VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosil by som o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=111414

Stránka 1 z 3

Prosil by som o kontrolu logu

Napsal: 28 dub 2011 22:15
od jakoncek
Dobry den
Chcel som poslat log z RSIT ale
nemozem ho spustit normalne ani v nudzovom rezime .

Error : Variable used without being declared

Dakujem za odpoved

Re: Prosil by som o kontrolu logu

Napsal: 28 dub 2011 22:26
od Rudy
Jaký máte oper. systém?

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 06:28
od jakoncek
Windows XP Professional 2002
Service pack 2

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 06:52
od JaRon
zaskocim:
skus HijackThis a nasledne MBAM

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 07:43
od jakoncek
Zasielam log z HijackThis + MBAM

===========================


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:05, on 29.4.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\tsnp325.exe
D:\WINDOWS\vsnp325.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Avant Browser\avant.exe
D:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
D:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
D:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szm.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: TBSB05369 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - D:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - D:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKLM\..\Run: [tsnp325] D:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] D:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PSUNMain] "D:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Panda Security URL Filtering] "D:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKCU\..\Run: [POP Peeper] "D:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [USB Firewall Protection] 2
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Run: [POP Peeper] "D:\Program Files\POP Peeper\POPPeeper.exe" -min (User '?')
O4 - HKUS\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Run: [USB Firewall Protection] 2 (User '?')
O4 - HKUS\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-21-1715567821-1202660629-1957994488-1003 Startup: SJphone 1.65.lnk = ? (User '?')
O4 - Startup: SJphone 1.65.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - D:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - D:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - D:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\WINDOWS\system32\shdocvw.dll
O15 - Trusted Zone: http://www.stv.sk
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) - Unknown owner - D:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe (file missing)
O23 - Service: DU Meter Service (DUMeterSvc) - Unknown owner - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - D:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - D:\WINDOWS\system32\locator.exe (file missing)

--
End of file - 8628 bytes



=========================================



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzia databázy: 6469

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

29.4.2011 8:39:25
mbam-log-2011-04-29 (08-39-25).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 158627
Uplynutý čas: 7 min, 57 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 08:10
od JaRon
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: TBSB05369 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
FIX-ni v HijackThis - restart - novy log HJT

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 08:41
od jakoncek
Tu je novy log :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:38:19, on 29.4.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\WINDOWS\tsnp325.exe
D:\WINDOWS\vsnp325.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
D:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
D:\Program Files\POP Peeper\POPPeeper.exe
D:\Program Files\SJphone 1.65\SJphone.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szm.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - D:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - D:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKLM\..\Run: [tsnp325] D:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] D:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PSUNMain] "D:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Panda Security URL Filtering] "D:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKCU\..\Run: [POP Peeper] "D:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [USB Firewall Protection] 2
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Run: [POP Peeper] "D:\Program Files\POP Peeper\POPPeeper.exe" -min (User '?')
O4 - HKUS\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Run: [USB Firewall Protection] 2 (User '?')
O4 - HKUS\S-1-5-21-1715567821-1202660629-1957994488-1003\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-21-1715567821-1202660629-1957994488-1003 Startup: SJphone 1.65.lnk = ? (User '?')
O4 - Startup: SJphone 1.65.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - D:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - D:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - D:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\WINDOWS\system32\shdocvw.dll
O15 - Trusted Zone: http://www.stv.sk
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) - Unknown owner - D:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe (file missing)
O23 - Service: DU Meter Service (DUMeterSvc) - Unknown owner - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - D:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - D:\WINDOWS\system32\locator.exe (file missing)

--
End of file - 8141 bytes

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 08:49
od JaRon
start-spustit-services.msc<enter>
najdes a nastavis sluzbu na zakazane u sluzieb:
Dr.Web Scanning Engine
DU Meter Service
Remote Procedure Call (RPC) Locator
+
restart a kontrola s AVPTool

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 12:09
od jakoncek
Tak tu je Log z AVPTool :


