Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34: VIRUS ALERT!, on 20.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\QIP\qip.exe
C:\Documents and Settings\honza\Dokumenty\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {81FF9400-31B5-4786-9EA9-DD8425658399} - (no file)
O2 - BHO: (no name) - {DB7D2760-3AB4-4F78-A977-4454935D8E6F} - (no file)
O2 - BHO: (no name) - {EEC73EA5-1367-49D1-93F4-CA1D8C22E9F9} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0344830624
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0927376311
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: khfETnmN - khfETnmN.dll (file missing)
O21 - SSODL: MsgAppSmart - {42A8F895-67E9-FA8E-EC1E-02EF6855EF9F} - C:\Program Files\gvepnwd\MsgAppSmart.dll
O21 - SSODL: ngwstxfd - {7FA2016F-22D4-4A7D-86AE-B475F03272E7} - C:\WINDOWS\ngwstxfd.dll (file missing)
O21 - SSODL: qrbgltos - {689241F1-BE78-4C74-B095-FE68183D4F2E} - C:\WINDOWS\qrbgltos.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Unknown owner - C:\Program Files\WinClamAVShield\sp_clamsrv.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 8216 bytes
pls hlp :'(
virus alert!
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: virus alert!
Stáhni si Malwarebytes' Anti-Malware
http://www.besttechie.net/tools/mbam-setup.exe
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
http://www.besttechie.net/tools/mbam-setup.exe
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: virus alert!
z te stranky me nesel stahnout..vubec se nenacte..tak sem stahl jinde,
ale nesla me aktualizace :( pise to: "Aktualizace selhala. Ujistěte se že jste připojeni k Internetu a Váš firewall je nastavený tak, aby povolil Malwarebytes' Anti-Malware zprístupnit internet. pripojeny sem, i firewall sem zkousel vypnout ale porad to pise..tady je ten log:
Malwarebytes' Anti-Malware 1.29
Verze databáze: 1276
Windows 5.1.2600 Service Pack 2
20.10.2008 14:52:43
mbam-log-2008-10-20 (14-52-25).txt
Typ skenu: Rychlý sken
Objektu skenováno: 53868
Uplynulý cas: 22 minute(s), 36 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 32
Infikované hodnoty registru: 8
Infikované položky dat registru: 14
Infikované složky: 1
Infikované soubory: 234
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_CLASSES_ROOT\CLSID\{42A8F895-67E9-FA8E-EC1E-02EF6855EF9F} (Trojan.FakeAlert.H) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7d4c17e6-b0d7-4de2-a128-67f2fa1d4ff6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{16107999-723f-9562-ebbf-2a0b70f5775b} (Rogue.RegSort) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cba0a72a-c5b0-47f8-9bd7-307b7708a58d} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eec73ea5-1367-49d1-93f4-ca1d8c22e9f9} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\SOFTSKY (Rogue.RegSort) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> No action taken.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\luapvs.tchongabho (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\sgoblxtm.bpsb (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.bfwg (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\msgappsmart (Trojan.FakeAlert.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{0ea986db0e30d1660} (Rogue.RegSort) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{iea986db0e30d1660} (Rogue.RegSort) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> No action taken.
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55703-640-0124077-23614) -> No action taken.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (H:mm:ss) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
C:\WINDOWS\Common (Trojan.Agent) -> No action taken.
