log z MWAV
log z MWAV
MWAV mi vyjel toto. nevíte,jestli je to něco závažnějšího a jak se toho zbavit?
chybička se vloudí
File C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS infected by "Trojan-Spy.Win32.Goldun.gq" Virus! Action Taken: No Action Taken.
Object "minibug Adware" found in File System! Action Taken: No Action Taken.
Object "searchexe Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS infected by "Trojan-Spy.Win32.Goldun.gq" Virus! Action Taken: No Action Taken.
Object "minibug Adware" found in File System! Action Taken: No Action Taken.
Object "searchexe Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
- mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
MWAV je důkladný sken systému a nezdá se mi, že by se ti ve výsledku objevilo jen tohle. Ty řádky o virech, spyware, adware a podobných šmejdech bývají takhle:
File C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS infected by "Trojan-Spy.Win32.Goldun.gq" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
- Čili vždy 2 řádky s úplnou cestou k nakaženému souboru. V tom co jsi sem dal, tam právě chybí ty cesty a názvy těch souborů. V pořádku jsou jen ten první a poslední záznam.
Udělej ho znovu. I když pro začátek by byl lepší log z Hijackthisu.
File C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS infected by "Trojan-Spy.Win32.Goldun.gq" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
- Čili vždy 2 řádky s úplnou cestou k nakaženému souboru. V tom co jsi sem dal, tam právě chybí ty cesty a názvy těch souborů. V pořádku jsou jen ten první a poslední záznam.
Udělej ho znovu. I když pro začátek by byl lepší log z Hijackthisu.
tak tady je zatím HJT. MWAV zkusím ještě jednou.
Logfile of HijackThis v1.99.1
Scan saved at 11:31:51, on 20.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\WZCBDL Service\WZCBDLS.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mirek\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB005C4D-1AA8-433B-80D4-BB689F22923C}: NameServer = 84.16.96.2
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - C:\Program Files\WZCBDL Service\WZCBDLS.exe
Logfile of HijackThis v1.99.1
Scan saved at 11:31:51, on 20.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\WZCBDL Service\WZCBDLS.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mirek\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB005C4D-1AA8-433B-80D4-BB689F22923C}: NameServer = 84.16.96.2
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - C:\Program Files\WZCBDL Service\WZCBDLS.exe
- mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
Máš nainstalovaný FlashGet a Star Downloader na stahování. Se Star Downloaderem bývají dost problémy, takže ten bych raději odinstaloval - mimo jiné mohou být problémy se spuštěním stahování (otázka piority procesů). Nechej si jen FlashGet.
V HJT fixni akorát toto:
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL - Alexu nepoužíváš, takže je to zbytečné
Aktivního šmejda tam není vidět, takže počkáme na log z MWAVu.
V HJT fixni akorát toto:
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL - Alexu nepoužíváš, takže je to zbytečné
Aktivního šmejda tam není vidět, takže počkáme na log z MWAVu.
tak jsem si s tím trochu pohrál.
File C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS infected by "Trojan-Spy.Win32.Goldun.gq" Virus! Action Taken: No Action Taken.
Object "minibug Adware" found in File System! Action Taken: No Action Taken.
Object "searchexe Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-2dcfcc1e-4aeae45a.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-38b5a303-710dac32.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\javainstaller.jar-2cb7cc7f-7e2b2adf.zip infected by "Trojan-Downloader.Java.OpenStream.w" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\jrl.jar-46a38335-3c726540.zip infected by "Trojan-Downloader.Java.OpenConnection.aj" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\Data aplikací\Mozilla\Profiles\Nepojmenovaný\eyxjuous.slt\Cache\D9FC2727d01 infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
File C:\Download\eCodec-v4.143(1).exe infected by "Trojan.Win32.Zapchast.ax" Virus! Action Taken: No Action Taken.
File C:\Download\eCodec-v4.143.exe infected by "Trojan.Win32.Zapchast.ax" Virus! Action Taken: No Action Taken.
File C:\Program Files\EMCO Malware Bouncer\Quarantine\M-YDDCHEQVSG3GY\NMC.NDOTNET\Files\Program Files\NewDotNet\newdotnet7_22(2).dll tagged as "not-a-virus:AdWare.Win32.NewDotNet.i". Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS infected by "Trojan-Spy.Win32.Goldun.gq" Virus! Action Taken: No Action Taken.
Object "minibug Adware" found in File System! Action Taken: No Action Taken.
Object "searchexe Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "spyware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bridge Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-2dcfcc1e-4aeae45a.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-38b5a303-710dac32.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\javainstaller.jar-2cb7cc7f-7e2b2adf.zip infected by "Trojan-Downloader.Java.OpenStream.w" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\jrl.jar-46a38335-3c726540.zip infected by "Trojan-Downloader.Java.OpenConnection.aj" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Mirek\Data aplikací\Mozilla\Profiles\Nepojmenovaný\eyxjuous.slt\Cache\D9FC2727d01 infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken.
File C:\Download\eCodec-v4.143(1).exe infected by "Trojan.Win32.Zapchast.ax" Virus! Action Taken: No Action Taken.
File C:\Download\eCodec-v4.143.exe infected by "Trojan.Win32.Zapchast.ax" Virus! Action Taken: No Action Taken.
File C:\Program Files\EMCO Malware Bouncer\Quarantine\M-YDDCHEQVSG3GY\NMC.NDOTNET\Files\Program Files\NewDotNet\newdotnet7_22(2).dll tagged as "not-a-virus:AdWare.Win32.NewDotNet.i". Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\mdfpro.dll infected by "Trojan-Spy.Win32.Goldun.fp" Virus! Action Taken: No Action Taken.
- mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
Takže si nastav zobrazování skrytých a systémových souborů a najdi na disku tyto soubory:
C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS - Troj/Haxdoor-AK
C:\WINDOWS\system32\mdfpro.dll - Trojan-Spy.Win32.Goldun.fp
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-2dcfcc1e-4aeae45a.zip - Exploit.Java.ByteVerify
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-38b5a303-710dac32.zip - to samé
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\javainstaller.jar-2cb7cc7f-7e2b2adf.zip - Trojan-Downloader.Java.OpenStream.w
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\jrl.jar-46a38335-3c726540.zip - Trojan-Downloader.Java.OpenConnection.aj
C:\Documents and Settings\Mirek\Data aplikací\Mozilla\Profiles\Nepojmenovaný\eyxjuous.slt\Cache\D9FC2727d01 - Trojan-Clicker.JS.Linker.j
C:\Download\eCodec-v4.143(1).exe - Trojan.Win32.Zapchast.ax
C:\Download\eCodec-v4.143.exe - to samé
C:\Program Files\EMCO Malware Bouncer\Quarantine\M-YDDCHEQVSG3GY\NMC.NDOTNET\Files\Program Files\NewDotNet\newdotnet7_22(2).dll - AdWare.Win32.NewDotNet
Nejdříve si stáhni CCleaner (návod)- odpoj se od internetu a vypni všechny okna prohlížečů (IE, FF, Operu) a spusť CCleaner - dej všechno vyčistit včetně Java Cache. Potom najdi ty červeně označené soubory a všechny smaž. Adresář C:\Program Files\EMCO Malware Bouncer smaž celý!!! Potom nezapomeň vysypat koš!
Vypadá to jako žákovská knížka, ale mělo by to jít dobře, protože šmejdi nejsou momentálně aktivní.
Napiš, jak jsi dopadl.
C:\WINDOWS\SYSTEM32\NODANTIVIR.SYS - Troj/Haxdoor-AK
C:\WINDOWS\system32\mdfpro.dll - Trojan-Spy.Win32.Goldun.fp
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-2dcfcc1e-4aeae45a.zip - Exploit.Java.ByteVerify
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\count.jar-38b5a303-710dac32.zip - to samé
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\javainstaller.jar-2cb7cc7f-7e2b2adf.zip - Trojan-Downloader.Java.OpenStream.w
C:\Documents and Settings\Mirek\.jpi_cache\jar\1.0\jrl.jar-46a38335-3c726540.zip - Trojan-Downloader.Java.OpenConnection.aj
C:\Documents and Settings\Mirek\Data aplikací\Mozilla\Profiles\Nepojmenovaný\eyxjuous.slt\Cache\D9FC2727d01 - Trojan-Clicker.JS.Linker.j
C:\Download\eCodec-v4.143(1).exe - Trojan.Win32.Zapchast.ax
C:\Download\eCodec-v4.143.exe - to samé
C:\Program Files\EMCO Malware Bouncer\Quarantine\M-YDDCHEQVSG3GY\NMC.NDOTNET\Files\Program Files\NewDotNet\newdotnet7_22(2).dll - AdWare.Win32.NewDotNet
Nejdříve si stáhni CCleaner (návod)- odpoj se od internetu a vypni všechny okna prohlížečů (IE, FF, Operu) a spusť CCleaner - dej všechno vyčistit včetně Java Cache. Potom najdi ty červeně označené soubory a všechny smaž. Adresář C:\Program Files\EMCO Malware Bouncer smaž celý!!! Potom nezapomeň vysypat koš!
Vypadá to jako žákovská knížka, ale mělo by to jít dobře, protože šmejdi nejsou momentálně aktivní.
Napiš, jak jsi dopadl.
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti