VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=100992

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 11 kvě 2010 08:28
od sammy19
Ahoj, prosím o kontrolu logu... Mám tam nejaký "Security Engine" a neviem ho odinštalovať... Viete poradiť?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:12, on 11.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\FlashGet\Flashget.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 67.212.189.114 www.google.com
O1 - Hosts: 67.212.189.114 google.com
O1 - Hosts: 67.212.189.114 google.com.au
O1 - Hosts: 67.212.189.114 www.google.com.au
O1 - Hosts: 67.212.189.114 google.be
O1 - Hosts: 67.212.189.114 www.google.be
O1 - Hosts: 67.212.189.114 google.com.br
O1 - Hosts: 67.212.189.114 www.google.com.br
O1 - Hosts: 67.212.189.114 google.ca
O1 - Hosts: 67.212.189.114 www.google.ca
O1 - Hosts: 67.212.189.114 google.ch
O1 - Hosts: 67.212.189.114 www.google.ch
O1 - Hosts: 67.212.189.114 google.de
O1 - Hosts: 67.212.189.114 www.google.de
O1 - Hosts: 67.212.189.114 google.dk
O1 - Hosts: 67.212.189.114 www.google.dk
O1 - Hosts: 67.212.189.114 google.fr
O1 - Hosts: 67.212.189.114 www.google.fr
O1 - Hosts: 67.212.189.114 google.ie
O1 - Hosts: 67.212.189.114 www.google.ie
O1 - Hosts: 67.212.189.114 google.it
O1 - Hosts: 67.212.189.114 www.google.it
O1 - Hosts: 67.212.189.114 google.co.jp
O1 - Hosts: 67.212.189.114 www.google.co.jp
O1 - Hosts: 67.212.189.114 google.nl
O1 - Hosts: 67.212.189.114 www.google.nl
O1 - Hosts: 67.212.189.114 google.no
O1 - Hosts: 67.212.189.114 www.google.no
O1 - Hosts: 67.212.189.114 google.co.nz
O1 - Hosts: 67.212.189.114 www.google.co.nz
O1 - Hosts: 67.212.189.114 google.pl
O1 - Hosts: 67.212.189.114 www.google.pl
O1 - Hosts: 67.212.189.114 google.se
O1 - Hosts: 67.212.189.114 www.google.se
O1 - Hosts: 67.212.189.114 google.co.uk
O1 - Hosts: 67.212.189.114 www.google.co.uk
O1 - Hosts: 67.212.189.114 google.co.za
O1 - Hosts: 67.212.189.114 www.google.co.za
O1 - Hosts: 67.212.189.114 www.google-analytics.com
O1 - Hosts: 67.212.189.114 www.bing.com
O1 - Hosts: 67.212.189.114 search.yahoo.com
O1 - Hosts: 67.212.189.114 www.search.yahoo.com
O1 - Hosts: 67.212.189.114 uk.search.yahoo.com
O1 - Hosts: 67.212.189.114 ca.search.yahoo.com
O1 - Hosts: 67.212.189.114 de.search.yahoo.com
O1 - Hosts: 67.212.189.114 fr.search.yahoo.com
O1 - Hosts: 67.212.189.114 au.search.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Flashget] C:\PROGRA~1\FlashGet\Flashget.exe /min
O4 - HKLM\..\Run: [bgsmsnd.exe] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MSE] "C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MySecurityEngine.exe" /s
O4 - HKCU\..\Run: [My Security Engine] "C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe" /s /d
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/5 ... oader4.cab
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 8840 bytes

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 08:52
od cernohous13
Zdravím,

pokusím se o opravu, ale udělej log z RSIT - http://www.viry.cz/forum/viewtopic.php?f=13&t=82743

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 08:56
od sammy19
Vďaka, urobila som tak a tu je log

