[ Príspevkov: 2 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
posilvestrovsky trojsky kon

Registrovaný: 28.09.07
Prihlásený: 04.01.12
Príspevky: 129
Témy: 18 | 18
NapísalOffline : 03.01.2009 19:52 | posilvestrovsky trojsky kon

caute mam problem
podla mojho nazoru sa mi asi cez segrin usb kluc dostala do kompu nejaka infiltracia :) - celkom pekny novorocny darcek

obcas sa stane ze sa mi v mozille len tak otvori cista nova karta s cudnou URL
spustil som SPYBOT, precistil REGISTRE a takisto NORTON INTERNET SECURITY
zatial nenasli ziadnu chybu ...

haluz je aj to ze .. najskor som mal problem s otvorenim D: a externeho HD
ten problem som vsak vyriesil vdaka : http://www.pcforum.sk/odstraneny-resycl ... 55663.html

sranda ze pri starte mi nezapne moj COMODO Firewall a ani spominany ANITIVIRAK :)

posielam log z HijackThis

Kód:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:20, on 3.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\hdche\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Digsby\lib\digsby-app.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navw32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Digsby\lib\aspell\bin\aspell.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://software.macek.cc/resampler/vhs2dvd.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [5ce84eb7] rundll32.exe "C:\WINDOWS\system32\lhqtpipf.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hdche\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: []  (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: []  (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Digsby.lnk = C:\Program Files\Digsby\digsby.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: M-Audio CMIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE

--
End of file - 12800 bytes


_________________
hope not dope ____
AMD Athlon 64 X2 5400+ Dual Core procesor ( 2,8GHz, 2 x 1MB L2 cache, 64bit, socket AM2), GeForce 8600GT 256 MB PCI-Express TV-Out, DVI, DirectX 10, pevný disk 250 GB 7200rpm SATA2, pamäť 2048 MB DDR2, DVD/RW Dual double layer napalovačka, 5.1 kanálový zvuk, 10/100 LAN, Čítačka kariet, Klávesnica Sk a optická myš
Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline : 03.01.2009 22:26 | posilvestrovsky trojsky kon

Použi Avenger s týmto skriptom:

Kód:
Files to delete:
C:\WINDOWS\system32\lhqtpipf.dll

Folders to delete:
C:\Program Files\AskBarDis


Fixni:

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O4 - HKLM\..\Run: [5ce84eb7] rundll32.exe "C:\WINDOWS\system32\lhqtpipf.dll",b

Potom nový log (nie do [code]) a popíš stav pc.


 [ Príspevkov: 2 ] 


posilvestrovsky trojsky kon



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

Trojsky kon

v Antivíry a antispywary

3

447

15.11.2008 20:55

SilverSurfer

V tomto fóre nie sú ďalšie neprečítané témy.

Silny trojsky kon.

v Antivíry a antispywary

2

999

07.12.2008 13:26

JanoF

V tomto fóre nie sú ďalšie neprečítané témy.

icq trojsky kon

v Sieťové a internetové programy

3

377

02.09.2007 17:15

Rbot

V tomto fóre nie sú ďalšie neprečítané témy.

trojsky kon problem

v Antivíry a antispywary

3

216

22.10.2012 13:48

personal compuper

V tomto fóre nie sú ďalšie neprečítané témy.

Trojsky kon v exploreri

v Antivíry a antispywary

2

420

08.02.2011 19:36

Belle

V tomto fóre nie sú ďalšie neprečítané témy.

Trojsky kon v BIOSE

v Operačné systémy Microsoft

9

725

01.12.2009 16:47

pitimir

V tomto fóre nie sú ďalšie neprečítané témy.

odstránenie vírusu Win32/Rustock trójsky kôň

v Antivíry a antispywary

5

3395

30.04.2010 0:02

blesko81

V tomto fóre nie sú ďalšie neprečítané témy.

trójsky kôň mp3 čo mám robiť :(

v Antivíry a antispywary

1

467

17.06.2008 20:40

Kosak

V tomto fóre nie sú ďalšie neprečítané témy.

Trojsky kon virus - prosim o radu...

v Antivíry a antispywary

25

4125

20.11.2007 1:01

Rbot

V tomto fóre nie sú ďalšie neprečítané témy.

Trojsky kon-Win32:Rbot-DAU [Trj]

v Antivíry a antispywary

2

950

27.03.2007 0:16

Markus

V tomto fóre nie sú ďalšie neprečítané témy.

Vírusy a Trojsky kon - prosím o pomoc

v Antivíry a antispywary

2

546

24.10.2007 12:07

huncut99

V tomto fóre nie sú ďalšie neprečítané témy.

trojsky-nejde vymazať

v Antivíry a antispywary

6

577

19.05.2007 20:09

Devil_SK

V tomto fóre nie sú ďalšie neprečítané témy.

4G internet od Ty-koň-u

v Poskytovatelia internetu

7

1164

09.03.2007 13:13

wolf14

V tomto fóre nie sú ďalšie neprečítané témy.

Win32/Patched.NAW trojsky konik

v Antivíry a antispywary

2

434

28.06.2011 9:01

martinerik2

V tomto fóre nie sú ďalšie neprečítané témy.

Adware, Spyware, Trojský kůň v jednom

v Antivíry a antispywary

4

659

12.08.2007 18:52

Rbot

V tomto fóre nie sú ďalšie neprečítané témy.

Zapchast trojsky kun v subore c:\a.bat

v Antivíry a antispywary

5

316

26.05.2008 8:30

walther



© 2005 - 2017 PCforum, edited by JanoF