Infikované soubory:
C:\WINDOWS\system32\abrwuocc.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ccouwrba.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\adbitgqx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xqgtibda.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\anmoxkod.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dokxomna.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bauwsnrr.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rrnswuab.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bdlthubl.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lbuhtldb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bfetwwgo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ogwwtefb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\biiegaja.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ajageiib.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bmebwsju.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ujswbemb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cckxaefi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ifeaxkcc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ctlvqivm.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mviqvltc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cwouygpq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qpgyuowc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cxuwadma.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\amdawuxc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dbwfmfkg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gkfmfwbd.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dwnwqkjc.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cjkqwnwd.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ecfcqers.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sreqcfce.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\egnfydck.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kcdyfnge.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\egonfswe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ewsfnoge.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\etsyiiia.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aiiiyste.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ettflvaa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aavlftte.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\eupmnmae.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\eamnmpue.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fcrwvgyx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xygvwrcf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fjlnfode.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\edofnljf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fmcxbtbt.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tbtbxcmf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gdbxtgew.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wegtxbdg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gektaeol.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\loeatkeg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gftssmyy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yymsstfg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ggfinlom.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\molnifgg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ggxuruho.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ohuruxgg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gusbxoey.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yeoxbsug.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gxjfvocj.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jcovfjxg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gywwhouv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vuohwwyg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hrrbmpxt.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\txpmbrrh.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hvndfkfp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pfkfdnvh.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\iklxgpxm.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mxpgxlki.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\iqlrrbmh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hmbrrlqi.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\irnnknsu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\usnknnri.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jeypvvhe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ehvvpyej.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jifryovb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bvoyrfij.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jkdeidnf.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fndiedkj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jqscqyvi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ivyqcsqj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jscpasel.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lesapcsj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jvhavjpy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ypjvahvj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jvktksmy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ymsktkvj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kdnurhyw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wyhrundk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\khcqbeuq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\quebqchk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\khepugah.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hagupehk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\klcloamv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vmaolclk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\krftwchl.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lhcwtfrk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lerdffdc.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cdffdrel.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\leskcllg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gllcksel.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lleeplbx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xblpeell.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lpcdwgyp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pygwdcpl.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mlkbvxjo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ojxvbklm.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nglrypyv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vypyrlgn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nnqpppfq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qfpppqnn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nnrjqqid.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\diqqjrnn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nxangsen.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nesgnaxn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nyxvwmtb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\btmwvxyn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ofwyaaeg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\geaaywfo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\oggsnajh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hjansggo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ogpquklq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qlkuqpgo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\orpulhan.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nahlupro.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\otklfkyk.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kykflkto.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ovgabequ.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uqebagvo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\owefjmcn.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ncmjfewo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\owompuhb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bhupmowo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pihirbyp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pybrihip.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ppgywihd.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dhiwygpp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\psqwhukx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xkuhwqsp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\psunahrr.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rrhanusp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qlhqvltn.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ntlvqhlq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qmdajjfi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ifjjadmq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qrvvjkix.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xikjvvrq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qxrenmxe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\exmnerxq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rcparyos.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\soyrapcr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rqhmolgq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qglomhqr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rxwipops.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\spopiwxr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ryxwcyfu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ufycwxyr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sbjaovfl.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lfvoajbs.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tljnexbf.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fbxenjlt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tmadhygo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ogyhdamt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\trtalyda.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\adylatrt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tvsbfqyk.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kyqfbsvt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ubpqspuq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qupsqpbu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uhgumioh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hoimughu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uwmawido.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\odiwamwu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vfqmssbs.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sbssmqfv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vglgthvw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wvhtglgv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vnevyqqu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uqqyvenv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vtnjeghv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vhgejntv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wduejmsw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wsmjeudw.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wnsuyqjh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hjqyusnw.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xivigsld.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dlsgivix.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xpasqhes.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sehqsapx.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yffyfxeb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bexfyffy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yoklxder.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\redxlkoy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yuedcwwx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xwwcdeuy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yuswabbe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ebbawsuy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ywcetgwb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bwgtecwy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yyvybynb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bnybyvyy.ini (Trojan.Vundo.H) -> No action taken.
C:\Program Files\gvepnwd\MsgAppSmart.dll (Trojan.FakeAlert.H) -> No action taken.
C:\WINDOWS\system32\yvthugnr.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\384AZ49U\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\0SD5QG3L\CAUB0P27 (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\S10L4VML\upd105320[1] (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Common\fgxcxqbq.exe (Trojan.Agent) -> No action taken.
