Zdravím , mam takovej problém. Po čisté istalaci woken XP prof SP3 a následné istalaci nod32
antivir hlasí infikaci ale infikované soubory nejdou smazat ani ručně ani softem.
System sem projel ještě SUPERAntiSpayware 4.21.1004 ten našel ještě něco navíc a taky se mu podařilo něco smáznout ale ty původní co našel nod nezvládl taky.. Na zahraničních fórech sem našel návody pomocí COMBOFIX.. tak sem to s ním projel a pak z novu nodem ( z těchto posledních dvou aplikací uvádím logy
Vůbec nechápu jak se tam ta infekce může vzít 6minut po čisté istalaci.
Za každou radu děkuji
Log combofix
ComboFix 08-09-05.09 - Doma 2008-09-08 20:36:42.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1644 [GMT 2:00]
Spusteny z: C:\Documents and Settings\Doma\Plocha\ComboFix.exe
* Vytvoren novy Bod Obnoveni
VAROVANI - NA TOMTO POCITACI NENI NAINSTALOVANA KONZOLA PRO ZOTAVENI !!
.
((((((((((((((((((((((((((((((((((((((( Ostatni vymazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\BMc7d5d439.txt
C:\WINDOWS\BMc7d5d439.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\amklgdbj.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pqtEKRqr.ini
C:\WINDOWS\system32\pqtEKRqr.ini2
C:\WINDOWS\system32\qaxufpdw.dll
C:\WINDOWS\system32\umslxgry.ini
C:\WINDOWS\system32\yrgxlsmu.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladace/Sluzby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf
((((((((((((((((((((((((( Soubory vytvorene od 2008-08-08 do 2008-09-08 )))))))))))))))))))))))))))))))
.
2008-09-08 20:18 . 2008-09-08 20:18 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-09-08 20:18 . 2008-09-08 20:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-08 18:06 . 2008-09-08 18:06 49 --a------ C:\WINDOWS\NeroDigital.ini
2008-09-08 17:42 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll
2008-09-08 17:42 . 2008-09-08 17:42 390 --a------ C:\WINDOWS\ODBC.INI
2008-09-08 17:38 . 2008-09-08 17:39 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-09-08 17:38 . 2008-09-08 17:38 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-09-08 15:55 . 2008-09-08 17:04 2,354 --a------ C:\rollback.ini
2008-09-08 15:44 . 2008-09-08 20:41 3,829,536 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-08 15:44 . 2008-09-08 20:39 53,876 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-08 15:40 . 2008-09-08 15:40 <DIR> d-------- C:\Program Files\Zone Labs
2008-09-08 15:40 . 2008-09-08 15:40 <DIR> d-------- C:\Program Files\CheckPoint
2008-09-08 15:05 . 2008-09-08 15:42 4,212 --ah----- C:\WINDOWS\system32\zllictbl.dat
2008-09-08 15:04 . 2008-09-08 20:32 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-09-08 14:39 . 2008-09-08 14:39 <DIR> d---s---- C:\Documents and Settings\Doma\UserData
2008-09-08 14:08 . 2008-04-14 08:51 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-09-08 14:08 . 2001-08-17 23:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-09-08 14:07 . 2008-04-14 07:44 58,496 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-09-08 14:07 . 2008-04-14 00:17 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-09-08 14:07 . 2001-08-17 23:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-09-08 14:06 . 2008-04-14 08:52 75,264 --a------ C:\WINDOWS\system32\usbui.dll
2008-09-08 14:04 . 2008-09-08 12:11 <DIR> d--h----- C:\Documents and Settings\Default User\ćablony
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d-------- C:\Documents and Settings\Default User\Plocha
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d--h----- C:\Documents and Settings\Default User\Okolnˇ tisk rny
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d--h----- C:\Documents and Settings\Default User\Okolnˇ sˇś
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d-------- C:\Documents and Settings\Default User\Oblˇben‚ polo§ky
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> dr------- C:\Documents and Settings\Default User\Nabˇdka Start
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d-------- C:\Documents and Settings\Default User\Dokumenty
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d--h----- C:\Documents and Settings\All Users\ćablony
2008-09-08 14:04 . 2008-09-08 20:19 <DIR> d-------- C:\Documents and Settings\All Users\Plocha
2008-09-08 14:04 . 2008-09-08 14:04 <DIR> d-------- C:\Documents and Settings\All Users\Oblˇben‚ polo§ky
2008-09-08 14:04 . 2008-09-08 12:25 <DIR> dr------- C:\Documents and Settings\All Users\Nabˇdka Start
2008-09-08 14:04 . 2008-09-08 12:11 <DIR> dr------- C:\Documents and Settings\All Users\Dokumenty
2008-09-08 14:03 . 2008-09-08 20:33 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2008-09-08 14:03 . 2008-09-08 14:04 <DIR> dr-h----- C:\Documents and Settings\Default User\Data aplikacˇ
2008-09-08 14:03 . 2008-09-08 20:19 <DIR> dr-h----- C:\Documents and Settings\All Users\Data aplikacˇ
2008-09-08 14:02 . 2008-09-08 12:33 <DIR> d--h----- C:\Documents and Settings\Default User
2008-09-08 14:02 . 2008-09-08 12:13 <DIR> d-------- C:\Documents and Settings\All Users
2008-09-08 14:02 . 2008-09-08 12:18 <DIR> d-------- C:\Documents and Settings
2008-09-08 14:01 . 2008-09-08 12:16 261 --a------ C:\WINDOWS\system32\$winnt$.inf
.
(((((((((((((((((((((((((((((((((((((((( Find3M vypis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-08 16:06 --------- d-----w C:\Program Files\Zoom Player
2008-09-08 13:40 --------- d-----w C:\Program Files\CheckPoint
2008-09-08 12:16 --------- d-----w C:\Program Files\ESET
2008-09-08 11:58 --------- d-----w C:\Program Files\Nero
2008-09-08 11:58 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-08 11:48 --------- d-----w C:\Program Files\Zoner
2008-09-08 11:38 --------- d-----w C:\Program Files\CD Audio Reader Filter
2008-09-08 11:37 --------- d-----w C:\Program Files\SHOUTcast Source
2008-09-08 11:37 --------- d-----w C:\Program Files\RealMedia
2008-09-08 11:37 --------- d-----w C:\Program Files\OpenSource Flash Video Splitter
2008-09-08 11:37 --------- d-----w C:\Program Files\Haali
2008-09-08 11:37 --------- d-----w C:\Program Files\ffdshow
2008-09-08 11:37 --------- d-----w C:\Program Files\DSP-worx
2008-09-08 11:37 --------- d-----w C:\Program Files\DScaler5
2008-09-08 11:37 --------- d-----w C:\Program Files\DirectVobSub
2008-09-08 11:37 --------- d-----w C:\Program Files\Combined Community Codec Pack
2008-09-08 10:49 --------- d-----w C:\Program Files\ATI
2008-09-08 10:39 --------- d-----w C:\Program Files\ATI Technologies
2008-09-08 10:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-08 10:35 21,035 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-09-08 10:35 --------- d-----w C:\Program Files\Marvell
2008-09-08 10:35 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-08 10:35 --------- d-----w C:\Program Files\ASUS WiFi-AP Solo
2008-09-08 10:34 --------- d-----w C:\Program Files\Analog Devices
2008-09-08 10:29 --------- d-----w C:\Program Files\Intel
2008-09-08 10:14 --------- d-----w C:\Program Files\microsoft frontpage
2008-09-02 12:33 72,592 ----a-w C:\WINDOWS\zllsputility.exe
2008-09-02 12:33 1,221,008 ----a-w C:\WINDOWS\system32\zpeng25.dll
2008-08-01 06:38 3,266,560 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-08-01 05:40 9,928,704 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-08-01 04:58 253,952 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-08-01 04:33 425,984 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-08-01 04:32 311,296 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-08-01 04:23 184,320 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-08-01 04:23 143,360 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-08-01 04:22 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-08-01 04:22 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-08-01 04:22 143,360 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-08-01 04:21 573,440 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-08-01 04:19 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-08-01 04:10 3,917,568 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-08-01 03:59 2,183,552 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-08-01 03:46 48,640 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-08-01 03:42 376,832 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-08-01 03:40 35,328 ----a-w C:\WINDOWS\system32\atiadlxx.dll
2008-08-01 03:40 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-08-01 03:39 53,248 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-08-01 03:39 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-08-01 03:34 561,152 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-07-31 19:05 593,920 ----a-w C:\WINDOWS\system32\ati2sgag.exe
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.
(((((((((((((((((((((((((((((((((( Spousteci body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznamka* prazdne zaznamy & legitimni vychozi udaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-06-02 385024]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-09-02 981904]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.FFDS"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
R2 ISWKL;ForceField ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2008-09-01 17064]
R2 IswSvc;ForceField IswSvc;C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2008-09-01 371880]
R3 icsak;icsak;C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys [2008-09-01 49320]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-14 69120]
S2 .EsetTrialReset;Eset Trial Reset;C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 176128]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd1aca4b-7d9b-11dd-8c25-806d6172696f}]
\Shell\AutoRun\command - G:\ASUSACPI.exe
.
- - - - NEPLATNE POLOZKY ODSTRANENE Z REGISTRU - - - -
HKLM-Run-c4e6e7a5 - C:\WINDOWS\system32\yrgxlsmu.dll
HKLM-Run-BMc7d5d439 - C:\WINDOWS\system32\qaxufpdw.dll
.
------- Doplnkovy sken -------
.
FireFox -: Profile - C:\Documents and Settings\Doma\Data aplikací\Mozilla\Firefox\Profiles\5zp1aupr.default\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-08 20:41:07
Windows 5.1.2600 Service Pack 3 NTFS
skenovani skrytych procesu ...
skenovani skrytych polozek 'Po spusteni' ...
skenovani skrytych souboru ...
sken byl uspesne dokoncen
skryte soubory: 0
**************************************************************************
.
------------------------ Jine spustene procesy ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
C:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
.
**************************************************************************
.
Celkovy cas: 2008-09-08 20:42:41 - pocitac byl restartovan
ComboFix-quarantined-files.txt 2008-09-08 18:42:34
Pre-Run: Volných bajtů: 24,215,707,648
Post-Run: Volněch bajt…: 24,912,801,792
197
log z následného skenu nodem32
C:\Documents and Settings\LocalService\ntuser.dat - error opening [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Program Files\CheckPoint\ZAForceField\TrustChecker\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\browser.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\comm.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\pippki.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\reporter.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\toolkit.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Nero\Nero 7\Core\CDI\CDI_VCD.CFG » MIME - is OK (internal scanning not performed)
C:\WINDOWS\SoftwareDistribution\EventCache\{36E2150D-4C51-4EBB-9CF6-E221E5DD0120}.bin - error opening [4]
C:\WINDOWS\system32\byXRlJax.dll - a variant of Win32/Adware.Virtumonde application - cleaned by deleting - quarantined [1]
C:\WINDOWS\system32\iiffDWOi.dll - a variant of Win32/Adware.Virtumonde application - cleaned by deleting - quarantined [1]
C:\WINDOWS\system32\rqRLeDtR.dll - a variant of Win32/Adware.Virtumonde application - cleaned by deleting (after the next restart) - quarantined [1,2]
C:\WINDOWS\system32\ssqQkIBq.dll - a variant of Win32/Adware.Virtumonde application - cleaned by deleting - quarantined [1]
C:\WINDOWS\system32\wvUmnOEu.dll - a variant of Win32/Adware.Virtumonde application - cleaned by deleting (after the next restart) - quarantined [1,2]
C:\WINDOWS\system32\CatRoot2\edb.log - error opening [4]
C:\WINDOWS\system32\CatRoot2\tmp.edb - error opening [4]
C:\WINDOWS\system32\config\default - error opening [4]
C:\WINDOWS\system32\config\default.LOG - error opening [4]
C:\WINDOWS\system32\config\SAM - error opening [4]
C:\WINDOWS\system32\config\SAM.LOG - error opening [4]
C:\WINDOWS\system32\config\SECURITY - error opening [4]
C:\WINDOWS\system32\config\SECURITY.LOG - error opening [4]
C:\WINDOWS\system32\config\software - error opening [4]
C:\WINDOWS\system32\config\software.LOG - error opening [4]
C:\WINDOWS\system32\config\system - error opening [4]
