Dobrý den prosím o zkontrolování, nevím co s tím, jestli tam je něco nebezpečného a čím to když tak zničit, děkuji.
Sun Sep 17 21:47:28 2006 => Scanning File C:\WINDOWS\system32\netware.drv
Sun Sep 17 21:48:04 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\Spyware.sdb
Mon Sep 18 21:34:12 2006 => Scanning File C:\WINDOWS\system32\netware.drv
Mon Sep 18 21:34:57 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\Spyware.sdb
Tue Oct 03 17:06:49 2006 => Scanning File C:\WINDOWS\system32\netware.drv
Tue Oct 03 17:07:40 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\Spyware.sdb
Tue Oct 03 17:07:43 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\FtpTempF\riskware.avc
Tue Oct 03 17:07:44 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\riskware.avc
Tue Oct 03 17:07:40 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\virus.avi
Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Tue Oct 03 17:06:25 2006 => Scanning File C:\WINDOWS\system32\drivers\WmVirHid.sys
Tue Oct 03 17:03:47 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\virus.avi
Mon Sep 18 21:34:57 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\virus.avi
Mon Sep 18 21:33:55 2006 => Scanning File C:\WINDOWS\system32\drivers\WmVirHid.sys
Mon Sep 18 21:33:02 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\virus.avi
Sun Sep 17 21:48:04 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\virus.avi
Sun Sep 17 21:47:11 2006 => Scanning File C:\WINDOWS\system32\drivers\WmVirHid.sys
Sun Sep 17 21:45:59 2006 => Scanning File C:\DOCUME~1\LUBOŠ\LOCALS~1\Temp\virus.avi
Tue Oct 03 17:07:45 2006 => Checking for Adware.SeekSeek Virus...
Tue Oct 03 17:07:45 2006 => ***** Scanning complete. *****
Tue Oct 03 17:07:45 2006 => Total Objects Scanned: 20303
Tue Oct 03 17:07:45 2006 => Total Critical Objects: 2
Tue Oct 03 17:07:45 2006 => Total Disinfected Objects: 0
Tue Oct 03 17:07:45 2006 => Total Objects Renamed: 0
Tue Oct 03 17:07:45 2006 => Total Deleted Objects: 0
Tue Oct 03 17:07:45 2006 => Total Errors: 23
Tue Oct 03 17:07:45 2006 => Time Elapsed: 00:01:41
Tue Oct 03 17:07:45 2006 => Virus Database Date: 10/3/2006
Tue Oct 03 17:07:45 2006 => Virus Database Count: 228490
Tue Oct 03 17:07:45 2006 => Scan Completed.
Log z MWAV
Z toho tvého logu je důležitý jenom jeden řádek:
Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Najdi a smaž soubor C:\WINDOWS\vb.ini
Ale podle závěrečné tabulky máš mít 2 kritické objekty, kdežto tohle je jen jeden. Musíš v logu najít ten zbývající. Nejrychlejší bude hledání podle "Action taken".
Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Najdi a smaž soubor C:\WINDOWS\vb.ini
Ale podle závěrečné tabulky máš mít 2 kritické objekty, kdežto tohle je jen jeden. Musíš v logu najít ten zbývající. Nejrychlejší bude hledání podle "Action taken".
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Log z MWAV
No smazal sem ten vb.ini a projel sem to znovu a tohle mi našlo teda, nevím přesně co sem tu měl všechno dát
Sun Sep 17 21:47:18 2006 => Entry "HKCR\ICQPhone.SipxPhoneManager" refers to invalid object "{82308D15-1A2C-416A-A5BE-21DAF85DDB75}". Action Taken: No Action Taken.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Sun Sep 17 21:47:19 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Sun Sep 17 21:47:19 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Sun Sep 17 21:47:19 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".chp". Action Taken: No Action Taken.
Mon Sep 18 21:34:01 2006 => Entry "HKCR\ICQPhone.SipxPhoneManager" refers to invalid object "{82308D15-1A2C-416A-A5BE-21DAF85DDB75}". Action Taken: No Action Taken.
Mon Sep 18 21:34:02 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Mon Sep 18 21:34:02 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\NeroCoverDesigner_fra.chm". Action Taken: No Action Taken.
Mon Sep 18 21:34:02 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Tue Oct 03 17:06:33 2006 => Offending file found: C:\WINDOWS\vb.ini
Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Tue Oct 03 17:06:35 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Tue Oct 03 17:06:35 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\WinDVD.exe" refers to invalid object "C:\Program Files\MSI\MSIDVD\WinDVD.exe". Action Taken: No Action Taken.
Tue Oct 03 18:10:04 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Tue Oct 03 18:10:04 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Tue Oct 03 18:10:04 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\WinDVD.exe" refers to invalid object "C:\Program Files\MSI\MSIDVD\WinDVD.exe". Action Taken: No Action Taken.
Tue Oct 03 18:27:24 2006 => Scanning Folder: C:\DOCUME~1\LUBOŠ\LOCALS~1\TEMPOR~1\Content.IE5\Q8DCTVBS\*.*
Tue Oct 03 18:27:25 2006 => Scanning Folder: C:\DOCUME~1\LUBOŠ\LOCALS~1\TEMPOR~1\Content.IE5\802FHHWB\*.*
Tue Oct 03 18:27:25 2006 => ***** Checking for specific ITW Viruses *****
Tue Oct 03 18:27:25 2006 => Checking for Welchia Virus...
Tue Oct 03 18:27:25 2006 => Checking for LovGate Virus...
Tue Oct 03 18:27:25 2006 => Checking for CodeRed Virus...
Tue Oct 03 18:27:25 2006 => Checking for OpaServ Virus...
Tue Oct 03 18:27:25 2006 => Checking for Sobig.e Virus...
Tue Oct 03 18:27:25 2006 => Checking for Winupie Virus...
Tue Oct 03 18:27:25 2006 => Checking for Swen Virus...
Tue Oct 03 18:27:25 2006 => Checking for JS.Fortnight Virus...
Tue Oct 03 18:27:25 2006 => Checking for Novarg Virus...
Tue Oct 03 18:27:25 2006 => Checking for Pagabot Virus...
Tue Oct 03 18:27:25 2006 => Checking for Parite.b Virus...
Tue Oct 03 18:27:25 2006 => Checking for Parite.a Virus...
Tue Oct 03 18:27:25 2006 => Checking for Adware.SeekSeek Virus...
Tue Oct 03 18:27:25 2006 => ***** Scanning complete. *****
Tue Oct 03 18:27:25 2006 => Total Objects Scanned: 20450
Tue Oct 03 18:27:25 2006 => Total Critical Objects: 1
Tue Oct 03 18:27:25 2006 => Total Disinfected Objects: 0
Tue Oct 03 18:27:25 2006 => Total Objects Renamed: 0
Tue Oct 03 18:27:25 2006 => Total Deleted Objects: 0
Tue Oct 03 18:27:25 2006 => Total Errors: 23
Tue Oct 03 18:27:25 2006 => Time Elapsed: 00:01:09
Tue Oct 03 18:27:25 2006 => Virus Database Date: 10/3/2006
Tue Oct 03 18:27:25 2006 => Virus Database Count: 228525
Tue Oct 03 18:27:25 2006 => Scan Completed.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\ICQPhone.SipxPhoneManager" refers to invalid object "{82308D15-1A2C-416A-A5BE-21DAF85DDB75}". Action Taken: No Action Taken.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Sun Sep 17 21:47:18 2006 => Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Sun Sep 17 21:47:19 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Sun Sep 17 21:47:19 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Sun Sep 17 21:47:19 2006 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".chp". Action Taken: No Action Taken.
Mon Sep 18 21:34:01 2006 => Entry "HKCR\ICQPhone.SipxPhoneManager" refers to invalid object "{82308D15-1A2C-416A-A5BE-21DAF85DDB75}". Action Taken: No Action Taken.