C:\Program Files\MSA\MSA.exe (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSA\MSA.cpl (Rogue.MSAntivirus) -> No action taken.
C:\WINDOWS\system32\MSA.cpl (Rogue.MSAntivirus) -> No action taken.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\lomxeqsn.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\mamka\Plocha\Protect Your Privacy.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Plocha\Protect Your Privacy.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\mamka\Plocha\Malware Defender.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Plocha\Malware Defender.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\mamka\Plocha\System Error Fixer.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Plocha\System Error Fixer.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Local Settings\Temp\pwrmgr.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\honza\Local Settings\Temp\myconfig.php (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSnrsr.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSoeqh.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSoity.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSosvn.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSpaxt.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSriqp.log (Trojan.TDSS) -> No action taken.
C:\WINDOWS\system32\TDSSsbhc.log (Trojan.TDSS) -> No action taken.
C:\WINDOWS\system32\drivers\TDSSpqlt.sys (Rootkit.Agent) -> No action taken.
ale nesla me aktualizace :( pise to: "Aktualizace selhala. Ujistěte se že jste připojeni k Internetu a Váš firewall je nastavený tak, aby povolil Malwarebytes' Anti-Malware zprístupnit internet. pripojeny sem, i firewall sem zkousel vypnout ale porad to pise..tady je ten log:
Malwarebytes' Anti-Malware 1.29
Verze databáze: 1276
Windows 5.1.2600 Service Pack 2
20.10.2008 14:52:43
mbam-log-2008-10-20 (14-52-25).txt
Typ skenu: Rychlý sken
Objektu skenováno: 53868
Uplynulý cas: 22 minute(s), 36 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 32
Infikované hodnoty registru: 8
Infikované položky dat registru: 14
Infikované složky: 1
Infikované soubory: 234
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_CLASSES_ROOT\CLSID\{42A8F895-67E9-FA8E-EC1E-02EF6855EF9F} (Trojan.FakeAlert.H) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7d4c17e6-b0d7-4de2-a128-67f2fa1d4ff6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{16107999-723f-9562-ebbf-2a0b70f5775b} (Rogue.RegSort) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cba0a72a-c5b0-47f8-9bd7-307b7708a58d} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eec73ea5-1367-49d1-93f4-ca1d8c22e9f9} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\SOFTSKY (Rogue.RegSort) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> No action taken.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\luapvs.tchongabho (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\sgoblxtm.bpsb (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.bfwg (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\msgappsmart (Trojan.FakeAlert.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{0ea986db0e30d1660} (Rogue.RegSort) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{iea986db0e30d1660} (Rogue.RegSort) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> No action taken.
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55703-640-0124077-23614) -> No action taken.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (H:mm:ss) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
C:\WINDOWS\Common (Trojan.Agent) -> No action taken.