Automatická kontrola: dokončeno před 4 min. (události: 70, objekty: 181495, čas: 02:38:11)
29.4.2011 13:00:14 Úloha byla dokončena
29.4.2011 12:46:51 Odstraněno: Trojan-Dropper.Win32.Agent.asal D:\WINDOWS\Installer\15828ab.msi
29.4.2011 12:45:48 Neošetřeno: Trojan-Dropper.Win32.Agent.asal D:\WINDOWS\Installer\15828ab.msi Nelze dezinfikovat
29.4.2011 12:44:43 Zjištěno: Trojan-Dropper.Win32.Agent.asal D:\WINDOWS\Installer\15828ab.msi/skasetup_132_SkapWD2.exe
29.4.2011 12:28:37 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149738.exe
29.4.2011 12:28:36 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149738.exe
29.4.2011 12:28:20 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149738.exe
29.4.2011 12:28:18 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149734.exe
29.4.2011 12:28:17 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149736.exe
29.4.2011 12:28:17 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149736.exe
29.4.2011 12:28:01 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149736.exe
29.4.2011 12:28:00 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149735.exe
29.4.2011 12:27:58 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149735.exe
29.4.2011 12:27:55 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149734.exe
29.4.2011 12:27:47 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149735.exe
29.4.2011 12:27:46 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149730.exe
29.4.2011 12:27:43 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149730.exe
29.4.2011 12:27:38 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149734.exe
29.4.2011 12:27:35 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149727.exe
29.4.2011 12:27:35 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149727.exe
29.4.2011 12:27:15 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149730.exe
29.4.2011 12:27:14 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149725.exe
29.4.2011 12:27:14 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149725.exe
29.4.2011 12:27:13 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149728.EXE
29.4.2011 12:27:13 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149728.EXE
29.4.2011 12:26:56 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149728.EXE
29.4.2011 12:26:54 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149727.exe
29.4.2011 12:26:54 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149722.exe
29.4.2011 12:26:54 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149722.exe
29.4.2011 12:26:41 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149725.exe
29.4.2011 12:26:27 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149721.exe
29.4.2011 12:26:15 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149722.exe
29.4.2011 12:26:13 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149721.exe
29.4.2011 12:26:10 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149717.exe
29.4.2011 12:26:02 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149721.exe
29.4.2011 12:26:00 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149717.exe
29.4.2011 12:25:51 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149717.exe
29.4.2011 12:25:48 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149676.exe
29.4.2011 12:25:43 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149676.exe
29.4.2011 12:25:35 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149676.exe
29.4.2011 12:25:21 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149603.exe
29.4.2011 12:25:15 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149597.exe
29.4.2011 12:25:10 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149603.exe
29.4.2011 12:25:05 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149597.exe
29.4.2011 12:25:03 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149601.exe
29.4.2011 12:25:03 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149601.exe
29.4.2011 12:15:12 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149603.exe
29.4.2011 12:15:05 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149601.exe
29.4.2011 12:14:48 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149597.exe
29.4.2011 12:14:45 Odstraněno: Packed.Win32.Krap.hc D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP689\A0147286.exe
29.4.2011 12:14:33 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149585.exe
29.4.2011 12:14:04 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149583.exe
29.4.2011 12:13:56 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149585.exe
29.4.2011 12:13:52 Dezinfikováno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149583.exe
29.4.2011 11:57:00 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149585.exe
29.4.2011 11:56:47 Zjištěno: Virus.Win32.Sality.aa D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149583.exe
29.4.2011 11:52:40 Zjištěno: Packed.Win32.Krap.hc D:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP689\A0147286.exe
29.4.2011 10:39:09 Dezinfikováno: Virus.Win32.Sality.aa D:\!KillBox\Absolute Sound Recorder v3.7
29.4.2011 10:39:02 Dezinfikováno: Virus.Win32.Sality.aa D:\!KillBox\Absolute Sound Recorder v3.7
29.4.2011 10:38:37 Zjištěno: Virus.Win32.Sality.aa D:\!KillBox\Absolute Sound Recorder v3.7
29.4.2011 10:37:59 Dezinfikováno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149707.EXE
29.4.2011 10:37:55 Dezinfikováno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149707.EXE
29.4.2011 10:37:53 Dezinfikováno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149799.EXE
29.4.2011 10:37:52 Dezinfikováno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149799.EXE
29.4.2011 10:37:39 Dezinfikováno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149584.EXE
29.4.2011 10:37:39 Dezinfikováno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149584.EXE
29.4.2011 10:36:50 Zjištěno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP702\A0149799.EXE
29.4.2011 10:36:43 Zjištěno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149707.EXE
29.4.2011 10:36:25 Zjištěno: Virus.Win32.Sality.aa C:\System Volume Information\_restore{E754DF37-922C-4EB9-B273-903BEA6676A6}\RP701\A0149584.EXE
29.4.2011 10:22:02 Úloha byla spuštěna

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 12:14
od JaRon
brrr - sality je velmi zakerny virus, nastastie bol zachyteny iba v obnove, preto:
vypni obnovu systemu - restart - zapni obnovu - hotovo

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 12:50
od jakoncek
Este sa chcem opytat , ci to je vsetko .
Skusal som spustit len tak pre kontrolu RSIT a stale to nejde .
Takze , co s tym ? Nebude chyba nikde v operacnom systeme ?

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 12:55
od JaRon
je mozne, ze je trochu posahany system nasledkom tych virusov - doporucujem doinstalovat SP3 - dost casto pomoze prepisat poskodene systemove subory

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 12:58
od jakoncek
Mozem to urobit aj sam ?
Ak ano kde by som to stiahol ?
Alebo to nechat spravit niekde v servise ?

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 13:04
od JaRon
jasne to zvladnes - http://www.viry.cz/forum/viewtopic.php?f=46&t=86100
stiahnes SP3 cca 300MB a spustis instalaciu 0 jedine co musis dodrzat je jazykova mutacia
t.j. na cesky Win cesky SP3, na aglicky Win anglicky SP3 :idea:
kedze hovoris slovensky pojde o Win anglicky :wink:

Re: Prosil by som o kontrolu logu

Napsal: 29 dub 2011 13:20
od jakoncek
Takze toto som tam nasiel:
Název souboru : Velikost: WindowsXP-KB936929-SP3-x86-CSY.exe 307.6MB
Aky jazyk mam zvolit ? - velmi som ti neporozumel .
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz