[ Príspevkov: 12 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 09.11.09
Prihlásený: 04.03.17
Príspevky: 23
Témy: 6 | 6
NapísalOffline : 28.11.2009 5:55 | Security Center Alert!

Prosim vas pomože mi niekto zobrazi sa mi toto Security Center Alert!Virus Warning!Your computer is infected!Diky


Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 03.04.08
Prihlásený: 14.09.16
Príspevky: 4707
Témy: 37 | 37
Bydlisko: Trnava
NapísalOffline : 28.11.2009 6:04 | Security Center Alert!

nestahoval si nahodou Antivirus 2009 alebo Antivirus 2008?


_________________
Hmmm .... Hrošíček ... [Homer]
Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 09.11.09
Prihlásený: 04.03.17
Príspevky: 23
Témy: 6 | 6
Napísal autor témyOffline : 28.11.2009 8:54 | Security Center Alert!

don jebot píše:
nestahoval si nahodou Antivirus 2009 alebo Antivirus 2008?

Nie nestahoval som.


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0 | 0
NapísalOffline : 28.11.2009 16:22 | Security Center Alert!

Stahovat ani netreba, taketo veci sastiahnu aj sami :)

Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!


Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 09.11.09
Prihlásený: 04.03.17
Príspevky: 23
Témy: 6 | 6
Napísal autor témyOffline : 29.11.2009 11:41 | Security Center Alert!

pitimir píše:
Stahovat ani netreba, taketo veci sastiahnu aj sami :)

Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!

Vypnut všetky otvorené aplikácie to znamená čo je v spodnej lište na pravo pri hodinách(na XP) to všetko povypínat alebo len Avast!(mám len avast ako antivirus).diky


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0 | 0
NapísalOffline : 29.11.2009 13:55 | Security Center Alert!

To znamena ukoncit vsetku robotu na PC, spustit ComboFix a dat ruky z mysi aj klavesnice prec - ked svoju pracu skonci, objavi sa log. Ten sem treba vlozit ;)


Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 09.11.09
Prihlásený: 04.03.17
Príspevky: 23
Témy: 6 | 6
Napísal autor témyOffline : 29.11.2009 18:31 | Security Center Alert!

pitimir píše:
To znamena ukoncit vsetku robotu na PC, spustit ComboFix a dat ruky z mysi aj klavesnice prec - ked svoju pracu skonci, objavi sa log. Ten sem treba vlozit ;)

ComboFix 09-11-28.01 - Michaela Machalova 29.11.2009 18:10.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.3071.2590 [GMT -8:00]
Running from: c:\documents and settings\Michaela Machalova\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091129-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Michaela Machalova\autorun.inf
c:\documents and settings\Michaela Machalova\Documents .lnk
c:\documents and settings\Michaela Machalova\FuTLYq.exe
c:\documents and settings\Michaela Machalova\jusched.exe
c:\documents and settings\Michaela Machalova\Music .lnk
c:\documents and settings\Michaela Machalova\nBerfu.exe
c:\documents and settings\Michaela Machalova\New Folder .lnk
c:\documents and settings\Michaela Machalova\Passwords .lnk
c:\documents and settings\Michaela Machalova\Pictures .lnk
c:\documents and settings\Michaela Machalova\poija.exe
c:\documents and settings\Michaela Machalova\poija.scr
c:\documents and settings\Michaela Machalova\Video .lnk
c:\documents and settings\Michaela Machalova\wTsNUp.exe
c:\windows\system32\hlvdd.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS


((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-30 )))))))))))))))))))))))))))))))
.

2009-11-28 03:57 . 2009-11-28 03:57 158 ----a-w- c:\documents and settings\Michaela Machalova\aHprnL.bat
2009-11-28 03:50 . 2009-11-28 03:51 -------- dc-h--w- c:\windows\ie8
2009-11-28 03:32 . 2009-11-28 03:32 158 ----a-w- c:\documents and settings\Michaela Machalova\EpoLry.bat
2009-11-28 01:02 . 2009-11-28 03:35 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Google
2009-11-28 00:31 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-28 00:31 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-28 00:11 . 2009-11-28 00:11 158 ----a-w- c:\documents and settings\Michaela Machalova\EUZcti.bat
2009-11-26 01:19 . 2009-11-26 01:19 -------- d-----w- c:\program files\DoremiSoft
2009-11-26 00:51 . 2009-11-26 00:51 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-11-23 22:37 . 2009-11-23 22:37 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-11-22 04:08 . 2005-07-28 16:18 685056 ----a-w- c:\windows\system32\drivers\hardlock.sys
2009-11-22 04:08 . 2005-09-07 02:06 28672 ----a-w- c:\windows\system32\hlduinst.exe
2009-11-22 04:08 . 2001-09-29 03:00 164864 ----a-w- c:\windows\system32\UNWISE.EXE
2009-11-22 04:08 . 2005-09-28 22:24 2164411 ----a-w- c:\windows\system32\haspds_windows.dll
2009-11-22 04:08 . 2005-10-13 03:49 3063808 ----a-w- c:\windows\system32\hinstd.dll
2009-11-22 03:44 . 2009-11-22 04:35 -------- d-----w- C:\Tecar Forum
2009-11-22 03:08 . 2009-11-22 03:11 -------- d-----w- C:\Terminátor 4
2009-11-17 17:36 . 2009-11-17 17:36 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-17 17:36 . 2009-11-17 17:36 -------- d-----w- c:\program files\Reference Assemblies
2009-11-17 17:36 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-17 17:36 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-11-17 17:36 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-17 17:36 . 2009-11-17 17:36 -------- d-----w- C:\be1e18755113a04daa25dab5dddfbe
2009-11-17 17:36 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-11-17 17:36 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-11-17 17:36 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-11-17 17:36 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-11-15 18:11 . 2009-11-22 19:44 -------- d-----w- C:\DVD filmy
2009-11-15 17:16 . 2009-11-15 17:16 -------- d-----w- c:\documents and settings\yfl\LOCALS~1
2009-11-15 17:16 . 2009-11-15 17:16 -------- d-----w- c:\documents and settings\yfl
2009-11-15 17:08 . 2009-11-15 17:08 -------- d-----w- c:\program files\Xilisoft
2009-11-15 13:53 . 2009-11-15 13:53 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-11-15 09:20 . 2009-11-15 09:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-15 09:20 . 2009-11-15 09:20 -------- d-----w- c:\program files\Java
2009-11-15 09:20 . 2009-11-15 09:20 152576 ----a-w- c:\documents and settings\Michaela Machalova\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-15 03:48 . 2009-11-15 03:48 -------- d-sh--w- c:\documents and settings\Michaela Machalova\IECompatCache
2009-11-14 20:04 . 2009-11-14 20:07 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Adobe
2009-11-14 20:03 . 2009-11-14 20:03 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-14 17:35 . 2009-11-14 17:37 -------- d-----w- c:\program files\VIS
2009-11-14 16:08 . 2002-04-03 12:09 49457 ----a-r- c:\windows\system32\drivers\ftser2k.sys
2009-11-14 16:05 . 2007-12-25 11:21 414208 ----a-r- c:\windows\system32\ftdiunin.exe
2009-11-14 16:05 . 2002-04-03 12:09 18102 ----a-r- c:\windows\system32\drivers\ftdibus.sys
2009-11-14 16:01 . 2009-11-14 16:01 0 ---ha-w- c:\windows\msds.dat
2009-11-14 16:01 . 2009-11-14 16:01 -------- d-----w- C:\vag IHR3040n
2009-11-14 03:57 . 2009-11-14 03:57 -------- d-----w- c:\program files\MSXML 4.0
2009-11-13 02:35 . 2009-11-16 19:23 -------- d-----w- c:\program files\Microsoft Works
2009-11-13 02:35 . 2009-11-13 02:35 -------- d-----w- c:\program files\MSBuild
2009-11-13 02:34 . 2009-11-13 02:34 -------- d-----w- c:\program files\Microsoft.NET
2009-11-13 02:32 . 2009-11-13 02:32 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-13 02:31 . 2009-11-13 02:35 -------- d-----w- c:\windows\SHELLNEW
2009-11-13 02:31 . 2009-11-13 02:31 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Microsoft Help
2009-11-13 02:31 . 2009-11-16 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-13 02:30 . 2009-11-13 02:30 -------- d-----r- C:\MSOCache
2009-11-12 04:41 . 2009-11-12 04:41 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Identities
2009-11-12 04:41 . 2009-11-12 04:42 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\Ahead
2009-11-12 04:38 . 2009-11-12 05:55 -------- d-----w- c:\documents and settings\Michaela Machalova\Application Data\Ahead
2009-11-12 04:38 . 2009-11-12 04:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-11-12 04:37 . 2009-11-12 04:37 -------- d-----w- c:\program files\Common Files\Ahead
2009-11-12 04:37 . 2009-11-12 04:37 -------- d-----w- c:\program files\Nero
2009-11-12 04:37 . 2009-11-12 04:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-11-11 19:07 . 2009-11-22 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-11-11 19:07 . 2009-11-11 19:07 -------- d-----w- c:\program files\DVD Shrink
2009-11-11 18:11 . 2009-07-17 19:01 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2009-11-11 17:58 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-11-11 17:58 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-11-11 17:58 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-11-11 17:58 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-11-11 17:58 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-11-11 17:58 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-11-11 17:58 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-11-11 17:58 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-11-11 17:49 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-11 17:49 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-11-11 17:49 . 2009-08-04 14:20 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-11-11 17:44 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-11-11 17:44 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-11-11 17:43 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-11-11 17:23 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-11 17:21 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-11-11 17:20 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-11 17:17 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-11-11 17:16 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-11-11 17:15 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-11-11 17:06 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-11-11 14:53 . 2009-11-11 14:53 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-11 14:53 . 2009-11-30 00:08 -------- d-----w- c:\documents and settings\Michaela Machalova\Application Data\skypePM
2009-11-11 10:40 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-11 08:06 . 2008-08-14 10:04 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2009-11-11 03:43 . 2009-08-07 03:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-11-11 03:43 . 2009-08-07 03:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-11-11 02:44 . 2009-11-11 02:44 -------- d-----w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\WMTools Downloaded Files
2009-11-10 19:51 . 2009-11-30 02:07 -------- d-----w- c:\documents and settings\Michaela Machalova\Application Data\Skype
2009-11-10 19:51 . 2009-11-10 19:51 -------- d-----w- c:\program files\Skype
2009-11-10 19:51 . 2009-11-10 19:51 -------- d-----w- c:\program files\Common Files\Skype
2009-11-10 19:51 . 2009-11-10 19:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-11-10 19:06 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2009-11-10 07:19 . 2009-11-10 07:19 -------- d-sh--w- c:\documents and settings\Michaela Machalova\IETldCache
2009-11-10 07:18 . 2001-08-17 21:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-11-10 07:18 . 2001-08-17 21:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-11-10 07:18 . 2009-11-28 13:24 -------- d-----w- c:\windows\ie8updates
2009-11-10 07:18 . 2008-04-14 08:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-11-10 07:18 . 2008-04-14 08:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-11-10 07:17 . 2009-11-28 03:51 -------- d-----w- c:\windows\system32\sk-SK
2009-11-10 07:16 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-11-10 07:16 . 2009-08-29 08:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-10 07:16 . 2009-08-29 08:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-10 07:16 . 2009-08-29 08:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-10 07:16 . 2009-08-29 08:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-10 07:16 . 2009-08-29 08:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-10 07:16 . 2009-08-29 08:08 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-10 07:13 . 2009-01-08 02:20 24576 ----a-w- c:\windows\system32\nlsdl.dll
2009-11-10 07:13 . 2009-01-08 02:20 26112 ----a-w- c:\windows\system32\idndl.dll
2009-11-10 07:13 . 2009-01-08 02:20 23552 ----a-w- c:\windows\system32\normaliz.dll
2009-11-10 07:13 . 2009-01-08 02:20 265720 ----a-w- c:\windows\system32\msdbg2.dll
2009-11-10 02:15 . 2009-11-10 02:15 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-10 01:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-10 01:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-10 01:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-10 01:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-10 01:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-10 01:58 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-10 01:58 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-10 01:58 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-10 01:58 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-10 01:58 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-29 19:43 . 2009-11-10 06:58 69232 ----a-w- c:\documents and settings\Michaela Machalova\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-28 16:35 . 2006-02-28 12:00 96512 ------w- c:\windows\system32\drivers\atapi.sys
2009-09-15 05:55 . 2009-09-15 05:55 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-15 05:34 . 2009-09-15 05:15 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-15 05:34 . 2009-09-15 05:15 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-15 05:21 . 2009-09-15 05:16 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-09-15 05:13 . 2009-09-15 05:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-11 14:18 . 2006-02-28 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2006-02-28 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-29_22.38.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-15 05:36 . 2009-11-29 22:37 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-15 05:36 . 2009-11-29 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-15 05:36 . 2009-11-29 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-09-15 05:36 . 2009-11-29 22:37 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-11-26 00:51 . 2009-11-29 18:59 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-11-26 00:51 . 2009-11-29 22:37 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-09-15 05:36 . 2009-11-29 22:37 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-09-15 05:36 . 2009-11-29 18:59 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
"waaifi"="c:\documents and settings\Michaela Machalova\waaifi.exe" [BU]
"poija"="c:\documents and settings\Michaela Machalova\poija.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X]
"MsgTranAgt"="c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe" [2008-08-18 117304]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKHOTKEY"="c:\program files\ASUS\ATK Hotkey\HControl.exe" [2008-10-21 166456]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-27 90112]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-31 1343488]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-15 149280]
"Java Quick Start"="c:\documents and settings\Michaela Machalova\jusched.exe" [BU]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-07 17421824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-8-2 2760704]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.11.2009 16:31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.11.2009 16:31 20560]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [6.4.2008 22:00 6656]
.
Contents of the 'Scheduled Tasks' folder