Logfile of random's system information tool 1.07 (written by random/random)
Run by Tomi at 2010-05-11 09:55:26
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (12%) free of 10 GB
Total RAM: 255 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:55:39, on 11.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\FlashGet\Flashget.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Tomi\Plocha\RSIT.exe
C:\Program Files\trend micro\Tomi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 67.212.189.114 www.google.com
O1 - Hosts: 67.212.189.114 google.com
O1 - Hosts: 67.212.189.114 google.com.au
O1 - Hosts: 67.212.189.114 www.google.com.au
O1 - Hosts: 67.212.189.114 google.be
O1 - Hosts: 67.212.189.114 www.google.be
O1 - Hosts: 67.212.189.114 google.com.br
O1 - Hosts: 67.212.189.114 www.google.com.br
O1 - Hosts: 67.212.189.114 google.ca
O1 - Hosts: 67.212.189.114 www.google.ca
O1 - Hosts: 67.212.189.114 google.ch
O1 - Hosts: 67.212.189.114 www.google.ch
O1 - Hosts: 67.212.189.114 google.de
O1 - Hosts: 67.212.189.114 www.google.de
O1 - Hosts: 67.212.189.114 google.dk
O1 - Hosts: 67.212.189.114 www.google.dk
O1 - Hosts: 67.212.189.114 google.fr
O1 - Hosts: 67.212.189.114 www.google.fr
O1 - Hosts: 67.212.189.114 google.ie
O1 - Hosts: 67.212.189.114 www.google.ie
O1 - Hosts: 67.212.189.114 google.it
O1 - Hosts: 67.212.189.114 www.google.it
O1 - Hosts: 67.212.189.114 google.co.jp
O1 - Hosts: 67.212.189.114 www.google.co.jp
O1 - Hosts: 67.212.189.114 google.nl
O1 - Hosts: 67.212.189.114 www.google.nl
O1 - Hosts: 67.212.189.114 google.no
O1 - Hosts: 67.212.189.114 www.google.no
O1 - Hosts: 67.212.189.114 google.co.nz
O1 - Hosts: 67.212.189.114 www.google.co.nz
O1 - Hosts: 67.212.189.114 google.pl
O1 - Hosts: 67.212.189.114 www.google.pl
O1 - Hosts: 67.212.189.114 google.se
O1 - Hosts: 67.212.189.114 www.google.se
O1 - Hosts: 67.212.189.114 google.co.uk
O1 - Hosts: 67.212.189.114 www.google.co.uk
O1 - Hosts: 67.212.189.114 google.co.za
O1 - Hosts: 67.212.189.114 www.google.co.za
O1 - Hosts: 67.212.189.114 www.google-analytics.com
O1 - Hosts: 67.212.189.114 www.bing.com
O1 - Hosts: 67.212.189.114 search.yahoo.com
O1 - Hosts: 67.212.189.114 www.search.yahoo.com
O1 - Hosts: 67.212.189.114 uk.search.yahoo.com
O1 - Hosts: 67.212.189.114 ca.search.yahoo.com
O1 - Hosts: 67.212.189.114 de.search.yahoo.com
O1 - Hosts: 67.212.189.114 fr.search.yahoo.com
O1 - Hosts: 67.212.189.114 au.search.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Flashget] C:\PROGRA~1\FlashGet\Flashget.exe /min
O4 - HKLM\..\Run: [bgsmsnd.exe] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MSE] "C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MySecurityEngine.exe" /s
O4 - HKCU\..\Run: [My Security Engine] "C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe" /s /d
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/5 ... oader4.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 9224 bytes

======Scheduled tasks folder======

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 09:00
od cernohous13
:?: Ale já potřebuji celý log

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 09:03
od sammy19
Bože, pardon, ja som blbá, som to ďalej nepotiahla, hneď to napravím :oops: :oops: :oops: Dúfam, že už je to všetko... :oops: :oops: :oops:

Logfile of random's system information tool 1.07 (written by random/random)
Run by Tomi at 2010-05-11 09:55:26
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (12%) free of 10 GB
Total RAM: 255 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:55:39, on 11.5.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\FlashGet\Flashget.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Tomi\Plocha\RSIT.exe
C:\Program Files\trend micro\Tomi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 67.212.189.114 www.google.com
O1 - Hosts: 67.212.189.114 google.com
O1 - Hosts: 67.212.189.114 google.com.au
O1 - Hosts: 67.212.189.114 www.google.com.au
O1 - Hosts: 67.212.189.114 google.be
O1 - Hosts: 67.212.189.114 www.google.be
O1 - Hosts: 67.212.189.114 google.com.br
O1 - Hosts: 67.212.189.114 www.google.com.br
O1 - Hosts: 67.212.189.114 google.ca
O1 - Hosts: 67.212.189.114 www.google.ca
O1 - Hosts: 67.212.189.114 google.ch
O1 - Hosts: 67.212.189.114 www.google.ch
O1 - Hosts: 67.212.189.114 google.de
O1 - Hosts: 67.212.189.114 www.google.de
O1 - Hosts: 67.212.189.114 google.dk
O1 - Hosts: 67.212.189.114 www.google.dk
O1 - Hosts: 67.212.189.114 google.fr
O1 - Hosts: 67.212.189.114 www.google.fr
O1 - Hosts: 67.212.189.114 google.ie
O1 - Hosts: 67.212.189.114 www.google.ie
O1 - Hosts: 67.212.189.114 google.it
O1 - Hosts: 67.212.189.114 www.google.it
O1 - Hosts: 67.212.189.114 google.co.jp
O1 - Hosts: 67.212.189.114 www.google.co.jp
O1 - Hosts: 67.212.189.114 google.nl
O1 - Hosts: 67.212.189.114 www.google.nl
O1 - Hosts: 67.212.189.114 google.no
O1 - Hosts: 67.212.189.114 www.google.no
O1 - Hosts: 67.212.189.114 google.co.nz
O1 - Hosts: 67.212.189.114 www.google.co.nz
O1 - Hosts: 67.212.189.114 google.pl
O1 - Hosts: 67.212.189.114 www.google.pl
O1 - Hosts: 67.212.189.114 google.se
O1 - Hosts: 67.212.189.114 www.google.se
O1 - Hosts: 67.212.189.114 google.co.uk
O1 - Hosts: 67.212.189.114 www.google.co.uk
O1 - Hosts: 67.212.189.114 google.co.za
O1 - Hosts: 67.212.189.114 www.google.co.za
O1 - Hosts: 67.212.189.114 www.google-analytics.com
O1 - Hosts: 67.212.189.114 www.bing.com
O1 - Hosts: 67.212.189.114 search.yahoo.com
O1 - Hosts: 67.212.189.114 www.search.yahoo.com
O1 - Hosts: 67.212.189.114 uk.search.yahoo.com
O1 - Hosts: 67.212.189.114 ca.search.yahoo.com
O1 - Hosts: 67.212.189.114 de.search.yahoo.com
O1 - Hosts: 67.212.189.114 fr.search.yahoo.com
O1 - Hosts: 67.212.189.114 au.search.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Flashget] C:\PROGRA~1\FlashGet\Flashget.exe /min
O4 - HKLM\..\Run: [bgsmsnd.exe] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MSE] "C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MySecurityEngine.exe" /s
O4 - HKCU\..\Run: [My Security Engine] "C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe" /s /d
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/5 ... oader4.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 9224 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
Flashget Catch Url Class - C:\PROGRA~1\FlashGet\jccatch.dll [2007-01-15 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-05 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-03-05 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-01-15 136968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-05 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-07-28 4841472]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-05 57344]
"Flashget"=C:\PROGRA~1\FlashGet\Flashget.exe [2007-01-15 1554184]
"bgsmsnd.exe"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe [2006-06-02 106496]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"NvMediaCenter"=C:\WINDOWS\System32\NVMCTRAY.DLL [2003-07-28 49152]
"NVIEW"=nview.dll,nViewLoadHook []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"MSE"=C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MySecurityEngine.exe /s []
"My Security Engine"=C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe [2010-05-11 2045440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Nabídka Start^Programy^Po spuštění^siszyd32.exe]
C:\Documents and Settings\Tomi\Nabídka Start\Programy\Po spuštění\siszyd32.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Hry\Nový priečinok\hl.exe"="D:\Hry\Nový priečinok\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe"="C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe:*:Enabled:My Security Engine"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b33045c-617a-11d9-aee2-000c7655ea0f}]
shell\AutoRun\command - I:\MafiaLauncher.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b33045d-617a-11d9-aee2-000c7655ea0f}]
shell\AutoRun\command - J:\m.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{350f0b94-617d-11d9-aee3-000c7655ea0f}]
shell\AutoRun\command - F:\m.exe


======List of files/folders created in the last 1 months======

2010-05-11 09:55:26 ----D---- C:\rsit
2010-05-11 09:20:23 ----D---- C:\Program Files\Trend Micro
2010-05-11 08:44:18 ----SHD---- C:\Documents and Settings\Tomi\Data aplikací\My Security Engine
2010-05-11 08:44:16 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\MSDGIWCZE
2010-05-05 20:16:39 ----D---- C:\WINDOWS\Binaries
2010-05-05 20:16:22 ----D---- C:\Program Files\Common Files\business objects
2010-05-05 20:16:22 ----D---- C:\ALFA
2010-05-05 20:16:01 ----A---- C:\WINDOWS\system32\ANGELVDD.DLL
2010-05-05 19:25:00 ----A---- C:\WINDOWS\system32\wiaaut.dll
2010-05-05 19:23:12 ----N---- C:\WINDOWS\Setup1.exe
2010-05-05 19:23:09 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-05-05 19:23:08 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2010-05-05 19:23:05 ----D---- C:\aswinstal
2010-05-01 19:36:22 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\bbdfce9
2010-04-29 15:49:00 ----A---- C:\WINDOWS\system32\Codejock.CommandBars.v11.1.0.ocx

