Právě je 25 srp 2019 07:01

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 2 ] 
Autor Zpráva
 Předmět příspěvku: Odosielanie neziadaneho odkazu
PříspěvekNapsal: 14 črc 2010 09:50 
Offline
Návštěvník
Návštěvník

Registrován: 14 črc 2010 09:23
Příspěvky: 11
cawte mam taky problem kamaratka mi poslal foto :D http://ow.ly/2b7Xp?=www.facebook.com/photo.php tento web a teraz mi to odosiela kontaktom na skype a icq (tu stranku) Neotvarat tu stranku!!
http://www.virustotal.com/cs/analisis/9 ... 1279059547 som preskenoval ten subor cez virustotal

Tu je log z combofix
Kód:
ComboFix 10-07-13.07 - Majo 14/07/2010  11:19:09.1.2 - x86
Microsoft® Windows Extreme™ Gamers Edition   6.0.6001.1.1252.44.1033.18.3324.2179 [GMT 2:00]
Running from: c:\users\Majo\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
 * Created a new restore point
 * Resident AV is active

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\desktop.ini
C:\poppy.exe
c:\program files\Cheat Engine\dbk32.sys
c:\program files\FaceSmooch Toolbar\tbHElper.dll
C:\setup.exe
c:\windows\jusched.exe
c:\windows\My.ini
c:\windows\system32\Explorer
c:\windows\system32\Explorer\cd.txt
c:\windows\system32\Explorer\firefox.txt

.
(((((((((((((((((((((((((   Files Created from 2010-06-14 to 2010-07-14  )))))))))))))))))))))))))))))))
.

2010-07-14 08:49 . 2010-07-14 08:58   --------   d-----w-   c:\program files\a-squared Free
2010-07-13 14:56 . 2010-07-13 19:23   --------   d-----w-   c:\programdata\Spybot - Search & Destroy
2010-07-13 14:56 . 2010-07-13 16:18   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2010-07-13 10:58 . 2010-07-13 10:58   --------   d-----w-   C:\Little Big Adventure
2010-07-13 07:59 . 2010-07-13 07:59   --------   d-----w-   C:\WoW_AddonPack_TBC_2.4.3
2010-07-11 12:50 . 2009-11-03 12:07   679936   ----a-w-   c:\windows\system32\D3DX81ab.dll
2010-07-11 12:50 . 2009-11-03 12:07   1970176   ----a-w-   c:\windows\system32\d3dx9.dll
2010-07-11 12:50 . 2010-07-14 09:27   --------   d-----w-   c:\program files\Cheat Engine
2010-07-10 16:03 . 2010-07-10 16:03   --------   d-----w-   c:\users\Majo\{7af2a915-6f36-476f-94cf-45b0bf816de0}
2010-07-10 14:25 . 2010-07-10 14:25   --------   d-----w-   c:\programdata\Trymedia
2010-07-10 14:18 . 2010-07-10 14:49   --------   d-----w-   c:\program files\Crashday - Speedcombat
2010-07-10 14:12 . 2004-04-23 12:23   2506752   ----a-w-   c:\windows\system32\LWCtPl.dll
2010-07-10 14:12 . 2004-04-23 12:26   17344   ----a-w-   c:\windows\system32\drivers\LHidHi.sys
2010-07-10 14:12 . 2004-04-23 12:26   13888   ----a-w-   c:\windows\system32\drivers\LHidLo.sys
2010-07-10 14:12 . 2004-04-23 12:26   10432   ----a-w-   c:\windows\system32\drivers\LUsbSys.sys
2010-07-10 14:12 . 2004-04-23 12:25   86016   ----a-w-   c:\windows\system32\W9xDAPI.dll
2010-07-10 14:12 . 2000-11-28 09:35   27388   ----a-w-   c:\windows\system32\drivers\ihidfilt.sys
2010-07-10 14:12 . 2010-07-10 14:12   --------   d-----w-   c:\program files\Common Files\Logitech
2010-07-10 14:12 . 2004-04-23 12:26   33216   ----a-w-   c:\windows\system32\LFLoad.sys
2010-07-10 14:12 . 2004-04-23 12:24   61440   ----a-w-   c:\windows\system32\W9XdInst.dll
2010-07-10 14:12 . 2004-04-23 12:24   356352   ----a-w-   c:\windows\system32\WMWizard.dll
2010-07-10 14:12 . 2004-04-14 08:54   163840   ----a-w-   c:\windows\system32\WmJoyFrc.dll
2010-07-10 14:11 . 2010-07-10 14:11   --------   d-----w-   c:\program files\Logitech
2010-07-10 14:11 . 2010-07-10 14:11   --------   d-----w-   c:\program files\Common Files\InstallShield
2010-07-10 13:14 . 2010-07-10 13:14   --------   d-----w-   c:\users\Majo\AppData\Roaming\IObit
2010-07-10 13:14 . 2010-07-10 13:14   --------   d-----w-   c:\program files\IObit
2010-07-09 17:13 . 2010-07-09 17:13   --------   d-----w-   C:\RtmK(09)
2010-07-08 18:47 . 2010-07-08 18:47   --------   d-----w-   c:\users\Majo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-07-08 16:17 . 2010-07-08 16:17   --------   d-----w-   c:\programdata\Blizzard Entertainment
2010-07-07 19:28 . 2010-07-07 19:29   --------   d-----w-   c:\users\Majo\AppData\Roaming\GetRightToGo
2010-07-06 20:07 . 2010-07-06 20:07   --------   d-----w-   c:\users\Majo\AppData\Roaming\Ubisoft
2010-07-06 20:06 . 2010-07-06 20:06   --------   d-----w-   c:\programdata\Ubisoft
2010-07-05 13:54 . 2009-09-25 08:34   53280   ----a-w-   c:\windows\system32\RHCoInst.dll
2010-07-05 13:54 . 2009-09-25 08:34   2968608   ----a-w-   c:\windows\system32\RtkHDMI.dll
2010-07-05 13:54 . 2009-09-25 08:34   1352224   ----a-w-   c:\windows\system32\RHDMIExt.dll
2010-07-05 13:54 . 2009-09-25 08:13   159232   ----a-w-   c:\windows\system32\drivers\RtHDMIV.sys
2010-07-05 13:54 . 2009-03-09 03:32   290304   ----a-w-   c:\windows\system32\RH3DAA32.dll
2010-07-05 13:54 . 2009-03-09 03:31   290304   ----a-w-   c:\windows\system32\RH3DHT32.dll
2010-07-05 13:35 . 2010-07-05 13:36   --------   d-----w-   c:\programdata\DriverScanner
2010-07-05 13:35 . 2010-07-05 13:35   --------   d-----w-   c:\program files\Uniblue