2009-11-30 c:\windows\Tasks\User_Feed_Synchronization-{DF3022E9-167B-4119-AE09-BB2A37ED0C4E}.job
- c:\windows\system32\msfeedssync.exe [2009-11-28 12:31]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-29 18:18
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A4C4369]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf735ecb8
\Driver\atapi -> atapi.sys @ 0xf7316852
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: SiS191 Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7222bb0
PacketIndicateHandler -> aswSP.SYS @ 0xa1f01d50
SendHandler -> aswSP.SYS @ 0xa1f01dae
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2680806290-407579845-928017448-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
@DACL=(02 0000)
@SACL=
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
@DACL=(02 0000)
@SACL=
"Asynchronous"=dword:00000001
"DllName"=expand:"%SystemRoot%\\System32\\dimsntfy.dll"
"Startup"="WlDimsStartup"
"Shutdown"="WlDimsShutdown"
"Logon"="WlDimsLogon"
"Logoff"="WlDimsLogoff"
"StartShell"="WlDimsStartShell"
"Lock"="WlDimsLock"
"Unlock"="WlDimsUnlock"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(800)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1604)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2009-11-29 18:21
ComboFix-quarantined-files.txt 2009-11-30 02:21

Pre-Run: 479 806 812 160 bytes free
Post-Run: 13 adresárov, 479 831 367 680 voľných bajtov

- - End Of File - - 81E66F0CF1535E6855B9B0645FC7C353


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0 | 0
NapísalOffline : 30.11.2009 19:38 | Security Center Alert!

Je tam bordel...ale najprv toto:

1) Stiahni Defogger. Spust, klik na "Disable" -> "OK". V mieste spustenia by sa mal zjavit log, ten sem vloz.



2) Stiahni >>tento<< subor na plochu.
Skopiruj do poznamkoveho bloku:

Kód:
@echo off
"%userprofile%\desktop\TDSSKiller.exe" -l report.txt -v
notepad report.txt
del %0
exit

Uloz ako antiTDL3.bat (typ vsetky subory) na plochu. Otvor dvojklikom -> OK.
Spusti sa program, po skonceni scanu stlac lubovolnu klavesu. Otvori sa ti textovy dokument, jeho obsah mi sem skopiruj.


3) Stiahni OTC. Spust, klik na "CleanUp", potvrd okna a restart.


4) Stiahni novy ComboFix (stiahni ho znova) a sprav z neho log.


Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 09.11.09
Prihlásený: 04.03.17
Príspevky: 23
Témy: 6 | 6
Napísal autor témyOffline : 02.12.2009 9:45 | Security Center Alert!

pitimir píše:
Je tam bordel...ale najprv toto:

1) Stiahni Defogger. Spust, klik na "Disable" -> "OK". V mieste spustenia by sa mal zjavit log, ten sem vloz.



2) Stiahni >>tento<< subor na plochu.
Skopiruj do poznamkoveho bloku:

Kód:
@echo off
"%userprofile%\desktop\TDSSKiller.exe" -l report.txt -v
notepad report.txt
del %0
exit

Uloz ako antiTDL3.bat (typ vsetky subory) na plochu. Otvor dvojklikom -> OK.
Spusti sa program, po skonceni scanu stlac lubovolnu klavesu. Otvori sa ti textovy dokument, jeho obsah mi sem skopiruj.


3) Stiahni OTC. Spust, klik na "CleanUp", potvrd okna a restart.


4) Stiahni novy ComboFix (stiahni ho znova) a sprav z neho log.

Už som to dal do servisu lebo mi nechcel naskočit windows.Díky za pomoc.Nabuduce ked budem mat problemy s pc alebo notebookom tak sa ozvem.Ešte raz díky poklona vám.


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0 | 0
NapísalOffline : 02.12.2009 20:25 | Security Center Alert!

No som zvedavy, ci to spravia bez reinstalu...ten TDSS rootkit je poriadna svina :)

Anyway, rado sa stalo.


Offline

Užívateľ
Užívateľ
Security Center  Alert!

Registrovaný: 09.11.09
Prihlásený: 04.03.17
Príspevky: 23
Témy: 6 | 6
Napísal autor témyOffline : 03.12.2009 10:32 | Security Center Alert!

pitimir píše:
No som zvedavy, ci to spravia bez reinstalu...ten TDSS rootkit je poriadna svina :)

Anyway, rado sa stalo.

To som aj ja zvedavý!!!Chcem sa spýtat nepokazil som to s tym programom čo ste mi dávali radi?


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0 | 0
NapísalOffline : 03.12.2009 14:10 | Security Center Alert!

Ktory myslis? ComboFix? Nie, nemal si co pokazit...


 [ Príspevkov: 12 ] 


Security Center Alert!



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

Security Center

v Operačné systémy Microsoft

2

258

20.10.2006 12:50

markesy

V tomto fóre nie sú ďalšie neprečítané témy.

Personal security center

v Bezpečnosť a firewally

16

2301

11.09.2007 20:07

Dzimbo

V tomto fóre nie sú ďalšie neprečítané témy.

C&C - Red Alert 2 - Red Alert 2 Yuri´s Revange

v Počítačové hry

9

238

01.01.2015 1:21

okatjar

V tomto fóre nie sú ďalšie neprečítané témy.

ESET Smart Security 4 vs. Norton Internet Security 2010

v Antivíry a antispywary

5

677

14.03.2010 17:25

Snipo

V tomto fóre nie sú ďalšie neprečítané témy.

Kaspersky Internet Security 2009 vs. Eset Smart Security

v Antivíry a antispywary

8

1404

07.10.2008 0:43

Kosak

V tomto fóre nie sú ďalšie neprečítané témy.

Eset Smart Security 4 vs MS Security Essentials

[ Choď na stránku:Choď na stránku: 1, 2 ]

v Antivíry a antispywary

34

2635

11.02.2010 17:54

Mindfreak

V tomto fóre nie sú ďalšie neprečítané témy.

Eset Smart Security vs. AVIRA Premium Security Suite

v Antivíry a antispywary

3

926

14.05.2009 21:14

emajko159

V tomto fóre nie sú ďalšie neprečítané témy.

Norton Internet Security 2010 vs. Eset Smart Security

v Antivíry a antispywary

17

1169

12.04.2010 8:33

lubos250

V tomto fóre nie sú ďalšie neprečítané témy.

Eset Smart Security 4 vs AVG Internet security 8.5

v Antivíry a antispywary

23

2023

14.07.2009 16:27

citizen

V tomto fóre nie sú ďalšie neprečítané témy.

ESET Smart Security 4.2 a ESET Mail Security for MES

v Novinky

5

391

13.03.2010 20:09

XxRENDYxX

V tomto fóre nie sú ďalšie neprečítané témy.

Avast 7 Internet Security alebo AVG Internet Security 2012

v Antivíry a antispywary

5

552

22.04.2012 0:30

Leslie12

V tomto fóre nie sú ďalšie neprečítané témy.

system alert

v Antivíry a antispywary

3

940

18.12.2006 19:29

palinodsl

V tomto fóre nie sú ďalšie neprečítané témy.

Red Alert 3

[ Choď na stránku:Choď na stránku: 1, 2 ]

v Počítačové hry

46

2820

22.11.2008 23:05

icefire

V tomto fóre nie sú ďalšie neprečítané témy.

Red Alert 2

v Počítačové hry

4

1121

27.03.2006 17:13

M4fiosso

V tomto fóre nie sú ďalšie neprečítané témy.

stary Red Alert

v Počítačové hry

1

402

11.03.2008 16:11

OmeGa

V tomto fóre nie sú ďalšie neprečítané témy.

Alert pred odoslaním formulára

v JavaScript, VBScript, Ajax

1

212

17.11.2009 21:51

rooobertek



© 2005 - 2017 PCforum, edited by JanoF