Stránka: 1 z 1
| [ Príspevkov: 13 ] | |
Autor | Správa |
---|
Registrovaný: 25.01.07 Prihlásený: 25.07.08 Príspevky: 43 Témy: 8 | 8 Bydlisko: SNV |
Začal som hrať GTA San Andreas cez internet a hľadal som po nete nejaké tie utility. Na stránka jedného klanu (na ktorého servery často hrávam) som našiel jedne program. Stiahol som ho, spustil a PC sa mi reštartovalo. Po nabehnutí som zadal heslo do môjho profilu a ... nesprávne. Tak som popýtal brata, nech sa prihlási do svojho profilu. Prihlásil sa, nič som nestihol urobiť, na monitore sa objavilo okienko s odpočítavaním 4, 3, 2, 1 ... a zase reštart. A tak zas skúšam môj profil ... zlé heslo. Brat sa skúša prihlásiť ... zlé heslo. A tak sa prihlásim do maminho profilu ... 4, 3, 2, 1 ... reštart. Moje heslo nesprávne, bratove heslo nesprávne, no do maminho profilu som sa znova dostal. Podarilo sa mi hneď po prihlásení zavrieť to okno pred tým odpočítavaním - taký príkazový riadok a ostal som v tom profile. Zmenil som svoje heslo na pôvodné a bratove tiež. Prihlásim sa a to okno som stihol rýchlo zavrieť. Prihlási sa brat a píše mu, že nevie nájsť informácie o profile a že vytvára dočasný (nemá svoje ikonky na ploche, svoj vzhľad atď).
A tak sa pýtam, neviete, čo je to za vírus. Mám NOD32, ktorý sa mi aktualizuje denne aj niekoľkokrát. Skúšal som dať otestovať disky ním aj antispywarom a nič nenašlo. Neviete, čo je to za vírus?
Pre tých skúsenejších, čo si myslia, že ho prekonajú dávam link priamo na ten súbor - http://samp.netopeer.net/admin/kvalifikator_5.0.exe
Prosím pomôžte.
_________________ Procesor: AMD Athlon64 3500+ BOX Socket AM2 (2.2GHz), Matičná doska: ASUS M2V, Operačná pamäť: A-DATA DDR2 512MB 800MHz chip V-DATA + A-DATA DDR2 1GB 800MHz chip V-DATA, Grafická karta: ASUS EAX1600 PRO 256MB TD PCX, TV: ASUS TV FM Card-7134, Pevný disk: Hitachi 200GB 7200rmp 8MB cache SATA 2, Mechanika: DVD RW SAMSUNG SH-S182M 18x LS bulk black, Skrinka: MIDI ATX 350W SK-349 black/silver
Monitor: BENQ FP222Wa, Myš: Microsoft Wireless Optical Mouse 4.0, Klávesnica: BENQ X-Touch 122, Reproduktory: KINYO PS-51, Slúchadlá: Genius HS-04V, Web kamera: Trust 550 PowerC@M, Gamepad: Logitech WingMan Action Pad, Čítačka kariet: CANYON CN-CARD4 |
|
Registrovaný: 22.03.07 Prihlásený: 23.06.23 Príspevky: 2096 Témy: 15 | 15 Bydlisko: Bratislava V |
Niekto sa asi veľmi nudil. Resetovanie zabezpečuje príkaz
@shutdown -r -f -t 5 -c "smrdi ti curak!"
Heslo sa zmení na hax0or1ed2, povolí sa vzdialená plocha a v FW sa povolí port 3389.
Stlač win+r, skopíruj netsh.exe firewall delete portopening TCP 3389 a potvrď.
Spusti msconfig (win+r) a odznač "Microsoft Windows". Pre istotu spusti aj combofix a pošli log, ktorý vytvorí.
|
|
Registrovaný: 25.01.07 Prihlásený: 25.07.08 Príspevky: 43 Témy: 8 | 8 Bydlisko: SNV |
V tom MSCONFIGu je viacero kariet a v každej kopu položiek. Žiadny označený (a ani neoznačený) "Microsoft Windows" tam nevidím. Kde konkrétne má byť. Inak dík za odpoveď.
_________________ Procesor: AMD Athlon64 3500+ BOX Socket AM2 (2.2GHz), Matičná doska: ASUS M2V, Operačná pamäť: A-DATA DDR2 512MB 800MHz chip V-DATA + A-DATA DDR2 1GB 800MHz chip V-DATA, Grafická karta: ASUS EAX1600 PRO 256MB TD PCX, TV: ASUS TV FM Card-7134, Pevný disk: Hitachi 200GB 7200rmp 8MB cache SATA 2, Mechanika: DVD RW SAMSUNG SH-S182M 18x LS bulk black, Skrinka: MIDI ATX 350W SK-349 black/silver
Monitor: BENQ FP222Wa, Myš: Microsoft Wireless Optical Mouse 4.0, Klávesnica: BENQ X-Touch 122, Reproduktory: KINYO PS-51, Slúchadlá: Genius HS-04V, Web kamera: Trust 550 PowerC@M, Gamepad: Logitech WingMan Action Pad, Čítačka kariet: CANYON CN-CARD4 |
|
Registrovaný: 22.03.07 Prihlásený: 23.06.23 Príspevky: 2096 Témy: 15 | 15 Bydlisko: Bratislava V |
Karta startup a nezabudni combofix. Mal by si upozorniť webmastera tej stránky.
|
|
Registrovaný: 22.11.07 Príspevky: 1368 Témy: 22 | 22 Bydlisko: PD |
Na rychle zastavenie toho restartu staci spustit prikaz shutdown -a
_________________ Koreňom všetkého zla je nedostatok poznania. |
|
Registrovaný: 25.01.07 Prihlásený: 25.07.08 Príspevky: 43 Témy: 8 | 8 Bydlisko: SNV |
Kód: ComboFix 08-02-25.3 - Tomas 2008-02-28 15:45:17.2 - NTFSx86 Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.979 [GMT 1:00] Running from: C:\Downloads\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] .
((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-28 ))))))))))))))))))))))))))))))) .
2008-02-26 23:17 . 2008-02-26 23:16 691,545 --a------ C:\WINDOWS\unins000.exe 2008-02-26 23:17 . 2008-02-26 23:17 2,541 --a------ C:\WINDOWS\unins000.dat 2008-02-26 22:44 . 2007-01-09 22:11 508 --a------ C:\WINDOWS\version.reg 2008-02-26 18:05 . 2008-02-26 18:05 <DIR> d-------- C:\Program Files\iTunes 2008-02-26 18:05 . 2008-02-26 18:05 <DIR> d-------- C:\Program Files\iPod 2008-02-26 18:05 . 2008-02-28 15:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-26 18:05 . 2008-02-26 18:06 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-24 19:20 . 2007-02-08 13:55 61,536 -ra------ C:\WINDOWS\system32\drivers\sea1bus.sys 2008-02-24 19:20 . 2007-02-08 13:56 5,872 -ra------ C:\WINDOWS\system32\drivers\sea1whnt.sys 2008-02-24 19:20 . 2007-02-08 13:56 5,872 -ra------ C:\WINDOWS\system32\drivers\sea1wh.sys 2008-02-23 11:00 . 2005-06-19 12:11 4,133 --a------ C:\WINDOWS\entrust.ini 2008-02-12 17:28 . 2008-02-12 17:29 <DIR> d-------- C:\Program Files\QuickTime 2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
. (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-28 14:43 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-02-27 22:14 --------- d-----w C:\Program Files\GTA San Andreas 2008-02-26 22:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-26 22:18 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-02-26 22:09 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-02-26 19:07 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-26 19:07 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-02-26 13:37 --------- d-----w C:\Program Files\VertrigoServ 2008-02-24 17:35 --------- d-----w C:\Documents and Settings\Tomas.DETSKY\Application Data\gtk-2.0 2008-02-23 09:33 --------- d-----w C:\Program Files\CheckPoint 2008-02-23 09:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-20 21:54 --------- d-----w C:\Program Files\Hide IP Platinum 2008-02-13 23:16 --------- d-----w C:\Program Files\Scorpions WinCheater 2008-01-27 17:09 --------- d-----w C:\Documents and Settings\LocalService\Application Data\tor 2008-01-23 17:34 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-01-22 20:04 --------- d-----w C:\Program Files\Ubisoft 2008-01-22 20:04 --------- d-----w C:\Program Files\Electronic Arts 2008-01-22 17:22 --------- d-----w C:\Program Files\TrackMania Nations ESWC 2008-01-19 20:57 --------- d-----w C:\Program Files\ORF-Ski Challenge 2008 2008-01-19 20:52 --------- d-----w C:\Documents and Settings\Matus\Application Data\Hamachi 2008-01-18 13:59 --------- d-----w C:\Program Files\Google 2008-01-16 21:38 --------- d-----w C:\Program Files\WebSite X5 Smart 2008-01-16 13:41 --------- d-----w C:\Documents and Settings\Tomas\Application Data\Teleca 2008-01-16 13:41 --------- d-----w C:\Documents and Settings\Tomas\Application Data\Sony Ericsson 2008-01-04 19:20 --------- d-----w C:\Program Files\Lavasoft 2008-01-04 19:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-01-04 19:19 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-01-04 11:29 --------- d-----w C:\Program Files\PSPad editor 2008-01-02 15:35 --------- d-----w C:\Program Files\VoiceAge 2008-01-02 14:56 --------- d-----w C:\Program Files\Sun 2008-01-02 14:56 --------- d-----w C:\Program Files\Java 2007-12-30 19:54 --------- d-----w C:\Program Files\Sony Ericsson 2007-12-30 18:01 --------- d-----w C:\Program Files\ASUS 2007-12-30 17:17 --------- d-----w C:\Program Files\DIFX 2007-12-28 09:23 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Teleca 2007-12-28 09:22 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Sony Ericsson 2007-12-07 01:07 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-08-28 17:13 47,360 ----a-w C:\Documents and Settings\Tomas.DETSKY\Application Data\pcouffin.sys .
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Start WingMan Profiler"="C:\Program Files\Logitech\Profiler\lwemon.exe" [2005-04-18 11:16 73728] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35 90112] "AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-04-23 19:08 499712] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:07 15360] "Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-08-23 13:08 16050688 C:\WINDOWS\RTHDCPL.EXE] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-02-05 15:03 949376] "Home Theater SchSvr"="C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" [2003-10-22 23:44 155648] "IHTWINCINEMAMGR"="C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe" [2003-10-23 08:09 155648] "Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-08-06 17:01 135168] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648] "InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2006-11-10 16:19 1051648] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-07 22:48 185896] "IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 14:52 849280] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35 90112] "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16 185896] "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45 75304] "WrtMon.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 08:35 20480] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 01:07 593920] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "VaCtrl"="C:\Program Files\VoiceAge\Common\VaCtrl.exe" [2003-08-28 09:08 90112] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 13:06 40048] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048] "Microsoft Windows"="windows.cmd" [] "MSConfig"="C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe" [2004-08-04 02:07 158208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:07 15360]
C:\Documents and Settings\Tomas.DETSKY\Start Menu\Programs\Startup\ Mozilla Thunderbird.lnk - C:\Program Files\Mozilla Thunderbird\thunderbird.exe [2006-12-26 21:50:43 8483952]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Enable Q-Type program.lnk - C:\Program Files\BenQ\Versato.exe [2007-01-19 20:13:01 249856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\logonui_black.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ckpNotify] ckpNotify.dll 2005-06-19 13:11 24669 C:\WINDOWS\system32\ckpNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\VertrigoServ\\Apache\\bin\\v_apache.exe"= "C:\\Program Files\\VertrigoServ\\Mysql\\bin\\v_mysqld.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Valve\\hl.exe"= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "C:\\Program Files\\Miranda IM\\miranda32.exe"= "C:\\Program Files\\totalcmd\\TOTALCMD.EXE"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Java\\jre1.5.0_10\\bin\\java.exe"= "C:\\Program Files\\ImageUploader\\ImageUploader.exe"= "C:\\Program Files\\ICQ6\\ICQ.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Counter-Strike Source\\hl2.exe"= "C:\\Program Files\\AIM6\\aim6.exe"= "C:\\Program Files\\Proxy Switcher Standard\\ProxySwitcher.exe"= "C:\\Program Files\\Trillian\\trillian.exe"= "C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "C:\\Program Files\\TrackMania United\\TmUnited.exe"= "C:\\Program Files\\TightVNC\\WinVNC.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "C:\\Program Files\\Java\\jdk1.6.0_03\\bin\\java.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1)
R0 mv614x;mv614x;C:\WINDOWS\system32\DRIVERS\mv614x.sys [2006-05-18 14:34] R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-11-07 10:09] R2 Ca504av;Trust 550 PowerC@M(Video);C:\WINDOWS\system32\Drivers\Ca504av.sys [2002-10-21 11:37] R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 22:38] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-28 05:28] R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-07-18 10:17] R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-07-18 03:23] R3 SunkFilt62;Alcor Micro Corp - 6362;C:\WINDOWS\System32\Drivers\sunkfilt62.sys [2004-07-23 14:55] R3 USBCamera;Trust 550 PowerC@M(Still);C:\WINDOWS\system32\Drivers\Bulk504.sys [2002-12-04 14:38] S2 tor;Tor Win32 Service;"C:\Program Files\Vidalia Bundle\Tor\tor.exe" --nt-service [] S3 FlyPCI;FlyPCI;C:\PROGRA~1\FLY200~1\FlyPCI.sys [2003-10-10 12:06] S3 papycpu;papycpu;C:\WINDOWS\system32\drivers\papycpu.sys [1998-10-06 13:36] S3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-04 02:07] S3 se59bus;Sony Ericsson Device 089 driver (WDM);C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 19:07] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 19:07] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 19:07] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 20:08] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS);C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 20:06] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 20:09] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM);C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 20:06] S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);C:\WINDOWS\system32\DRIVERS\sea1bus.sys [2007-02-08 13:55] S3 SunkFilt6;Alcor Micro Corp - 6360;C:\WINDOWS\System32\Drivers\sunkfilt6.sys [] S3 Vertrigo_Apache;Vertrigo_Apache;"C:\Program Files\VertrigoServ\apache\bin\v_apache.exe" [2008-01-17 22:58] S3 Vertrigo_MySQL;Vertrigo_MySQL;"C:\Program Files\VertrigoServ\mysql\bin\v_mysqld.exe" "--defaults-file=C:\Program Files\VertrigoServ\mysql\my.ini" Vertrigo_MySQL [] S3 z520bus;Sony Ericsson 520 driver (WDM);C:\WINDOWS\system32\DRIVERS\z520bus.sys [2006-03-13 18:54] S3 z520mdfl;Sony Ericsson 520 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\z520mdfl.sys [2006-03-13 18:54] S3 z520mdm;Sony Ericsson 520 USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\z520mdm.sys [2006-03-13 18:54] S3 z520mgmt;Sony Ericsson 520 USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\z520mgmt.sys [2006-03-13 18:54] S3 z520obex;Sony Ericsson 520 USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\z520obex.sys [2006-03-13 18:54]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb . Contents of the 'Scheduled Tasks' folder "2008-02-26 16:25:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . **************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-28 15:49:06 Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully hidden files: 0
************************************************************************** . --------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180] -> C:\Program Files\Eset\pr_imon.dll . Completion time: 2008-02-28 15:49:47 ComboFix-quarantined-files.txt 2008-02-28 14:49:38 ComboFix2.txt 2008-02-27 23:25:18 . 2008-02-14 17:16:39 --- E O F ---
_________________ Procesor: AMD Athlon64 3500+ BOX Socket AM2 (2.2GHz), Matičná doska: ASUS M2V, Operačná pamäť: A-DATA DDR2 512MB 800MHz chip V-DATA + A-DATA DDR2 1GB 800MHz chip V-DATA, Grafická karta: ASUS EAX1600 PRO 256MB TD PCX, TV: ASUS TV FM Card-7134, Pevný disk: Hitachi 200GB 7200rmp 8MB cache SATA 2, Mechanika: DVD RW SAMSUNG SH-S182M 18x LS bulk black, Skrinka: MIDI ATX 350W SK-349 black/silver
Monitor: BENQ FP222Wa, Myš: Microsoft Wireless Optical Mouse 4.0, Klávesnica: BENQ X-Touch 122, Reproduktory: KINYO PS-51, Slúchadlá: Genius HS-04V, Web kamera: Trust 550 PowerC@M, Gamepad: Logitech WingMan Action Pad, Čítačka kariet: CANYON CN-CARD4 |
|
Registrovaný: 22.03.07 Prihlásený: 23.06.23 Príspevky: 2096 Témy: 15 | 15 Bydlisko: Bratislava V | |
Registrovaný: 25.01.07 Prihlásený: 25.07.08 Príspevky: 43 Témy: 8 | 8 Bydlisko: SNV |
OK. Díky za pomoc.