C:\WINDOWS\system32\config\system.LOG - error opening [4]
C:\WINDOWS\system32\drivers\fidbox.dat - error opening [4]
C:\WINDOWS\system32\drivers\fidbox.idx - error opening [4]
C:\WINDOWS\Temp\NODD02F.tmp - a variant of Win32/Adware.Virtumonde application - cleaned by deleting (after the next restart) - quarantined [1,2]
E:\Darja\Maturita\Otázky\angličtina_MO.eml » MIME - is OK (internal scanning not performed)
E:\Darja\Music\in_dreams-lord_of_the_rings.rar » RAR » In Dreams\In Dreams 3.JPG - incorrect CRC checksum, the file may be damaged
E:\Monca zaloha\Absolventská práce\VOŠKA\_1 CD VSA on-line.zip » ZIP » _1 CD VSA on-line/Grammar/Improve Your Vocabulary Collocations.eml » MIME - is OK (internal scanning not performed)
E:\Monca zaloha\Absolventská práce\VOŠKA\_1 CD VSA on-line.zip » ZIP » _1 CD VSA on-line/Grammar/Intensive Grammar Workshop Prepositions I.eml » MIME - is OK (internal scanning not performed)
E:\Monca zaloha\Absolventská práce\VOŠKA\_1 CD VSA on-line.zip » ZIP » _1 CD VSA on-line/Themes/13_Holidays and Festivals/SPAM About Education Halloween Approaches.eml » MIME - is OK (internal scanning not performed)
E:\Monca zaloha\Absolventská práce\VOŠKA\_1 CD VSA on-line\Grammar\Improve Your Vocabulary Collocations.eml » MIME - is OK (internal scanning not performed)
E:\Monca zaloha\Absolventská práce\VOŠKA\_1 CD VSA on-line\Grammar\Intensive Grammar Workshop Prepositions I.eml » MIME - is OK (internal scanning not performed)
E:\Monca zaloha\Absolventská práce\VOŠKA\_1 CD VSA on-line\Themes\13_Holidays and Festivals\SPAM About Education Halloween Approaches.eml » MIME - is OK (internal scanning not performed)
E:\Monca zaloha\VÝŠKA\APLIKOVANÉ PRÁVO\Od Denisy\VSAP\1.semestr\VSAP\podklady z netu od Jiříka\obchodní právo\as6.JPG.zip » ZIP » as13.JPG - archive damaged
E:\Nedotažené\hitman-trainer_plus2.zip.NKOWB3OASJPTERAK6AZKRND4SWYV7LHFT6YBU7I.dctmp.antifrag » ZIP » HiTMANtr.exe - archive damaged
E:\Soft\Nero 7.9.6.0\PlugIns\WMAPlugin20933.exe » RAR » Setup\Eula_esp.txt » MIME - is OK (internal scanning not performed)
E:\Soft\Nero 7.9.6.0\PlugIns\WMAPlugin20933.exe » RAR » Setup\Eula_fra.txt » MIME - is OK (internal scanning not performed)
E:\Soft\Nero 7.9.6.0\PlugIns\WMAPlugin20933.exe » RAR » Setup\Eula_ita.txt » MIME - is OK (internal scanning not performed)
E:\Soft\Nero 7.9.6.0\PlugIns\WMAPlugin20933.exe » RAR » Setup\Eula_ptg.txt » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg3.cab » CAB » visitor.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » MultiStatusBar.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » OutputWindow.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » Percolator.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » ReplaceDialog.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » ScrolledList.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » SearchDialog.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » SearchDialogBase.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » WidgetRedirector.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » WindowList.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » whatsound.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » double_const.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » testtar.tar » TAR » - archive damaged
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_bufio.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_cgi.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_codecs.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_contains.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_dis.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_extcall.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_format.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_funcattrs.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_future3.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_gc.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_gzip.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_import.