Mon Sep 18 21:34:02 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Mon Sep 18 21:34:02 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\NeroCoverDesigner_fra.chm". Action Taken: No Action Taken.
Mon Sep 18 21:34:02 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Tue Oct 03 17:06:33 2006 => Offending file found: C:\WINDOWS\vb.ini
Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Tue Oct 03 17:06:35 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Tue Oct 03 17:06:35 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\WinDVD.exe" refers to invalid object "C:\Program Files\MSI\MSIDVD\WinDVD.exe". Action Taken: No Action Taken.
Tue Oct 03 18:10:04 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxsfs.dll". Action Taken: No Action Taken.
Tue Oct 03 18:10:04 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\system32\cmmgr32.exe". Action Taken: No Action Taken.
Tue Oct 03 18:10:04 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\WinDVD.exe" refers to invalid object "C:\Program Files\MSI\MSIDVD\WinDVD.exe". Action Taken: No Action Taken.
Tue Oct 03 18:27:24 2006 => Scanning Folder: C:\DOCUME~1\LUBOŠ\LOCALS~1\TEMPOR~1\Content.IE5\Q8DCTVBS\*.*
Tue Oct 03 18:27:25 2006 => Scanning Folder: C:\DOCUME~1\LUBOŠ\LOCALS~1\TEMPOR~1\Content.IE5\802FHHWB\*.*
Tue Oct 03 18:27:25 2006 => ***** Checking for specific ITW Viruses *****
Tue Oct 03 18:27:25 2006 => Checking for Welchia Virus...
Tue Oct 03 18:27:25 2006 => Checking for LovGate Virus...
Tue Oct 03 18:27:25 2006 => Checking for CodeRed Virus...
Tue Oct 03 18:27:25 2006 => Checking for OpaServ Virus...
Tue Oct 03 18:27:25 2006 => Checking for Sobig.e Virus...
Tue Oct 03 18:27:25 2006 => Checking for Winupie Virus...
Tue Oct 03 18:27:25 2006 => Checking for Swen Virus...
Tue Oct 03 18:27:25 2006 => Checking for JS.Fortnight Virus...
Tue Oct 03 18:27:25 2006 => Checking for Novarg Virus...
Tue Oct 03 18:27:25 2006 => Checking for Pagabot Virus...
Tue Oct 03 18:27:25 2006 => Checking for Parite.b Virus...
Tue Oct 03 18:27:25 2006 => Checking for Parite.a Virus...
Tue Oct 03 18:27:25 2006 => Checking for Adware.SeekSeek Virus...
Tue Oct 03 18:27:25 2006 => ***** Scanning complete. *****
Tue Oct 03 18:27:25 2006 => Total Objects Scanned: 20450
Tue Oct 03 18:27:25 2006 => Total Critical Objects: 1
Tue Oct 03 18:27:25 2006 => Total Disinfected Objects: 0
Tue Oct 03 18:27:25 2006 => Total Objects Renamed: 0
Tue Oct 03 18:27:25 2006 => Total Deleted Objects: 0
Tue Oct 03 18:27:25 2006 => Total Errors: 23
Tue Oct 03 18:27:25 2006 => Time Elapsed: 00:01:09
Tue Oct 03 18:27:25 2006 => Virus Database Date: 10/3/2006
Tue Oct 03 18:27:25 2006 => Virus Database Count: 228525
Tue Oct 03 18:27:25 2006 => Scan Completed.
- fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Zkus si Pc pročistit programem Ccleaner
Jediné co máš v tom logu je ten Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken. ale ten je i v předchozím logu a už si říkal že si ho vymazal.
Máš tam různé datumy z předchozích kontrol např:
Jestli nevíš přesně co sem máš dat tak se podívej sem do návodu:
Jediné co máš v tom logu je ten Tue Oct 03 17:06:33 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken. ale ten je i v předchozím logu a už si říkal že si ho vymazal.
Máš tam různé datumy z předchozích kontrol např:
- Sun Sep 17 21:47:18 2006
Mon Sep 18 21:34:02 2006
Tue Oct 03 17:06:33 2006
Tue Oct 03 17:06:35 2006
Tue Oct 03 18:10:04 2006
pak v tom vzniká zmatek
Jestli nevíš přesně co sem máš dat tak se podívej sem do návodu:
Log z MWAV
Tak sem to projel tím CCLEANER, vyčistil sem log a projel to znovu, zde výsledek..
Tue Oct 03 21:52:51 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 03 21:53:48 2006 => Virus Database Date: 10/3/2006
Tue Oct 03 21:53:48 2006 => Virus Database Count: 228601
Tue Oct 03 21:53:48 2006 => Scan Completed.
Total Objects Scanned: 20114
Total Critical Objects: 1
Tue Oct 03 21:52:51 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 03 21:53:48 2006 => Virus Database Date: 10/3/2006
Tue Oct 03 21:53:48 2006 => Virus Database Count: 228601
Tue Oct 03 21:53:48 2006 => Scan Completed.
Total Objects Scanned: 20114
Total Critical Objects: 1
V předcházejícím řádku k tomuhle by měla být cesta infikované položky. Zkus ho najít.
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Log z MWAV
takže ten předřádek je...
Wed Oct 04 15:56:30 2006 => Offending Key found: HKLM\Software\microsoft\downloadmanager !!!
Wed Oct 04 15:56:35 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
, hledal sem podle "Action Taken"
Wed Oct 04 15:57:24 2006 => ***** Scanning complete. *****
Wed Oct 04 15:57:24 2006 => Total Objects Scanned: 20062
Wed Oct 04 15:57:24 2006 => Total Critical Objects: 1
Wed Oct 04 15:57:24 2006 => Total Disinfected Objects: 0
Wed Oct 04 15:57:24 2006 => Total Objects Renamed: 0
Wed Oct 04 15:57:25 2006 => Total Deleted Objects: 0
Wed Oct 04 15:57:25 2006 => Total Errors: 6
Wed Oct 04 15:57:25 2006 => Time Elapsed: 00:01:10
Wed Oct 04 15:57:25 2006 => Virus Database Date: 10/4/2006
Wed Oct 04 15:57:25 2006 => Virus Database Count: 228727
Wed Oct 04 15:57:25 2006 => Scan Completed.
Wed Oct 04 15:56:30 2006 => Offending Key found: HKLM\Software\microsoft\downloadmanager !!!
Wed Oct 04 15:56:35 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
, hledal sem podle "Action Taken"
Wed Oct 04 15:57:24 2006 => ***** Scanning complete. *****
Wed Oct 04 15:57:24 2006 => Total Objects Scanned: 20062
Wed Oct 04 15:57:24 2006 => Total Critical Objects: 1
Wed Oct 04 15:57:24 2006 => Total Disinfected Objects: 0
Wed Oct 04 15:57:24 2006 => Total Objects Renamed: 0
Wed Oct 04 15:57:25 2006 => Total Deleted Objects: 0
Wed Oct 04 15:57:25 2006 => Total Errors: 6
Wed Oct 04 15:57:25 2006 => Time Elapsed: 00:01:10
Wed Oct 04 15:57:25 2006 => Virus Database Date: 10/4/2006
Wed Oct 04 15:57:25 2006 => Virus Database Count: 228727
Wed Oct 04 15:57:25 2006 => Scan Completed.
Tak vidíš, máme to.
V editoru registrů (Start/Spustit/regedit) smnaž červený klíč:
HOT_KEY_LOCAL_MACHINE\Software\microsoft\downloadmanager
V editoru registrů (Start/Spustit/regedit) smnaž červený klíč:
HOT_KEY_LOCAL_MACHINE\Software\microsoft\downloadmanager
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Zpět na “Windows 11, 10, 8...”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů