36-52).txt
Typ skenu: Rychlý sken
Objektu skenováno: 42857
Uplynulý cas: 2 minute(s), 35 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 1
Infikované klíce registru: 18
Infikované hodnoty registru: 1
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 4
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
Infikované klíce registru:
HKEY_CLASSES_ROOT\Interface\{48d78be5-cfb9-4b66-9ac4-96d4cf21de06} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7558e739-8e7c-44bb-bce7-1bf0d72b7026} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4bd2d6c3-31dc-b947-23d0-dc52ec4f0c4c} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{445a3d12-eba3-4054-ab54-587bf3ff40ea} (Trojan.Clicker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AcroIEHelper.dll (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhc5nhj0e1cv (Rogue.AntivirusXP2008) -> No action taken.
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
C:\WINDOWS\k.txt (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Duck\Oblíbené položky\SMS TRAP.url (Rogue.Link) -> No action taken.
a tady je i hloubkovi:
Malwarebytes' Anti-Malware 1.30
Verze databáze: 1356
Windows 5.1.2600 Service Pack 1
3.11.2008 0:29:29
mbam-log-2008-11-03 (00-29-15).txt
Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 156321
Uplynulý cas: 50 minute(s), 52 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 1
Infikované klíce registru: 18
Infikované hodnoty registru: 1
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 32
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
Infikované klíce registru:
HKEY_CLASSES_ROOT\Interface\{48d78be5-cfb9-4b66-9ac4-96d4cf21de06} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7558e739-8e7c-44bb-bce7-1bf0d72b7026} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4bd2d6c3-31dc-b947-23d0-dc52ec4f0c4c} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{445a3d12-eba3-4054-ab54-587bf3ff40ea} (Trojan.Clicker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AcroIEHelper.dll (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhc5nhj0e1cv (Rogue.AntivirusXP2008) -> No action taken.
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\setupapi.dll (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\61.tmp.vir (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\9E.tmp.vir (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\Internet Explorer\setupapi.dll.vir (Spyware.Passwords) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\Goldman.dll.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ffvvrrzz.sys.vir (Rootkit.Agent) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\oulurvnu.sys.vir (Rootkit.Agent) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ZZVVRRFF.sys.vir (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215965.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215968.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215969.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215970.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0215971.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0216150.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP528\A0216151.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216169.scr (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216170.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216172.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP529\A0216192.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216379.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216387.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216390.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216391.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216392.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP531\A0216393.exe (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP532\A0216453.dll (Spyware.Passwords) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP532\A0216455.sys (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{612F7E71-CADC-45FD-9A96-DB08FB9C7BD0}\RP532\A0216468.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\k.txt (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Duck\Oblíbené položky\SMS TRAP.url (Rogue.Link) -> No action taken.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit log + nový log z HJT.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit log + nový log z HJT.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
Tak jsem to udelal tady je log :
Malwarebytes' Anti-Malware 1.30
Verze databáze: 1356
Windows 5.1.2600 Service Pack 1
3.11.2008 10:31:29
mbam-log-2008-11-03 (10-31-29).txt
Typ skenu: Rychlý sken
Objektu skenováno: 42742
Uplynulý cas: 2 minute(s), 28 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
Tady je log s HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:02, on 3.11.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Programy\Bluetooth Software\BTTray.exe
C:\Programy\Common\Bin\WinCinemaMgr.exe
C:\Programy\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Programy\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Cole2k Media Toolbar Helper - {08825191-C3C7-44e9-8CA6-07AB521FA8F2} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Cole2k Media Toolbar - {015407A9-D183-4379-8452-DFD7C2297902} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programy\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programy\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programy\Bluetooth Software\bin\btwdins.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7679 bytes
nwm proc se to stalo, mozna protoze jsem chtel stahnout nejakej screen shot monitoru, a nejaky program na (automaticky menic tapet plochy...)
stale ale nwm jak mohl nekdo zjistit moje heslo ?
Nevite jestli se da nejak zjstit ip z proxiny ?
I kdyz vim ip mozneho pc, ktery se na muj ucet prihlasil, tak jsem zjistil pouze poskytovatele internetu, nic vic, nic min.
Malwarebytes' Anti-Malware 1.30
Verze databáze: 1356
Windows 5.1.2600 Service Pack 1
3.11.2008 10:31:29
mbam-log-2008-11-03 (10-31-29).txt
Typ skenu: Rychlý sken
Objektu skenováno: 42742
Uplynulý cas: 2 minute(s), 28 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
Tady je log s HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:02, on 3.11.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Programy\Bluetooth Software\BTTray.exe
C:\Programy\Common\Bin\WinCinemaMgr.exe
C:\Programy\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Programy\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Cole2k Media Toolbar Helper - {08825191-C3C7-44e9-8CA6-07AB521FA8F2} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Cole2k Media Toolbar - {015407A9-D183-4379-8452-DFD7C2297902} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programy\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programy\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programy\Bluetooth Software\bin\btwdins.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7679 bytes
nwm proc se to stalo, mozna protoze jsem chtel stahnout nejakej screen shot monitoru, a nejaky program na (automaticky menic tapet plochy...)
stale ale nwm jak mohl nekdo zjistit moje heslo ?
Nevite jestli se da nejak zjstit ip z proxiny ?
I kdyz vim ip mozneho pc, ktery se na muj ucet prihlasil, tak jsem zjistil pouze poskytovatele internetu, nic vic, nic min.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
Pro kontrolu ještě toto:
Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah
Nevím jak se ti to tam dostalo, možností je více, přístup k Tvému PC, nebo byl součástí stahovaných pochybných programů.
Doporučuji nainstalovat SpywareTerminátor. Protože máš ještě Spybot tak u ST vypni rez. štít, jinak se budou hádat.
Nejprve ten log z RSIT.
Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah
Nevím jak se ti to tam dostalo, možností je více, přístup k Tvému PC, nebo byl součástí stahovaných pochybných programů.
Doporučuji nainstalovat SpywareTerminátor. Protože máš ještě Spybot tak u ST vypni rez. štít, jinak se budou hádat.
Nejprve ten log z RSIT.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
Logfile of random's system information tool 1.04 (written by random/random)
Run by Duck at 2008-11-03 15:03:26
Systém Microsoft Windows XP Professional Service Pack 1
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 2047 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03:35, on 3.11.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Programy\Bluetooth Software\BTTray.exe
C:\Programy\Common\Bin\WinCinemaMgr.exe
C:\Programy\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Duck\Plocha\RSIT.exe
C:\Programy\HijackThis\Duck.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Cole2k Media Toolbar Helper - {08825191-C3C7-44e9-8CA6-07AB521FA8F2} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Cole2k Media Toolbar - {015407A9-D183-4379-8452-DFD7C2297902} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programy\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programy\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programy\Bluetooth Software\bin\btwdins.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7721 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08825191-C3C7-44e9-8CA6-07AB521FA8F2}]
Cole2k Media Toolbar Helper - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll [2007-08-08 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programy\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{015407A9-D183-4379-8452-DFD7C2297902} - Cole2k Media Toolbar - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll [2007-08-08 495616]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - C:\WINDOWS\System32\msdxm.ocx [2002-09-20 844828]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2006-06-01 7618560]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\System32\sw20.exe [2006-05-18 208896]
"SW24"=C:\WINDOWS\System32\sw24.exe [2006-05-17 69632]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-01-08 65536]