2010-07-05 13:10 . 2010-07-05 13:10   --------   d-----w-   c:\program files\TNod User & Password Finder
2010-07-05 13:10 . 2010-07-05 13:10   --------   d-----w-   c:\users\Majo\AppData\Local\ESET
2010-07-05 13:07 . 2010-07-05 13:07   --------   d-----w-   c:\program files\ESET
2010-07-04 18:32 . 2010-07-04 19:14   --------   d-----w-   c:\users\Majo\AppData\Roaming\AbsoluteTelnet
2010-07-04 18:32 . 2010-07-04 19:14   --------   d-----w-   c:\program files\AbsoluteTelnet
2010-07-04 14:51 . 2010-07-14 08:17   --------   d-----w-   C:\World of Warcraft TBC
2010-07-04 11:08 . 2010-07-04 11:08   61445   ----a-w-   C:\DarkCheatsv2.zip
2010-07-03 17:29 . 2010-07-03 17:29   0   ----a-w-   c:\windows\nsreg.dat
2010-07-03 17:29 . 2010-07-03 17:29   --------   d-----w-   c:\users\Majo\AppData\Local\Mozilla
2010-07-03 17:11 . 2010-07-14 09:27   --------   d-----w-   c:\program files\FaceSmooch Toolbar
2010-07-01 11:55 . 2010-07-01 17:42   --------   d-----w-   c:\program files\Counter-Strike Source
2010-07-01 09:45 . 2010-07-01 09:48   --------   d-----w-   c:\windows\system32\Adobe
2010-06-30 11:49 . 2010-04-14 17:47   293376   ----a-w-   c:\windows\system32\psisdecd.dll
2010-06-30 11:49 . 2010-04-14 17:46   428544   ----a-w-   c:\windows\system32\EncDec.dll
2010-06-30 11:44 . 2010-04-16 16:05   28672   ----a-w-   c:\windows\system32\Apphlpdm.dll
2010-06-30 11:44 . 2010-04-16 14:17   4240384   ----a-w-   c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-29 18:42 . 2010-06-29 18:42   --------   d-----w-   c:\users\Majo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-06-29 18:42 . 2010-06-29 18:42   --------   d-----w-   c:\users\Majo\AppData\Roaming\Adobe Mini Bridge CS5
2010-06-29 18:32 . 2010-06-29 18:32   --------   d-----w-   c:\program files\Adobe Media Player
2010-06-29 18:30 . 2010-06-29 18:30   --------   d-----w-   c:\program files\Common Files\Adobe AIR
2010-06-29 18:24 . 2010-06-29 18:52   --------   d-----w-   c:\users\Majo\AppData\Local\Adobe
2010-06-29 18:23 . 2010-06-29 18:37   --------   d-----w-   c:\programdata\regid.1986-12.com.adobe
2010-06-29 18:23 . 2010-06-29 18:33   --------   d-----w-   c:\program files\Common Files\Adobe
2010-06-29 15:30 . 2010-07-07 19:55   5002   ----a-w-   c:\windows\system32\FilterData.dat
2010-06-29 15:19 . 2010-06-29 15:19   --------   d-----w-   c:\program files\Microsoft.NET
2010-06-29 15:17 . 2009-11-08 17:55   99176   ----a-w-   c:\windows\system32\PresentationHostProxy.dll
2010-06-29 15:17 . 2009-11-08 17:55   49472   ----a-w-   c:\windows\system32\netfxperf.dll
2010-06-29 15:17 . 2009-11-08 17:55   297808   ----a-w-   c:\windows\system32\mscoree.dll
2010-06-29 15:17 . 2009-11-08 17:55   295264   ----a-w-   c:\windows\system32\PresentationHost.exe
2010-06-29 15:17 . 2009-11-08 17:55   1130824   ----a-w-   c:\windows\system32\dfshim.dll
2010-06-29 14:43 . 2010-06-02 02:55   74072   ----a-w-   c:\windows\system32\XAPOFX1_5.dll
2010-06-29 14:43 . 2010-06-02 02:55   527192   ----a-w-   c:\windows\system32\XAudio2_7.dll
2010-06-29 11:46 . 2010-07-12 17:47   --------   d-----w-   c:\program files\SpeedFan
2010-06-28 15:41 . 2010-06-28 15:41   --------   d-----w-   c:\programdata\page
2010-06-28 15:41 . 2010-06-28 15:41   --------   d-----w-   c:\program files\Ashampoo
2010-06-28 11:18 . 2010-06-28 11:19   --------   d-----w-   c:\program files\SecondLifeViewer2
2010-06-28 11:11 . 2010-07-05 15:22   --------   d-----w-   c:\users\Majo\AppData\Local\SecondLife
2010-06-28 11:11 . 2010-06-28 11:18   --------   d-----w-   c:\users\Majo\AppData\Roaming\SecondLife
2010-06-27 17:01 . 2010-06-27 17:01   --------   d-----w-   c:\program files\NCSoft
2010-06-27 16:46 . 2010-06-27 16:46   --------   d-----w-   c:\users\Majo\AppData\Local\assembly
2010-06-27 09:33 . 2010-06-27 09:33   --------   d-----w-   c:\program files\PFPortChecker
2010-06-26 11:05 . 2010-07-09 10:47   --------   d-----w-   c:\program files\Common Files\Blizzard Entertainment
2010-06-26 08:45 . 2010-06-26 08:45   --------   d-----w-   c:\users\Majo\AppData\Local\ProphetX
2010-06-25 18:48 . 2010-06-25 18:48   --------   d-----w-   c:\programdata\Blizzard
2010-06-25 16:18 . 2009-07-10 10:33   1589248   ----a-w-   c:\windows\system32\libmysql_d.dll
2010-06-25 14:40 . 2010-06-25 14:40   --------   d-----w-   c:\users\Majo\AppData\Local\Rowen_Coding_Productions
2010-06-23 17:35 . 2010-06-23 17:35   --------   d-----w-   c:\program files\Unlocker
2010-06-23 17:10 . 2010-06-23 17:10   --------   d-----w-   c:\users\Majo\AppData\Local\Microsoft Game Studios
2010-06-23 17:10 . 2010-06-23 17:10   --------   d-----w-   c:\programdata\Microsoft Games
2010-06-23 17:10 . 2010-06-23 17:10   --------   d-----w-   c:\users\Majo\AppData\Roaming\Microsoft Game Studios
2010-06-22 17:23 . 2010-07-10 13:40   --------   d-----w-   c:\users\Majo\AppData\Local\Microsoft Games
2010-06-22 16:12 . 2010-06-22 16:12   --------   d-----w-   c:\program files\MySQL
2010-06-21 18:08 . 2010-06-21 18:08   --------   d-----w-   c:\program files\MSXML 4.0
2010-06-20 18:52 . 2010-06-20 18:52   --------   d-----w-   c:\programdata\MySQL
2010-06-20 17:35 . 2010-02-03 13:56   26176   ---ha-w-   c:\windows\system32\hamachi.sys
2010-06-20 17:35 . 2010-06-20 17:35   --------   d-----w-   c:\program files\LogMeIn Hamachi
2010-06-20 17:35 . 2010-07-14 09:11   --------   d-----w-   c:\users\Majo\AppData\Local\LogMeIn Hamachi
2010-06-20 11:05 . 2010-06-20 11:05   --------   d-----w-   c:\users\Majo\AppData\Local\Google
2010-06-19 20:36 . 2010-06-19 20:36   --------   d-----w-   c:\users\Majo\AppData\Local\Apps
2010-06-19 20:36 . 2010-06-19 20:36   --------   d-----w-   c:\users\Majo\AppData\Local\Deployment
2010-06-17 15:07 . 2010-06-17 15:07   --------   d-----w-   c:\program files\ICQ6Toolbar
2010-06-17 15:07 . 2010-06-17 15:07   --------   d-----w-   c:\programdata\ICQ
2010-06-17 15:07 . 2010-06-17 15:07   --------   d-----w-   c:\users\Majo\AppData\Local\AOL
2010-06-17 15:07 . 2010-06-17 15:08   --------   d-----w-   c:\program files\ICQ7.2
2010-06-17 13:03 . 2010-06-17 13:03   --------   d-----w-   c:\windows\Sun
2010-06-17 13:00 . 2010-07-01 18:17   99   ----a-w-   c:\users\Majo\jagex_runescape_preferences2.dat
2010-06-17 13:00 . 2010-06-17 13:00   0   ----a-w-   c:\users\Majo\jagex__preferences3.dat
2010-06-17 12:58 . 2010-06-17 12:58   --------   d-----w-   C:\.jagex_cache_32
2010-06-17 12:57 . 2010-07-01 18:16   46   ----a-w-   c:\users\Majo\jagex_runescape_preferences.dat
2010-06-17 12:57 . 2010-06-17 13:07   --------   d-----w-   c:\windows\.jagex_cache_32
2010-06-17 12:56 . 2010-06-17 12:56   --------   d-----w-   c:\users\Majo\AppData\Local\jagexlauncher
2010-06-17 12:55 . 2010-06-17 12:55   --------   d-----w-   c:\program files\Common Files\Java
2010-06-17 12:55 . 2010-06-17 12:54   411368   ----a-w-   c:\windows\system32\deployJava1.dll
2010-06-17 12:54 . 2010-06-17 12:54   --------   d-----w-   c:\program files\Java
2010-06-17 11:54 . 2010-02-12 10:48   293376   ----a-w-   c:\windows\system32\browserchoice.exe
2010-06-17 11:48 . 2010-07-13 19:44   --------   d-----w-   c:\users\Majo\AppData\Roaming\ICQ
2010-06-17 11:46 . 2008-06-20 01:14   105016   ----a-w-   c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-06-17 11:46 . 2008-06-20 01:14   97800   ----a-w-   c:\windows\system32\infocardapi.dll
2010-06-17 11:46 . 2008-06-20 01:14   11264   ----a-w-   c:\windows\system32\icardres.dll
2010-06-17 11:46 . 2008-06-20 01:14   622080   ----a-w-   c:\windows\system32\icardagt.exe