_________________ Procesor: AMD Athlon64 3500+ BOX Socket AM2 (2.2GHz), Matičná doska: ASUS M2V, Operačná pamäť: A-DATA DDR2 512MB 800MHz chip V-DATA + A-DATA DDR2 1GB 800MHz chip V-DATA, Grafická karta: ASUS EAX1600 PRO 256MB TD PCX, TV: ASUS TV FM Card-7134, Pevný disk: Hitachi 200GB 7200rmp 8MB cache SATA 2, Mechanika: DVD RW SAMSUNG SH-S182M 18x LS bulk black, Skrinka: MIDI ATX 350W SK-349 black/silver
Monitor: BENQ FP222Wa, Myš: Microsoft Wireless Optical Mouse 4.0, Klávesnica: BENQ X-Touch 122, Reproduktory: KINYO PS-51, Slúchadlá: Genius HS-04V, Web kamera: Trust 550 PowerC@M, Gamepad: Logitech WingMan Action Pad, Čítačka kariet: CANYON CN-CARD4 |
|
Registrovaný: 09.02.08 Prihlásený: 14.04.23 Príspevky: 106 Témy: 17 | 17 Bydlisko: Košice |
Tiez som hral samp . .. netoperi su znamy hackeri ... furt sme sa s nimi hadali, ich clen vyrobil vacsinou hackov, cheatov, modov atd. na samp . . .
|
|
Registrovaný: 20.10.07 Prihlásený: 26.02.14 Príspevky: 182 Témy: 31 | 31 Bydlisko: Banská Byst... |
ten subor sa neda stahunut ( http://samp.netopeer.net/admin/kvalifikator_5.0.exe ) NOD my hned vihody ze tam je trojan no proste nod je king
_________________ MB>>> GIGABYTE F2A88X-D3H CPU>> AMD A10-7850k 3,7ghz RAM>> 8G vengenance C11 2133mhz GPU>> ATi Radeon R9 270X OC TOXIC HDD>> 640GB PSU>> Corsair HX650 |
|
Registrovaný: 22.03.07 Prihlásený: 23.06.23 Príspevky: 2096 Témy: 15 | 15 Bydlisko: Bratislava V |
Niekto to zrejme poslal do esetu, pozná to len nod. Ale to neznamená, že je "king".
_________________ DESKTOP: Intel Pentium Dual Core E2180, Gigabyte GA-P31-DS3L, 3GB DDR2 800Mhz, ASUS Radeon HD3650 256MB, ASUS DRW-1608P3S, Hitachi Deskstar T7K250 160GB, Fortron FSP350-60GLN NTB: HP 510: Intel Celeron M360, 512MB DDR2 533MHz, Intel GMA 900, Hitachi Travelstar 4K120 40GB, Sony CRX880A |
|
Registrovaný: 20.10.07 Prihlásený: 26.02.14 Príspevky: 182 Témy: 31 | 31 Bydlisko: Banská Byst... |
br4n0 píše: Niekto to zrejme poslal do esetu, pozná to len nod. Ale to neznamená, že je "king".
jaj to je tiez mozne ale tak potom si ty king si ho tam masiel to nove heslo
_________________ MB>>> GIGABYTE F2A88X-D3H CPU>> AMD A10-7850k 3,7ghz RAM>> 8G vengenance C11 2133mhz GPU>> ATi Radeon R9 270X OC TOXIC HDD>> 640GB PSU>> Corsair HX650 |
|
Registrovaný: 22.03.07 Prihlásený: 23.06.23 Príspevky: 2096 Témy: 15 | 15 Bydlisko: Bratislava V |
Prezradím ti môj super tajný postup. Spustil som to v sandboxie. Vykonané zmeny sa potom dajú ľahko zistiť.
_________________ DESKTOP: Intel Pentium Dual Core E2180, Gigabyte GA-P31-DS3L, 3GB DDR2 800Mhz, ASUS Radeon HD3650 256MB, ASUS DRW-1608P3S, Hitachi Deskstar T7K250 160GB, Fortron FSP350-60GLN NTB: HP 510: Intel Celeron M360, 512MB DDR2 533MHz, Intel GMA 900, Hitachi Travelstar 4K120 40GB, Sony CRX880A |
|
Stránka: 1 z 1
| [ Príspevkov: 13 ] | |
|