"NvMediaCenter"=C:\WINDOWS\system32\NvMCTray.dll [2006-06-01 86016]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2005-03-02 278528]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2002-09-20 13312]
"SpybotSD TeaTimer"=C:\Programy\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Programy\CloneCD\CloneCDTray.exe [2004-09-02 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Programy\Bluetooth Software\BTTray.exe
InterVideo WinCinema Manager.lnk - C:\Programy\Common\Bin\WinCinemaMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 3 months======
2008-11-03 15:03:26 ----D---- C:\rsit
2008-11-02 19:26:22 ----D---- C:\Documents and Settings\Duck\Data aplikací\Malwarebytes
2008-11-02 19:26:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-09-28 11:01:18 ----SHD---- C:\RECYCLER
2008-09-28 04:05:59 ----D---- C:\WINDOWS\temp
2008-09-28 04:05:58 ----A---- C:\ComboFix.txt
2008-09-28 04:03:07 ----D---- C:\ComboFix
2008-09-25 20:33:43 ----A---- C:\WINDOWS\SOFPLAT.ini
2008-09-25 19:11:51 ----D---- C:\WINDOWS\erdnt
2008-09-25 19:11:35 ----D---- C:\QooBox
2008-09-25 19:11:33 ----A---- C:\WINDOWS\zip.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\VFind.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\swxcacls.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\SWSC.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\swreg.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\sed.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\Nircmd.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\grep.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\fdsv.exe
2008-09-21 16:28:45 ----D---- C:\Documents and Settings\Duck\Data aplikací\skypePM
2008-09-14 12:09:23 ----A---- C:\WINDOWS\System32\spupdsvc.exe
2008-09-14 12:09:21 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-09-13 08:13:21 ----D---- C:\Program Files\DIFX
2008-09-13 08:13:16 ----D---- C:\Program Files\PC Connectivity Solution
2008-09-13 08:13:10 ----DC---- C:\WINDOWS\System32\DRVSTORE
2008-09-13 08:13:10 ----A---- C:\WINDOWS\System32\wdfcoinstaller01005.dll
2008-09-13 08:13:10 ----A---- C:\WINDOWS\System32\nmwcdcocls.dll
2008-09-13 08:13:02 ----A---- C:\WINDOWS\System32\nmwcdcls.dll
2008-09-13 08:13:01 ----D---- C:\Program Files\Nokia
2008-09-13 08:11:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2008-09-12 16:19:10 ----D---- C:\Program Files\ZAV1
2008-08-05 21:45:10 ----D---- C:\Documents and Settings\Duck\Data aplikací\Zoner
======List of files/folders modified in the last 3 months======
2008-11-03 15:03:27 ----D---- C:\WINDOWS\Prefetch
2008-11-03 10:32:46 ----D---- C:\Program Files\Mozilla Firefox
2008-11-03 10:27:22 ----D---- C:\WINDOWS\Debug
2008-11-03 10:26:50 ----D---- C:\WINDOWS\System32\drivers
2008-11-03 10:26:50 ----D---- C:\WINDOWS
2008-11-03 10:26:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-02 19:26:16 ----D---- C:\Programy
2008-11-02 19:22:23 ----D---- C:\WINDOWS\system32
2008-11-02 19:22:23 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2008-11-02 19:20:13 ----D---- C:\WINDOWS\System32\config
2008-11-02 19:20:04 ----D---- C:\WINDOWS\System32\wbem
2008-11-02 19:20:03 ----D---- C:\WINDOWS\Registration
2008-11-02 19:19:47 ----D---- C:\Documents and Settings\Duck\Data aplikací\uTorrent
2008-11-02 19:19:39 ----SHD---- C:\WINDOWS\Installer
2008-11-02 19:19:36 ----D---- C:\Config.Msi
2008-11-02 19:19:11 ----D---- C:\Documents and Settings\Duck\Data aplikací\dvdcss
2008-11-02 15:29:47 ----D---- C:\WINDOWS\System32\CatRoot2
2008-10-29 20:09:19 ----HD---- C:\WINDOWS\inf
2008-10-23 14:59:35 ----D---- C:\WINDOWS\Help
2008-10-17 21:09:58 ----A---- C:\AILog.txt
2008-10-16 14:14:43 ----D---- C:\Program Files\Common Files
2008-10-16 14:14:43 ----AD---- C:\Program Files
2008-10-16 14:14:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2008-10-13 11:31:48 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-10-13 11:20:42 ----D---- C:\Documents and Settings\Duck\Data aplikací\OpenOffice.org2
2008-10-07 06:37:15 ----SHD---- C:\WINDOWS\CSC
2008-09-30 16:44:06 ----A---- C:\WINDOWS\WTRAN32.INI
2008-09-28 04:05:10 ----A---- C:\WINDOWS\system.ini
2008-09-28 04:04:44 ----D---- C:\WINDOWS\AppPatch
2008-09-27 16:25:30 ----D---- C:\Program Files\Internet Explorer
2008-09-27 12:29:22 ----A---- C:\WINDOWS\WINCMD.INI
2008-09-25 14:17:42 ----A---- C:\WINDOWS\nfsc_patch.ini
2008-09-25 14:03:27 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-09-25 06:13:57 ----D---- C:\WINDOWS\Minidump
2008-09-25 06:11:37 ----SHD---- C:\System Volume Information
2008-09-23 05:40:57 ----D---- C:\Program Files\ICQ6
2008-09-22 13:24:04 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-22 11:42:04 ----D---- C:\WINDOWS\System32\DirectX
2008-09-22 11:39:00 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-14 12:08:48 ----D---- C:\WINDOWS\LastGood
2008-09-09 01:43:07 ----SD---- C:\Documents and Settings\Duck\Data aplikací\Microsoft
2008-08-16 17:31:56 ----D---- C:\Documents and Settings\Duck\Data aplikací\ICQ
2008-08-12 07:23:53 ----HD---- C:\Program Files\WindowsUpdate
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2002-09-20 34944]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\System32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R2 atksgt;atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [2008-09-22 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [2008-09-22 18048]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\WINDOWS\system32\drivers\wf88vcap.sys [2004-10-18 208851]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\WINDOWS\system32\drivers\WF88XBAR.sys [2004-10-18 10324]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\WINDOWS\system32\drivers\WF88TUNE.sys [2004-10-18 34789]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-01-09 601100]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [2005-08-29 853258]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-08-31 26240]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2003-05-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2003-05-14 44288]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2001-10-25 13952]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-29 64344]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\System32\DRIVERS\hamachi.sys [2008-06-06 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2002-08-29 38272]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2001-08-17 24192]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 Wdf01000;Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WFIOCTL;WFIOCTL; \??\C:\Programy\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2003-05-14 21216]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2003-05-14 5728]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Programy\Bluetooth Software\bin\btwdins.exe [2005-08-29 266295]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-06-01 155715]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\System32\PnkBstrA.exe [2008-06-13 66872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
-----------------EOF-----------------
Run by Duck at 2008-11-03 15:03:26
Systém Microsoft Windows XP Professional Service Pack 1
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 2047 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03:35, on 3.11.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Programy\Bluetooth Software\BTTray.exe
C:\Programy\Common\Bin\WinCinemaMgr.exe
C:\Programy\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Duck\Plocha\RSIT.exe
C:\Programy\HijackThis\Duck.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60207
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Cole2k Media Toolbar Helper - {08825191-C3C7-44e9-8CA6-07AB521FA8F2} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Cole2k Media Toolbar - {015407A9-D183-4379-8452-DFD7C2297902} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programy\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programy\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programy\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programy\Bluetooth Software\bin\btwdins.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7721 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programy\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08825191-C3C7-44e9-8CA6-07AB521FA8F2}]
Cole2k Media Toolbar Helper - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll [2007-08-08 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programy\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{015407A9-D183-4379-8452-DFD7C2297902} - Cole2k Media Toolbar - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll [2007-08-08 495616]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{8E718888-423F-11D2-876E-00A0C9082467} - &Rádio - C:\WINDOWS\System32\msdxm.ocx [2002-09-20 844828]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2006-06-01 7618560]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\System32\sw20.exe [2006-05-18 208896]
"SW24"=C:\WINDOWS\System32\sw24.exe [2006-05-17 69632]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-01-08 65536]
"NvMediaCenter"=C:\WINDOWS\system32\NvMCTray.dll [2006-06-01 86016]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2005-03-02 278528]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2002-09-20 13312]
"SpybotSD TeaTimer"=C:\Programy\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Programy\CloneCD\CloneCDTray.exe [2004-09-02 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Programy\Bluetooth Software\BTTray.exe
InterVideo WinCinema Manager.lnk - C:\Programy\Common\Bin\WinCinemaMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 3 months======
2008-11-03 15:03:26 ----D---- C:\rsit
2008-11-02 19:26:22 ----D---- C:\Documents and Settings\Duck\Data aplikací\Malwarebytes
2008-11-02 19:26:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-09-28 11:01:18 ----SHD---- C:\RECYCLER
2008-09-28 04:05:59 ----D---- C:\WINDOWS\temp
2008-09-28 04:05:58 ----A---- C:\ComboFix.txt
2008-09-28 04:03:07 ----D---- C:\ComboFix
2008-09-25 20:33:43 ----A---- C:\WINDOWS\SOFPLAT.ini
2008-09-25 19:11:51 ----D---- C:\WINDOWS\erdnt
2008-09-25 19:11:35 ----D---- C:\QooBox
2008-09-25 19:11:33 ----A---- C:\WINDOWS\zip.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\VFind.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\swxcacls.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\SWSC.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\swreg.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\sed.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\Nircmd.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\grep.exe
2008-09-25 19:11:33 ----A---- C:\WINDOWS\fdsv.exe
2008-09-21 16:28:45 ----D---- C:\Documents and Settings\Duck\Data aplikací\skypePM
2008-09-14 12:09:23 ----A---- C:\WINDOWS\System32\spupdsvc.exe
2008-09-14 12:09:21 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-09-13 08:13:21 ----D---- C:\Program Files\DIFX
2008-09-13 08:13:16 ----D---- C:\Program Files\PC Connectivity Solution
2008-09-13 08:13:10 ----DC---- C:\WINDOWS\System32\DRVSTORE
2008-09-13 08:13:10 ----A---- C:\WINDOWS\System32\wdfcoinstaller01005.dll
2008-09-13 08:13:10 ----A---- C:\WINDOWS\System32\nmwcdcocls.dll
2008-09-13 08:13:02 ----A---- C:\WINDOWS\System32\nmwcdcls.dll
2008-09-13 08:13:01 ----D---- C:\Program Files\Nokia
2008-09-13 08:11:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2008-09-12 16:19:10 ----D---- C:\Program Files\ZAV1
2008-08-05 21:45:10 ----D---- C:\Documents and Settings\Duck\Data aplikací\Zoner
======List of files/folders modified in the last 3 months======
2008-11-03 15:03:27 ----D---- C:\WINDOWS\Prefetch
2008-11-03 10:32:46 ----D---- C:\Program Files\Mozilla Firefox
2008-11-03 10:27:22 ----D---- C:\WINDOWS\Debug
2008-11-03 10:26:50 ----D---- C:\WINDOWS\System32\drivers
2008-11-03 10:26:50 ----D---- C:\WINDOWS
2008-11-03 10:26:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-02 19:26:16 ----D---- C:\Programy
2008-11-02 19:22:23 ----D---- C:\WINDOWS\system32
2008-11-02 19:22:23 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2008-11-02 19:20:13 ----D---- C:\WINDOWS\System32\config
2008-11-02 19:20:04 ----D---- C:\WINDOWS\System32\wbem
2008-11-02 19:20:03 ----D---- C:\WINDOWS\Registration
2008-11-02 19:19:47 ----D---- C:\Documents and Settings\Duck\Data aplikací\uTorrent
2008-11-02 19:19:39 ----SHD---- C:\WINDOWS\Installer
2008-11-02 19:19:36 ----D---- C:\Config.Msi
2008-11-02 19:19:11 ----D---- C:\Documents and Settings\Duck\Data aplikací\dvdcss
2008-11-02 15:29:47 ----D---- C:\WINDOWS\System32\CatRoot2
2008-10-29 20:09:19 ----HD---- C:\WINDOWS\inf
2008-10-23 14:59:35 ----D---- C:\WINDOWS\Help
2008-10-17 21:09:58 ----A---- C:\AILog.txt
2008-10-16 14:14:43 ----D---- C:\Program Files\Common Files
2008-10-16 14:14:43 ----AD---- C:\Program Files
2008-10-16 14:14:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2008-10-13 11:31:48 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-10-13 11:20:42 ----D---- C:\Documents and Settings\Duck\Data aplikací\OpenOffice.org2
2008-10-07 06:37:15 ----SHD---- C:\WINDOWS\CSC
2008-09-30 16:44:06 ----A---- C:\WINDOWS\WTRAN32.INI
2008-09-28 04:05:10 ----A---- C:\WINDOWS\system.ini
2008-09-28 04:04:44 ----D---- C:\WINDOWS\AppPatch
2008-09-27 16:25:30 ----D---- C:\Program Files\Internet Explorer
2008-09-27 12:29:22 ----A---- C:\WINDOWS\WINCMD.INI
2008-09-25 14:17:42 ----A---- C:\WINDOWS\nfsc_patch.ini
2008-09-25 14:03:27 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-09-25 06:13:57 ----D---- C:\WINDOWS\Minidump
2008-09-25 06:11:37 ----SHD---- C:\System Volume Information
2008-09-23 05:40:57 ----D---- C:\Program Files\ICQ6
2008-09-22 13:24:04 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-22 11:42:04 ----D---- C:\WINDOWS\System32\DirectX
2008-09-22 11:39:00 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-14 12:08:48 ----D---- C:\WINDOWS\LastGood
2008-09-09 01:43:07 ----SD---- C:\Documents and Settings\Duck\Data aplikací\Microsoft
2008-08-16 17:31:56 ----D---- C:\Documents and Settings\Duck\Data aplikací\ICQ
2008-08-12 07:23:53 ----HD---- C:\Program Files\WindowsUpdate
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2002-09-20 34944]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\System32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R2 atksgt;atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [2008-09-22 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [2008-09-22 18048]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\WINDOWS\system32\drivers\wf88vcap.sys [2004-10-18 208851]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\WINDOWS\system32\drivers\WF88XBAR.sys [2004-10-18 10324]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\WINDOWS\system32\drivers\WF88TUNE.sys [2004-10-18 34789]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-01-09 601100]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [2005-08-29 853258]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-08-31 26240]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2003-05-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2003-05-14 44288]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2001-10-25 13952]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-29 64344]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\System32\DRIVERS\hamachi.sys [2008-06-06 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2002-08-29 38272]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2001-08-17 24192]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 Wdf01000;Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WFIOCTL;WFIOCTL; \??\C:\Programy\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2003-05-14 21216]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2003-05-14 5728]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Programy\Bluetooth Software\bin\btwdins.exe [2005-08-29 266295]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-06-01 155715]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\System32\PnkBstrA.exe [2008-06-13 66872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
-----------------EOF-----------------
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
Bohužel , špion je tam furt, nezadávej žádná hesla ani nicky , nepřipojuj se na jiné weby kromě PC-HELP!!
Mám v záloze jeden program, ale nemám ho vyzkoušený, takže napřed toto:
Měl jsi předtím nainstalovat SP2 a všechny záplaty , máš to děravý.
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....
Mám v záloze jeden program, ale nemám ho vyzkoušený, takže napřed toto:
Měl jsi předtím nainstalovat SP2 a všechny záplaty , máš to děravý.
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Specha -Trojsky kun a kradeze hesla HiJackThis Vyřešeno
uz je to v pohode diky
Re: Specha -Trojsky kun a kradeze hesla HiJackThis
muzete to uzavrit kompletni reinstal to vyresil, diky moc
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 18 hostů