Infikované soubory:
C:\WINDOWS\system32\abrwuocc.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ccouwrba.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\adbitgqx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xqgtibda.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\anmoxkod.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dokxomna.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bauwsnrr.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rrnswuab.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bdlthubl.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lbuhtldb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bfetwwgo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ogwwtefb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\biiegaja.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ajageiib.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bmebwsju.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ujswbemb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cckxaefi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ifeaxkcc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ctlvqivm.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mviqvltc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cwouygpq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qpgyuowc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cxuwadma.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\amdawuxc.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dbwfmfkg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gkfmfwbd.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dwnwqkjc.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cjkqwnwd.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ecfcqers.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sreqcfce.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\egnfydck.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kcdyfnge.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\egonfswe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ewsfnoge.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\etsyiiia.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aiiiyste.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ettflvaa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aavlftte.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\eupmnmae.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\eamnmpue.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fcrwvgyx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xygvwrcf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fjlnfode.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\edofnljf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fmcxbtbt.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tbtbxcmf.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gdbxtgew.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wegtxbdg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gektaeol.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\loeatkeg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gftssmyy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yymsstfg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ggfinlom.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\molnifgg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ggxuruho.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ohuruxgg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gusbxoey.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yeoxbsug.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gxjfvocj.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jcovfjxg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gywwhouv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vuohwwyg.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hrrbmpxt.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\txpmbrrh.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hvndfkfp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pfkfdnvh.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\iklxgpxm.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mxpgxlki.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\iqlrrbmh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hmbrrlqi.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\irnnknsu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\usnknnri.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jeypvvhe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ehvvpyej.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jifryovb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bvoyrfij.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jkdeidnf.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fndiedkj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jqscqyvi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ivyqcsqj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jscpasel.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lesapcsj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jvhavjpy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ypjvahvj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jvktksmy.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ymsktkvj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kdnurhyw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wyhrundk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\khcqbeuq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\quebqchk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\khepugah.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hagupehk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\klcloamv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vmaolclk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\krftwchl.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lhcwtfrk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lerdffdc.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\cdffdrel.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\leskcllg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\gllcksel.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lleeplbx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xblpeell.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lpcdwgyp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pygwdcpl.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mlkbvxjo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ojxvbklm.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nglrypyv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vypyrlgn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nnqpppfq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qfpppqnn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nnrjqqid.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\diqqjrnn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nxangsen.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nesgnaxn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nyxvwmtb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\btmwvxyn.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ofwyaaeg.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\geaaywfo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\oggsnajh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hjansggo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ogpquklq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qlkuqpgo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\orpulhan.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nahlupro.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\otklfkyk.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kykflkto.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ovgabequ.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uqebagvo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\owefjmcn.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ncmjfewo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\owompuhb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bhupmowo.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pihirbyp.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pybrihip.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ppgywihd.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dhiwygpp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\psqwhukx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xkuhwqsp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\psunahrr.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rrhanusp.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qlhqvltn.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ntlvqhlq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qmdajjfi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ifjjadmq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qrvvjkix.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xikjvvrq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qxrenmxe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\exmnerxq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rcparyos.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\soyrapcr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rqhmolgq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qglomhqr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rxwipops.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\spopiwxr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ryxwcyfu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ufycwxyr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sbjaovfl.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\lfvoajbs.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tljnexbf.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fbxenjlt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tmadhygo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ogyhdamt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\trtalyda.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\adylatrt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\tvsbfqyk.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kyqfbsvt.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ubpqspuq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qupsqpbu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uhgumioh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hoimughu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uwmawido.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\odiwamwu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vfqmssbs.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sbssmqfv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vglgthvw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wvhtglgv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vnevyqqu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uqqyvenv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vtnjeghv.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vhgejntv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wduejmsw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wsmjeudw.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wnsuyqjh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hjqyusnw.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xivigsld.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dlsgivix.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xpasqhes.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\sehqsapx.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yffyfxeb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bexfyffy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yoklxder.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\redxlkoy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yuedcwwx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xwwcdeuy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yuswabbe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ebbawsuy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ywcetgwb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bwgtecwy.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yyvybynb.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bnybyvyy.ini (Trojan.Vundo.H) -> No action taken.
C:\Program Files\gvepnwd\MsgAppSmart.dll (Trojan.FakeAlert.H) -> No action taken.
C:\WINDOWS\system32\yvthugnr.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\384AZ49U\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\0SD5QG3L\CAUB0P27 (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\S10L4VML\upd105320[1] (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Common\fgxcxqbq.exe (Trojan.Agent) -> No action taken.
C:\Program Files\MSA\MSA.exe (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSA\MSA.cpl (Rogue.MSAntivirus) -> No action taken.
C:\WINDOWS\system32\MSA.cpl (Rogue.MSAntivirus) -> No action taken.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\lomxeqsn.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\mamka\Plocha\Protect Your Privacy.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Plocha\Protect Your Privacy.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\mamka\Plocha\Malware Defender.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Plocha\Malware Defender.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\mamka\Plocha\System Error Fixer.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Plocha\System Error Fixer.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\honza\Local Settings\Temp\pwrmgr.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\honza\Local Settings\Temp\myconfig.php (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSnrsr.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSoeqh.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSoity.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSosvn.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSpaxt.dll (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\TDSSriqp.log (Trojan.TDSS) -> No action taken.
C:\WINDOWS\system32\TDSSsbhc.log (Trojan.TDSS) -> No action taken.
C:\WINDOWS\system32\drivers\TDSSpqlt.sys (Rootkit.Agent) -> No action taken.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: virus alert!
Takhle to dopadá , když někdo nemá antivir....
Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit log + nový log z HJT.
EDIT ,počkej na reboot, asi bude potřebný..
Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit log + nový log z HJT.
EDIT ,počkej na reboot, asi bude potřebný..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: virus alert!
nice je to pryc 
dekuju mockrat 
jojo uz sem si stahl nejakej antivirak hned 
(AntiVir PersonalEdition) na kamosovo doporuceni :) jeste teda prikladam log z MbAM pred restartem:
Malwarebytes' Anti-Malware 1.29
Verze databáze: 1276
Windows 5.1.2600 Service Pack 2
20.10.2008 15:34:05
mbam-log-2008-10-20 (15-34-05).txt
Typ skenu: Rychlý sken
Objektu skenováno: 53868
Uplynulý cas: 22 minute(s), 36 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 32
Infikované hodnoty registru: 8
Infikované položky dat registru: 14
Infikované složky: 1
Infikované soubory: 234
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_CLASSES_ROOT\CLSID\{42A8F895-67E9-FA8E-EC1E-02EF6855EF9F} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7d4c17e6-b0d7-4de2-a128-67f2fa1d4ff6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{16107999-723f-9562-ebbf-2a0b70f5775b} (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cba0a72a-c5b0-47f8-9bd7-307b7708a58d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eec73ea5-1367-49d1-93f4-ca1d8c22e9f9} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SOFTSKY (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\luapvs.tchongabho (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sgoblxtm.bpsb (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.bfwg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\msgappsmart (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{0ea986db0e30d1660} (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{iea986db0e30d1660} (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55703-640-0124077-23614) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (H:mm:ss) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infikované složky:
C:\WINDOWS\Common (Trojan.Agent) -> Quarantined and deleted successfully.
Infikované soubory:
C:\WINDOWS\system32\abrwuocc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccouwrba.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adbitgqx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xqgtibda.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anmoxkod.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dokxomna.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bauwsnrr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrnswuab.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdlthubl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lbuhtldb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bfetwwgo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogwwtefb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\biiegaja.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ajageiib.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bmebwsju.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujswbemb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cckxaefi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifeaxkcc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctlvqivm.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mviqvltc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cwouygpq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qpgyuowc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxuwadma.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amdawuxc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dbwfmfkg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gkfmfwbd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dwnwqkjc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cjkqwnwd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ecfcqers.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sreqcfce.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\egnfydck.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kcdyfnge.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\egonfswe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ewsfnoge.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\etsyiiia.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aiiiyste.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ettflvaa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aavlftte.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eupmnmae.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eamnmpue.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fcrwvgyx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xygvwrcf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fjlnfode.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edofnljf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmcxbtbt.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tbtbxcmf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gdbxtgew.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wegtxbdg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gektaeol.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loeatkeg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gftssmyy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yymsstfg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggfinlom.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\molnifgg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggxuruho.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohuruxgg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gusbxoey.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yeoxbsug.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gxjfvocj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jcovfjxg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gywwhouv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vuohwwyg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hrrbmpxt.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\txpmbrrh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hvndfkfp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pfkfdnvh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iklxgpxm.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mxpgxlki.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iqlrrbmh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hmbrrlqi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\irnnknsu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\usnknnri.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jeypvvhe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ehvvpyej.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jifryovb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bvoyrfij.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkdeidnf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fndiedkj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jqscqyvi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ivyqcsqj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jscpasel.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lesapcsj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jvhavjpy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ypjvahvj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jvktksmy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ymsktkvj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdnurhyw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wyhrundk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khcqbeuq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\quebqchk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khepugah.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hagupehk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\klcloamv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vmaolclk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krftwchl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhcwtfrk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lerdffdc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cdffdrel.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\leskcllg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gllcksel.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lleeplbx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xblpeell.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lpcdwgyp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pygwdcpl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlkbvxjo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojxvbklm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nglrypyv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vypyrlgn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnqpppfq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qfpppqnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnrjqqid.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diqqjrnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nxangsen.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nesgnaxn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyxvwmtb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\btmwvxyn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ofwyaaeg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geaaywfo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oggsnajh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjansggo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogpquklq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qlkuqpgo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\orpulhan.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nahlupro.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otklfkyk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kykflkto.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovgabequ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqebagvo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owefjmcn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncmjfewo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owompuhb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhupmowo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pihirbyp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pybrihip.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ppgywihd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dhiwygpp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psqwhukx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkuhwqsp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psunahrr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrhanusp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qlhqvltn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntlvqhlq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qmdajjfi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifjjadmq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qrvvjkix.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xikjvvrq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qxrenmxe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\exmnerxq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rcparyos.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\soyrapcr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqhmolgq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qglomhqr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rxwipops.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spopiwxr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ryxwcyfu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ufycwxyr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sbjaovfl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfvoajbs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tljnexbf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbxenjlt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tmadhygo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogyhdamt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trtalyda.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adylatrt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tvsbfqyk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kyqfbsvt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ubpqspuq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qupsqpbu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uhgumioh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoimughu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uwmawido.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\odiwamwu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vfqmssbs.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sbssmqfv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vglgthvw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvhtglgv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vnevyqqu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqqyvenv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtnjeghv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vhgejntv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wduejmsw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsmjeudw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnsuyqjh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjqyusnw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xivigsld.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dlsgivix.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xpasqhes.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sehqsapx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yffyfxeb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bexfyffy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yoklxder.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\redxlkoy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yuedcwwx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xwwcdeuy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yuswabbe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ebbawsuy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ywcetgwb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bwgtecwy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yyvybynb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bnybyvyy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\gvepnwd\MsgAppSmart.dll (Trojan.FakeAlert.H) -> Delete on reboot.
C:\WINDOWS\system32\yvthugnr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\384AZ49U\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\0SD5QG3L\CAUB0P27 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\S10L4VML\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Common\fgxcxqbq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MSA\MSA.exe (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\MSA.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSA.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\lomxeqsn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\mamka\Plocha\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Plocha\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\mamka\Plocha\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Plocha\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\mamka\Plocha\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Plocha\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Local Settings\Temp\pwrmgr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Local Settings\Temp\myconfig.php (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSnrsr.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSoeqh.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSoity.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSosvn.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSpaxt.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSriqp.log (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\TDSSsbhc.log (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\drivers\TDSSpqlt.sys (Rootkit.Agent) -> Delete on reboot.
dekuju mockrat jojo uz sem si stahl nejakej antivirak hned (AntiVir PersonalEdition) na kamosovo doporuceni :) jeste teda prikladam log z MbAM pred restartem: Malwarebytes' Anti-Malware 1.29
Verze databáze: 1276
Windows 5.1.2600 Service Pack 2
20.10.2008 15:34:05
mbam-log-2008-10-20 (15-34-05).txt
Typ skenu: Rychlý sken
Objektu skenováno: 53868
Uplynulý cas: 22 minute(s), 36 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 32
Infikované hodnoty registru: 8
Infikované položky dat registru: 14
Infikované složky: 1
Infikované soubory: 234
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_CLASSES_ROOT\CLSID\{42A8F895-67E9-FA8E-EC1E-02EF6855EF9F} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7d4c17e6-b0d7-4de2-a128-67f2fa1d4ff6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{16107999-723f-9562-ebbf-2a0b70f5775b} (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cba0a72a-c5b0-47f8-9bd7-307b7708a58d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eec73ea5-1367-49d1-93f4-ca1d8c22e9f9} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SOFTSKY (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\luapvs.tchongabho (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sgoblxtm.bpsb (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.bfwg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\msgappsmart (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{0ea986db0e30d1660} (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{iea986db0e30d1660} (Rogue.RegSort) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55703-640-0124077-23614) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (H:mm:ss) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infikované složky:
C:\WINDOWS\Common (Trojan.Agent) -> Quarantined and deleted successfully.
Infikované soubory:
C:\WINDOWS\system32\abrwuocc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccouwrba.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adbitgqx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xqgtibda.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anmoxkod.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dokxomna.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bauwsnrr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrnswuab.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdlthubl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lbuhtldb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bfetwwgo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogwwtefb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\biiegaja.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ajageiib.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bmebwsju.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujswbemb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cckxaefi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifeaxkcc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctlvqivm.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mviqvltc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cwouygpq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qpgyuowc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxuwadma.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amdawuxc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dbwfmfkg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gkfmfwbd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dwnwqkjc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cjkqwnwd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ecfcqers.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sreqcfce.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\egnfydck.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kcdyfnge.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\egonfswe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ewsfnoge.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\etsyiiia.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aiiiyste.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ettflvaa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aavlftte.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eupmnmae.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eamnmpue.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fcrwvgyx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xygvwrcf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fjlnfode.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edofnljf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmcxbtbt.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tbtbxcmf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gdbxtgew.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wegtxbdg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gektaeol.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loeatkeg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gftssmyy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yymsstfg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggfinlom.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\molnifgg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ggxuruho.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohuruxgg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gusbxoey.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yeoxbsug.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gxjfvocj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jcovfjxg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gywwhouv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vuohwwyg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hrrbmpxt.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\txpmbrrh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hvndfkfp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pfkfdnvh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iklxgpxm.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mxpgxlki.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iqlrrbmh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hmbrrlqi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\irnnknsu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\usnknnri.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jeypvvhe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ehvvpyej.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jifryovb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bvoyrfij.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkdeidnf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fndiedkj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jqscqyvi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ivyqcsqj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jscpasel.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lesapcsj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jvhavjpy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ypjvahvj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jvktksmy.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ymsktkvj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdnurhyw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wyhrundk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khcqbeuq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\quebqchk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\khepugah.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hagupehk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\klcloamv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vmaolclk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krftwchl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhcwtfrk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lerdffdc.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cdffdrel.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\leskcllg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gllcksel.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lleeplbx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xblpeell.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lpcdwgyp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pygwdcpl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlkbvxjo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ojxvbklm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nglrypyv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vypyrlgn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnqpppfq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qfpppqnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nnrjqqid.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diqqjrnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nxangsen.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nesgnaxn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nyxvwmtb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\btmwvxyn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ofwyaaeg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geaaywfo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oggsnajh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjansggo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogpquklq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qlkuqpgo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\orpulhan.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nahlupro.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otklfkyk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kykflkto.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ovgabequ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqebagvo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owefjmcn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ncmjfewo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owompuhb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bhupmowo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pihirbyp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pybrihip.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ppgywihd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dhiwygpp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psqwhukx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkuhwqsp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psunahrr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrhanusp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qlhqvltn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntlvqhlq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qmdajjfi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifjjadmq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qrvvjkix.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xikjvvrq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qxrenmxe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\exmnerxq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rcparyos.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\soyrapcr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqhmolgq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qglomhqr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rxwipops.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spopiwxr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ryxwcyfu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ufycwxyr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sbjaovfl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfvoajbs.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tljnexbf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fbxenjlt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tmadhygo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ogyhdamt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trtalyda.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adylatrt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tvsbfqyk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kyqfbsvt.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ubpqspuq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qupsqpbu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uhgumioh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoimughu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uwmawido.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\odiwamwu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vfqmssbs.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sbssmqfv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vglgthvw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvhtglgv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vnevyqqu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqqyvenv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtnjeghv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vhgejntv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wduejmsw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsmjeudw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnsuyqjh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hjqyusnw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xivigsld.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dlsgivix.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xpasqhes.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sehqsapx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yffyfxeb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bexfyffy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yoklxder.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\redxlkoy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yuedcwwx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xwwcdeuy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yuswabbe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ebbawsuy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ywcetgwb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bwgtecwy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yyvybynb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bnybyvyy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\gvepnwd\MsgAppSmart.dll (Trojan.FakeAlert.H) -> Delete on reboot.
C:\WINDOWS\system32\yvthugnr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\384AZ49U\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\0SD5QG3L\CAUB0P27 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\radim\Local Settings\Temporary Internet Files\Content.IE5\S10L4VML\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Common\fgxcxqbq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MSA\MSA.exe (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSA\MSA.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSA.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\lomxeqsn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\mamka\Plocha\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Plocha\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\mamka\Plocha\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Plocha\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\mamka\Plocha\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Plocha\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Local Settings\Temp\pwrmgr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\honza\Local Settings\Temp\myconfig.php (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSnrsr.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSoeqh.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSoity.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSosvn.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSpaxt.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSriqp.log (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\TDSSsbhc.log (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\drivers\TDSSpqlt.sys (Rootkit.Agent) -> Delete on reboot.
Re: virus alert!
a log z hijacku:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:01, on 20.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\honza\Dokumenty\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {81FF9400-31B5-4786-9EA9-DD8425658399} - (no file)
O2 - BHO: (no name) - {DB7D2760-3AB4-4F78-A977-4454935D8E6F} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0344830624
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0927376311
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: khfETnmN - khfETnmN.dll (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Unknown owner - C:\Program Files\WinClamAVShield\sp_clamsrv.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O24 - Desktop Component 0: Privacy Protection - (no file)
--
End of file - 8316 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:01, on 20.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\honza\Dokumenty\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {81FF9400-31B5-4786-9EA9-DD8425658399} - (no file)
O2 - BHO: (no name) - {DB7D2760-3AB4-4F78-A977-4454935D8E6F} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0344830624
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0927376311
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: khfETnmN - khfETnmN.dll (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Unknown owner - C:\Program Files\WinClamAVShield\sp_clamsrv.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O24 - Desktop Component 0: Privacy Protection - (no file)
--
End of file - 8316 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: virus alert!
Fix v HJT:
Odinstaluj Spybot nebo lépe SpywareTerminator.
Pročisti registry a oprav problémy pomocí CCleaneru:
viewtopic.php?t=5130
a použij i T-Cleaner
http://www.sweb.cz/Marinus/T-Cleaner.exe
Doinstaluj javu:
Java SE Runtime Environment 6u10
https://cds.sun.com/is-bin/INTERSHOP.en ... _Developer
Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u10-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Podej info o stavu compu.
Kód: Vybrat vše
O2 - BHO: (no name) - {81FF9400-31B5-4786-9EA9-DD8425658399} - (no file)
O2 - BHO: (no name) - {DB7D2760-3AB4-4F78-A977-4454935D8E6F} - (no file)
O20 - Winlogon Notify: khfETnmN - khfETnmN.dll (file missing)
O24 - Desktop Component 0: Privacy Protection - (no file)
Odinstaluj Spybot nebo lépe SpywareTerminator.
Pročisti registry a oprav problémy pomocí CCleaneru:
viewtopic.php?t=5130
a použij i T-Cleaner
http://www.sweb.cz/Marinus/T-Cleaner.exe
Doinstaluj javu:
Java SE Runtime Environment 6u10
https://cds.sun.com/is-bin/INTERSHOP.en ... _Developer
Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u10-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Podej info o stavu compu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Seznam[Bot] a 3 hosti