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_linuxaudiodev.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_locale.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_long.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_long_future.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_marshal.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_mmap.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_mutants.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_new.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_nis.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_normalization.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_ossaudiodev.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_quopri.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_regex.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_scope.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_softspace.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_sort.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_struct.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_structseq.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_sunaudiodev.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_symtable.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_time.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_timing.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_tokenize.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_unpack.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_urllib2.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_wave.py » MIME - is OK (internal scanning not performed)
E:\Soft\Open_office\OOo_2.0.3_Win32Intel_install_cs.exe » NSIS » openofficeorg4.cab » CAB » test_xreadline.py » MIME - is OK (internal scanning not performed)
infikovano po čisté instalaci
- Benet
- Začátečník
-
- Registrován: 14. led 2004
- Bydliště: Brno
- Kontaktovat uživatele:
infikovano po čisté instalaci
MB:MSI K8N Neo2-54G (nForce3ultra)
CPU:A64Winches.3000+(1,8GHz)@(2,43GHz)
GPU:Inno3d 6800GT 350/1000@390/1100
Ram:2x A-DATA 512Mb 500MHz Opt.GSA-4160B TV:Leadtek WinFast TV2000XP Expert HDD:120GB Hitachi ATA+160GB Hitachi SATA Chlazení: Původní (boxované) OS:WIN XP Prof. SP2
- Dzin
- Moderátor
-
- Registrován: 04. bře 2004
- Bydliště: Zeměpisná šířka 48.76° Délka 14.03°
- Kontaktovat uživatele:
Re: infikovano po čisté instalaci
6 minut je hodně času na to abys chytil mraky virů, po instalaci kde nemas všechny aktualizace OS, AV, tak je to celkem běžná věc.
Asus X555L Přes SZ mě kvůli PC nekontaktujte, proto tu je naše fórum;-)
...web o čaji, čajování, motorkách, kaligrafii...
...web o čaji, čajování, motorkách, kaligrafii...- Dogg
- Začátečník
-
- Registrován: 13. dub 2007
Re: infikovano po čisté instalaci
ja mam dvd s win-xp kompilacka se zaplatama SP2 z dubna a noda mam na jinym cd s aktualizaci nekdy z cervna...
chci se zeptat jde do noda nejak externe nahrat nejnovejsi aktualizaci databaze viru?
a ty xpckovy zaplaty z dubna... je to uz moc stare nebo se to da este povazovat za bezpecne ted v zari?
chci se zeptat jde do noda nejak externe nahrat nejnovejsi aktualizaci databaze viru?
a ty xpckovy zaplaty z dubna... je to uz moc stare nebo se to da este povazovat za bezpecne ted v zari?
- facility
- Začátečník
-
- Registrován: 29. čer 2008
Re: infikovano po čisté instalaci
Benet píše:Zdravím , mam takovej problém. Po čisté istalaci woken XP prof SP3 a následné istalaci nod32antivir hlasí infikaci ale infikované soubory nejdou smazat ani ručně ani softem.
1,Preinstaluj XP sp3
2,Antivir si daj Avast
3,Firewall Kerio..
4,Spyware Terminator
5,PeerGuardian 2 + ho obohatit podla potreby o adresy z Blocklistu
Abit IP35 pro , e2180@ 3 Ghz, 6GB A-DATA 800MHz @900Mhz, Asus 8800GT 512 MB,Barracuda 11. 500GB,WD 640GB,Noctua NH-U12F,Coollaboratory Liquid Pro,Corsair VX550W,Cooler Master CM690,Win XP SP3 NASA2 & Vista Ultimate 64bit Corporate Edition *Nejen hacking *Andreas Claus Rychlokurz finanční krize *Dolezite.sk *Cosmos Club * Global Economic Dictatorship