VIRY.CZ

Vsechno udelano, vycisteno. VELKY DIIIK.

Jaky typ haveti to byl? root-kit?

Mooooockrat dekuju.
Majiteli kompu predam cislo na zaslani darovaci smsky nebo ho radeji poslu na terminal sazky.

DIK

ComboFix log po léčení:
=================
ComboFix 10-06-08.05 - Vasek 09.06.2010 19:13:42.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.618 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vasek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents ...

Zase se to kouslo. Konci to na:

[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

To OTL se zaseklo na odstraneni jednoho toolbaru a nic nedela: Program neodpovida. Cekam a nic. Vsechna okna jsou vypnuta, rezident NOD vypnut. Zatezuje CPU z 50%.
Mam jeste pockat, nebo mam proces ukoncit?

Zatim ten ComboFix2.txt z 20.4.2010
============================
ComboFix 09-08-10.01 - Vasek 20.04.2010 20:51.1.2 - NTFSx86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.689 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vasek\My Documents\Stažené soubory ...

Si spustel Ty ComboFix2.txt 2010-04-20 18:56? Pokud ano, neznalym do ruky Cf nepatri. Vloz obsah logu ComboFix2.txt

NE ja to nebyl. Ten pocitac mam v rukou od vcerejska. pokusim se ho najit a hodim to sem.

Toolbary smazat. Je to otravny balast.

Jak zabezpecit pocitac, ktery prevazne pouziva 14-ti lety kluk, ktery si rizika pouzivani netu vubec neuvedomuje a rodice se vubec nevyznaji (pripad tohoto leceneho kompu)? ESET je taky out of date a kdo vi jak casto se pokuseji o nejakou aktualizaci.
Tento konkretni pocitac neni pod mym dozorem.

Ahoj,

ComboFix log:
=====================
ComboFix 10-06-08.05 - Vasek 09.06.2010 16:56:40.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.618 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vasek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access ...

1) Log z VT
http://www.virustotal.com/cs/analisis/927329f9244da9f0074fa0d4c101ee793afcf433155e58714c33444c5ef35014-1276023277

2) Log HJT po leceni
================
Logfile of HijackThis v1.99.1
Scan saved at 21:05:51, on 8.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer ...

Otravny okno obtezovat ostalo :-)

Tady je ten log:
======================
All processes killed
========== OTL ==========
No active process named system32.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59 ...

---------- pokracovani ------------
========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
"SmpcSys" = C ...

Ahoj,
dik za rychlou reakci.
Log OTL:
=============
OTL logfile created on: 8.6.2010 20:03:43 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Vasek\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer ...

Prosim o kontrolu logu. Pocitac napaden virem "SMS vyderacem"
RSIT log:
==============================
Logfile of random's system information tool 1.07 (written by random/random)
Run by Vasek at 2010-06-08 19:21:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 136 GB ...