2010-06-17 11:46 . 2008-06-20 01:14   781344   ----a-w-   c:\windows\system32\PresentationNative_v0300.dll
2010-06-17 11:41 . 2008-07-27 18:03   158720   ----a-w-   c:\windows\system32\mscorier.dll
2010-06-17 11:40 . 2008-07-27 18:03   83968   ----a-w-   c:\windows\system32\mscories.dll
2010-06-17 11:38 . 2010-02-20 23:39   24064   ----a-w-   c:\windows\system32\nshhttp.dll
2010-06-17 11:38 . 2010-02-20 23:37   31232   ----a-w-   c:\windows\system32\httpapi.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-05 14:00 . 2010-07-05 13:59   2682880   ----a-w-   c:\users\Majo\AppData\Roaming\Uniblue\DriverScanner\LatestUpdate.exe
2010-07-05 13:55 . 2006-07-03 06:07   3500462   ---ha-w-   C:\logs.dat
2010-07-05 13:52 . 2010-07-05 13:36   17787900   ----a-w-   c:\users\Majo\AppData\Roaming\Uniblue\DriverScanner\Download\hdaudio_func_01_ven_1002_dev_aa016_0_1_5945.exe
2010-07-01 12:45 . 2008-01-21 02:22   80051   ----a-w-   c:\windows\system32\slmgr.vbs
2010-06-29 18:30 . 2010-06-29 18:30   38784   ----a-w-   c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-06-23 17:11 . 2006-11-02 12:35   --------   d-----w-   c:\program files\Microsoft Games
2010-06-22 12:55 . 2010-06-22 12:55   0   ---ha-w-   c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-17 12:56 . 2010-06-17 12:56   15086   ----a-r-   c:\users\Majo\AppData\Roaming\Microsoft\Installer\{F01F95F8-7596-469D-A44B-C104106BA5F9}\launcher.exe
2010-06-17 12:26 . 2006-11-02 11:18   --------   d-----w-   c:\program files\Windows Mail
2010-06-17 12:25 . 2006-11-02 10:25   665600   ----a-w-   c:\windows\inf\drvindex.dat
2010-06-15 13:13 . 2010-06-15 13:02   680   ----a-w-   c:\users\Majo\AppData\Local\d3d9caps.dat
2010-06-02 02:55 . 2010-06-29 14:42   239960   ----a-w-   c:\windows\system32\xactengine3_7.dll
2010-06-01 13:49 . 2010-06-01 13:49   3156992   --sh--w-   C:\BLUDYBkB1Dc_save2pc.exe
2010-05-27 13:19 . 2010-05-27 13:19   853434   ----a-w-   C:\Adobe CS5 Ultimate Activator.zip
2010-05-26 09:41 . 2010-06-29 14:42   470880   ----a-w-   c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-06-29 14:42   248672   ----a-w-   c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-06-29 14:42   2106216   ----a-w-   c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-06-29 14:42   1998168   ----a-w-   c:\windows\system32\D3DX9_43.dll
2010-05-26 09:41 . 2010-06-29 14:42   1868128   ----a-w-   c:\windows\system32\d3dcsx_43.dll
2010-05-20 11:52 . 2010-05-20 11:52   3156992   --sh--w-   C:\BLUDYYaF6Jt_save2pc.exe
2010-05-04 18:42 . 2010-06-16 14:07   833024   ----a-w-   c:\windows\system32\wininet.dll
2010-05-04 18:37 . 2010-06-16 14:07   78336   ----a-w-   c:\windows\system32\ieencode.dll
2010-05-04 17:03 . 2010-05-04 17:03   301056   ----a-w-   C:\High Roller.exe
2010-05-04 16:53 . 2010-06-16 14:07   26624   ----a-w-   c:\windows\system32\ieUnatt.exe
2010-05-01 13:53 . 2010-06-16 14:03   2036224   ----a-w-   c:\windows\system32\win32k.sys
2010-04-29 09:47 . 2010-04-29 09:47   499712   ----a-w-   c:\windows\system32\msvcp71.dll
2010-04-29 09:47 . 2010-04-29 09:47   348160   ----a-w-   c:\windows\system32\msvcr71.dll
2010-04-26 13:11 . 2010-04-26 13:11   788424   ----a-w-   C:\cssrpg1.0.5.zip
2010-04-23 13:55 . 2010-06-16 14:11   2048   ----a-w-   c:\windows\system32\tzres.dll
2010-04-16 16:10 . 2010-06-16 14:07   1314816   ----a-w-   c:\windows\system32\quartz.dll
2010-04-16 16:05 . 2010-06-30 11:44   459776   ----a-w-   c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:05 . 2010-06-30 11:44   173056   ----a-w-   c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:05 . 2010-06-30 11:44   541696   ----a-w-   c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:05 . 2010-06-30 11:44   2153984   ----a-w-   c:\windows\AppPatch\AcGenral.dll
.

------- Sigcheck -------

[-] 2006-11-10 . 921D359C1168867B515C219ACCED9609 . 245248 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-08 15:40   1362320   ----a-w-   c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-08 1362320]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-08 1362320]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-16 322352]
"NCsoft Launcher"="c:\program files\NCSoft\Launcher\NCLauncher.exe" [2010-07-02 38184]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-06-17 133368]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingD6153"="del" [X]
"SpybotDeletingB256"="command.com" [2006-11-02 50648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2145000]
"TNOD UP"="c:\program files\TNod User & Password Finder\TNODUP.exe" [2010-04-01 1811968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MySQL41;MySQL41;c:\program files\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=c:\program files\MySQL\MySQL Server 5.1\my.ini MySQL41 [x]
R3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-15 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2010-04-15 1872320]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2009-07-22 81920]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2007-02-07 1298944]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2009-07-22 2736128]

.
Contents of the 'Scheduled Tasks' folder

2010-07-14 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-07-10 13:35]

2010-07-14 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-10 12:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bigseekpro.com/facesmooch/{849BBF49-1B94-4164-B3D7-AA0D61EE5ADB}
mStart Page = hxxp://www.bigseekpro.com/facesmooch/{849BBF49-1B94-4164-B3D7-AA0D61EE5ADB}
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - c:\users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\8nqlmetz.default\
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Java developer Script Browse - c:\windows\jusched.exe
HKLM-Run-C6501Sound - c6501.cpl



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-14 11:28
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mysql]
"ImagePath"="\"c:\world of warcraft tbc\AC Web Ultimate Repack\Server\mysql\bin\mysqld-nt\" \"--defaults-file=c:\world of warcraft tbc\AC Web Ultimate Repack\Server\mysql\bin\my.cnf\" mysql"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MySQL41]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL41"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-07-14  11:32:47
ComboFix-quarantined-files.txt  2010-07-14 09:32

Pre-Run: 2,594,803,712 bytes free
Post-Run: 2,442,371,072 bytes free

- - End Of File - - 218DBC35B6E97BFA9809EE2BEFF7F488


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Odosielanie neziadaneho odkazu
PříspěvekNapsal: 14 črc 2010 16:27 
Offline
VIP
VIP
Uživatelský avatar

Registrován: 23 říj 2008 08:02
Příspěvky: 23297
Bydliště: Haná
Nezakládejte prosím duplicitní topicy, pokračujte zde
viewtopic.php?f=13&t=102714
Zde poprosím moderátory o lock.

_________________
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 2 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?