======List of files/folders modified in the last 1 months======

2010-05-11 09:55:23 ----D---- C:\WINDOWS\Prefetch
2010-05-11 09:54:47 ----D---- C:\Program Files\FlashGet
2010-05-11 09:20:23 ----RD---- C:\Program Files
2010-05-11 09:13:00 ----D---- C:\Program Files\Mozilla Firefox
2010-05-11 09:06:35 ----D---- C:\WINDOWS\temp
2010-05-11 09:04:56 ----D---- C:\Program Files\Eset
2010-05-11 09:03:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-05 20:17:53 ----SHD---- C:\WINDOWS\Installer
2010-05-05 20:17:16 ----SHD---- C:\Config.Msi
2010-05-05 20:17:13 ----D---- C:\WINDOWS\WinSxS
2010-05-05 20:16:44 ----D---- C:\WINDOWS\system32
2010-05-05 20:16:39 ----D---- C:\WINDOWS
2010-05-05 20:16:23 ----RSD---- C:\WINDOWS\Fonts
2010-05-05 20:16:22 ----D---- C:\Program Files\Common Files
2010-05-05 20:16:00 ----D---- C:\WINDOWS\system32\drivers
2010-05-05 19:23:08 ----A---- C:\WINDOWS\system32\MSVBVM60.DLL
2010-05-05 19:16:23 ----A---- C:\WINDOWS\wincmd.ini
2010-04-28 06:55:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-28 06:55:28 ----D---- C:\WINDOWS\system32\CatRoot2
16215-09-14 14:18:29 ----D---- C:\Program Files\Lx_cats

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 DumaNT;NVIDIA Stereo Helper Service; C:\WINDOWS\System32\DRIVERS\dumant.sys [2002-11-18 399700]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-05-05 51072]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-07 404608]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-05 460864]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-07-28 1341339]
R3 PAC207;Trust 100K Series Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 st3wolf;st3wolf; C:\WINDOWS\System32\DRIVERS\st3wolf.sys [2003-04-27 99360]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-11 38912]
S2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-05 135664]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-07-28 77824]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []

-----------------EOF-----------------

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 09:14
od cernohous13
Ano, je to OK.

Musím ale teď za povinnostmi, prostuduji a dám ti návod až později odpoledne. :oops:

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 09:15
od sammy19
jasné, vďaka! Počkám:-)

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 09:49
od sammy19
...ešte sa opýtam - zrejme to bude kvôli tomu vírusu, že sa nemôžem ani dostať na svoj účet na gmail.com? Iné stránky mi idú, aj google, ale akonáhle dám gmail.com a chcem sa prihlásiť, tak nehrozí a napíše mi toto:

Chyba zabezpečeného spojení

Při spojení s www.google.com nastala chyba neboť je používán neplatný bezpečnostní certifikát.

Certifikát není důvěryhodný neboť je podepsán sám sebou.
Certifikát je platný pouze pro google.com.
Doba platnosti certifikátu vypršela 4.1.2010 21:09.

(Kód chyby: sec_error_expired_issuer_certificate)

* Tato chyba může být způsobena chybnou konfigurací serveru nebo někým, kdo se snaží vydávat za server.

* Pokud jste se k tomuto serveru připojili úspěšně již v minulosti, je možná chyba jenom dočasná, a můžete to zkusit znovu později.




A nebo můžete přidat výjimku…

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 10:47
od cernohous13
Stáhni OTM z odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe

Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „Moveit!“
ObrázekDo své odpovědi vlož obsah zeleného okna
Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\

Obrázek
OTMscript

Kód: Vybrat vše

:Processes
explorer.exe

:Files
C:\Documents and Settings\All Users\Data aplikací\bbdfce9
C:\Documents and Settings\Tomi\Nabídka Start\Programy\Po spuštění\siszyd32.exe
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
C:\Documents and Settings\Tomi\Data aplikací\My Security Engine
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Regedit32"=-
"egui"=-
"MSE"=-
"My Security Engine"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Nabídka Start^Programy^Po spuštění^siszyd32.exe]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\All Users\Data aplikací\bbdfce9\MSbbdf.exe"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b33045d-617a-11d9-aee2-000c7655ea0f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{350f0b94-617d-11d9-aee3-000c7655ea0f}]

:Services
EhttpSrv
ekrn
gupdate
gusvc
iPod Service

:Commands
[emptytemp]
[purity]
[clearallrestorepoints]
[resethosts]
[start explorer]
[Reboot]
:arrow: co jsi instalovala 2010-05-01 19:36:22 a pak 2010-05-05 20:16:01 ?

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 12:45
od sammy19
ahoj, napokon som nejako ten vírus odstránila. našla som návod na nejakej anglickej stránke, bol tam pekne podrobný popis. Ale veľmi pekne ďakujem za pomoc :)

Re: Prosím o kontrolu logu

Napsal: 11 kvě 2010 14:58
od cernohous13
Nemáš zač - při problémech se zase ukaž. :wink:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz