Dělal jsem si kontrolu, ale byla nějak podezřele krátká ( asi 3 minuty ). Není to nějak divný ? Tady jsem četl, že to trvá dlouho, až několik hodin.Musí se zatrhnout to drive ?
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.ucontrol Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "hotbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Object "networkessentials Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Object "networkessentials Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ezula toptext Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "virusburst Trojan" found in File System! Action Taken: No Action Taken.
Oct 08 21:49:17 2006 => Checking CLSID Reference Entries...
Sun Oct 08 21:49:21 2006 => Checking Module Usage Entries...
Sun Oct 08 21:49:21 2006 => Checking User Trusted External App Entries...
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""E:\data\cdw32.exe"". Action Taken: No Action Taken.
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmjblaunch.exe". Action Taken: No Action Taken.
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmfwlaunch.exe". Action Taken: No Action Taken.
Sun Oct 08 17:22:16 2006 => ***** Scanning complete. *****
Sun Oct 08 17:22:16 2006 => Total Objects Scanned: 21089
Sun Oct 08 17:22:16 2006 => Total Critical Objects: 18
Sun Oct 08 17:22:16 2006 => Total Disinfected Objects: 0
Sun Oct 08 17:22:16 2006 => Total Objects Renamed: 0
Sun Oct 08 17:22:16 2006 => Total Deleted Objects: 0
Sun Oct 08 17:22:16 2006 => Total Errors: 2
Sun Oct 08 17:22:16 2006 => Time Elapsed: 00:02:40
Sun Oct 08 17:22:16 2006 => Virus Database Date: 10/8/2006
Sun Oct 08 17:22:16 2006 => Virus Database Count: 229969
Sun Oct 08 17:22:16 2006 => Scan Completed.
prosím o kontrolu logu MWAW
prosím o kontrolu logu MWAW
Naposledy upravil(a) Davson dne 09 říj 2006 19:54, celkem upraveno 1 x.
Postupoval jsi přesně podle návodu (odkaz mám v podpisu)? Máš tam přesně popsáno, co máš mít nastaveno před startem skenu.
Navíc, jak je v tom návodu popsáno, každému řádku, který jsi tu dal, předchází řádek s cestou infikovaného souboru nebo registru. Musíš tu dávat proto dvojice řádků.
Navíc, jak je v tom návodu popsáno, každému řádku, který jsi tu dal, předchází řádek s cestou infikovaného souboru nebo registru. Musíš tu dávat proto dvojice řádků.
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Myslím, že jsem to dělal podle popisu. Akorát nevím jestli zaškrtnout to drive nebo ne. V jednom návodě to je a v jiném návodě to není. Dělal jsem to bez zaškrtnutí.
To kopírování jsem ale nedělal z toho logu v poznámkovém bloku, ale konec z horního okna (objects scanned) a a celé zobrazení dolního okna (virus log information).
To kopírování jsem ale nedělal z toho logu v poznámkovém bloku, ale konec z horního okna (objects scanned) a a celé zobrazení dolního okna (virus log information).
Tenhle seznam ti pomůže vyhledat tyto položky v logu a dát je sem i s tím předchozím řádkem. Nebo jdi rovnou do logu a použij vyhledávání pomocí "action taken".
Znáte pravidla?
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Tipy a triky ve Windows XP
Návody: HijackThis, MWAV, CCleaner (THX to mijaja)
Problémy, které chcete vyřešit pište sem do fóra. Neposílejte je emailem ani po ICQ!
Snad to udělám již dobře. Ale pořád ten scan trvá jen 3 minuty a pořád nevím jestli nemám zatrhnout i možnost drive.
Sun Oct 08 21:48:59 2006 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKLM\Software\microsoft\downloadmanager !!!
Sun Oct 08 21:49:03 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com !!!
Sun Oct 08 21:49:03 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sun Oct 08 21:49:03 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sun Oct 08 21:49:03 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet !!!
Sun Oct 08 21:49:03 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing !!!
Sun Oct 08 21:49:03 2006 => Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch !!!
Sun Oct 08 21:49:03 2006 => Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:08 2006 => Offending Folder found: C:\Program Files\Common Files\ucontrol
Sun Oct 08 21:49:08 2006 => Object "whenu.ucontrol Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:09 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Data aplikací\microsoft\office\naposledy otevřené\games.lnk
Sun Oct 08 21:49:09 2006 => System found infected with hotbar Spyware/Adware (games.lnk)! Action taken: No Action Taken.
Sun Oct 08 21:49:12 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\1.dat
Sun Oct 08 21:49:12 2006 => System found infected with wareout Adware (1.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:12 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat
Sun Oct 08 21:49:12 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:12 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\43.dat
Sun Oct 08 21:49:12 2006 => System found infected with networkessentials Spyware/Adware (43.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:13 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\1.dat
Sun Oct 08 21:49:13 2006 => System found infected with wareout Adware (1.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:13 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\3.dat
Sun Oct 08 21:49:13 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:13 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\43.dat
Sun Oct 08 21:49:13 2006 => System found infected with networkessentials Spyware/Adware (43.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:14 2006 => Offending file found: C:\Documents and Settings\All Users\Data aplikací\cyberlink\powerdvd\html\english\dv_entertainment\images\popup_top.gif
Sun Oct 08 21:49:14 2006 => System found infected with ezula toptext Spyware/Adware (popup_top.gif)! Action taken: No Action Taken.
Sun Oct 08 21:49:15 2006 => Offending file found: C:\WINDOWS\vb.ini
Sun Oct 08 21:49:15 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Oct 08 21:49:17 2006 => Checking CLSID Reference Entries...
Sun Oct 08 21:49:21 2006 => Checking Module Usage Entries...
Sun Oct 08 21:49:21 2006 => Checking User Trusted External App Entries...
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""E:\data\cdw32.exe"". Action Taken: No Action Taken.
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmjblaunch.exe". Action Taken: No Action Taken.
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmfwlaunch.exe". Action Taken: No Action Taken.
Mon Oct 09 18:56:58 2006 => ***** Scanning complete. *****
Mon Oct 09 18:56:58 2006 => Total Objects Scanned: 20898
Mon Oct 09 18:56:58 2006 => Total Critical Objects: 18
Mon Oct 09 18:56:58 2006 => Total Disinfected Objects: 0
Mon Oct 09 18:56:58 2006 => Total Objects Renamed: 0
Mon Oct 09 18:56:58 2006 => Total Deleted Objects: 0
Mon Oct 09 18:56:58 2006 => Total Errors: 5
Mon Oct 09 18:56:58 2006 => Time Elapsed: 00:03:06
Mon Oct 09 18:56:58 2006 => Virus Database Date: 10/8/2006
Mon Oct 09 18:56:58 2006 => Virus Database Count: 229853
Mon Oct 09 18:56:58 2006 => Scan Completed.
Sun Oct 08 21:48:36 2006 => Result: ERROR!!! File C:\Documents and Settings\Zdeněk\Plocha\cd-client-4_32_0-en.exe is Not Scanned
Sun Oct 08 21:48:36 2006 => C:\Documents and Settings\Zdeněk\Plocha\cd-client-4_32_0-en.exe not Scanned. Possibly password protected..
Sun Oct 08 21:48:52 2006 => ERROR!!! Invalid Entry \??\E:\INSTALL\GMSIPCI.SYS in SYSTEM\CurrentControlSet\Services\GMSIPCI...
Sun Oct 08 21:48:52 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sun Oct 08 21:49:34 2006 => Scanning File C:\WINDOWS\system32\asferror.dll
Sun Oct 08 21:50:46 2006 => Scanning File C:\WINDOWS\system32\wmerror.dll
Sun Oct 08 21:48:59 2006 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKLM\Software\microsoft\downloadmanager !!!
Sun Oct 08 21:49:03 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com !!!
Sun Oct 08 21:49:03 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sun Oct 08 21:49:03 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sun Oct 08 21:49:03 2006 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet !!!
Sun Oct 08 21:49:03 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing !!!
Sun Oct 08 21:49:03 2006 => Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:03 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch !!!
Sun Oct 08 21:49:03 2006 => Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:08 2006 => Offending Folder found: C:\Program Files\Common Files\ucontrol
Sun Oct 08 21:49:08 2006 => Object "whenu.ucontrol Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sun Oct 08 21:49:09 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Data aplikací\microsoft\office\naposledy otevřené\games.lnk
Sun Oct 08 21:49:09 2006 => System found infected with hotbar Spyware/Adware (games.lnk)! Action taken: No Action Taken.
Sun Oct 08 21:49:12 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\1.dat
Sun Oct 08 21:49:12 2006 => System found infected with wareout Adware (1.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:12 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat
Sun Oct 08 21:49:12 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:12 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\43.dat
Sun Oct 08 21:49:12 2006 => System found infected with networkessentials Spyware/Adware (43.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:13 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\1.dat
Sun Oct 08 21:49:13 2006 => System found infected with wareout Adware (1.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:13 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\3.dat
Sun Oct 08 21:49:13 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:13 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\43.dat
Sun Oct 08 21:49:13 2006 => System found infected with networkessentials Spyware/Adware (43.dat)! Action taken: No Action Taken.
Sun Oct 08 21:49:14 2006 => Offending file found: C:\Documents and Settings\All Users\Data aplikací\cyberlink\powerdvd\html\english\dv_entertainment\images\popup_top.gif
Sun Oct 08 21:49:14 2006 => System found infected with ezula toptext Spyware/Adware (popup_top.gif)! Action taken: No Action Taken.
Sun Oct 08 21:49:15 2006 => Offending file found: C:\WINDOWS\vb.ini
Sun Oct 08 21:49:15 2006 => System found infected with virusburst Trojan (C:\WINDOWS\vb.ini)! Action taken: No Action Taken.
Oct 08 21:49:17 2006 => Checking CLSID Reference Entries...
Sun Oct 08 21:49:21 2006 => Checking Module Usage Entries...
Sun Oct 08 21:49:21 2006 => Checking User Trusted External App Entries...
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""E:\data\cdw32.exe"". Action Taken: No Action Taken.
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmjblaunch.exe". Action Taken: No Action Taken.
Sun Oct 08 21:49:21 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmfwlaunch.exe". Action Taken: No Action Taken.
Mon Oct 09 18:56:58 2006 => ***** Scanning complete. *****
Mon Oct 09 18:56:58 2006 => Total Objects Scanned: 20898
Mon Oct 09 18:56:58 2006 => Total Critical Objects: 18
Mon Oct 09 18:56:58 2006 => Total Disinfected Objects: 0
Mon Oct 09 18:56:58 2006 => Total Objects Renamed: 0
Mon Oct 09 18:56:58 2006 => Total Deleted Objects: 0
Mon Oct 09 18:56:58 2006 => Total Errors: 5
Mon Oct 09 18:56:58 2006 => Time Elapsed: 00:03:06
Mon Oct 09 18:56:58 2006 => Virus Database Date: 10/8/2006
Mon Oct 09 18:56:58 2006 => Virus Database Count: 229853
Mon Oct 09 18:56:58 2006 => Scan Completed.
Sun Oct 08 21:48:36 2006 => Result: ERROR!!! File C:\Documents and Settings\Zdeněk\Plocha\cd-client-4_32_0-en.exe is Not Scanned
Sun Oct 08 21:48:36 2006 => C:\Documents and Settings\Zdeněk\Plocha\cd-client-4_32_0-en.exe not Scanned. Possibly password protected..
Sun Oct 08 21:48:52 2006 => ERROR!!! Invalid Entry \??\E:\INSTALL\GMSIPCI.SYS in SYSTEM\CurrentControlSet\Services\GMSIPCI...
Sun Oct 08 21:48:52 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sun Oct 08 21:49:34 2006 => Scanning File C:\WINDOWS\system32\asferror.dll
Sun Oct 08 21:50:46 2006 => Scanning File C:\WINDOWS\system32\wmerror.dll
- mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
Budeš muset vlézt do editoru registrů - Nabídka Start - Spustit - do okénka napiš regedit a dej OK. Potom najdi tyhle klíče (v pravém okně regeditu) a klikni na ně pravým myšítkem. Z volby dej odstranit a smaž je všechny:
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com
HKLM\Software\microsoft\downloadmanager
Na disku bys měl najít tyto soubory a odstranit je (měl bys mít nastavené zobrazování skrytých a systémových souborů v Možnostech složky):
C:\Program Files\Common Files\ucontrol
C:\Documents and Settings\Zdeněk\Data aplikací\microsoft\office\naposledy otevřené\games.lnk
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\1.dat
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\43.dat - cache HP Digital imagingu klidně vymaž celé.
C:\Documents and Settings\All Users\Data aplikací\cyberlink\powerdvd\html\english\dv_entertainment\images\popup_top.gif
C:\WINDOWS\vb.ini - a hlavně tohoto šmejda.
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com
HKLM\Software\microsoft\downloadmanager
Na disku bys měl najít tyto soubory a odstranit je (měl bys mít nastavené zobrazování skrytých a systémových souborů v Možnostech složky):
C:\Program Files\Common Files\ucontrol
C:\Documents and Settings\Zdeněk\Data aplikací\microsoft\office\naposledy otevřené\games.lnk
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\1.dat
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\43.dat - cache HP Digital imagingu klidně vymaž celé.
C:\Documents and Settings\All Users\Data aplikací\cyberlink\powerdvd\html\english\dv_entertainment\images\popup_top.gif
C:\WINDOWS\vb.ini - a hlavně tohoto šmejda.
Zasílám nový log MWAW. Těch 7 souborů z disku jsem odstranil. Ale pořád nevím jak odstranit ty klíče z editoru registrů. Mám odstranit celou tu složku co to najde ( např. altnet ) nebo jenom to co je v pravé části okna :
ab výchozí REG_SZ
? order REG_BINARY
Tue Oct 10 19:33:18 2006 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Tue Oct 10 19:33:28 2006 => Offending Key found: HKLM\Software\microsoft\downloadmanager !!!
Tue Oct 10 19:33:28 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet !!!
Tue Oct 10 19:33:29 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing !!!
Tue Oct 10 19:33:29 2006 => Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch !!!
Tue Oct 10 19:33:29 2006 => Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\altnet !!!
Tue Oct 10 19:33:29 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\gain publishing !!!
Tue Oct 10 19:33:29 2006 => Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\whenusearch !!!
Tue Oct 10 19:33:29 2006 => Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:32 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat
Tue Oct 10 19:33:32 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Tue Oct 10 19:33:33 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\3.dat
Tue Oct 10 19:33:33 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Tue Oct 10 19:33:38 2006 => Checking CLSID Reference Entries...
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerNative.UIAutomation" refers to invalid object "{DF66AFC9-C61D-404a-B535-64FBF91D420F}". Action Taken: No Action Taken.
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerNative.UIAutomation.1" refers to invalid object "{DF66AFC9-C61D-404a-B535-64FBF91D420F}". Action Taken: No Action Taken.
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerPrivateNative.MessengerPriv" refers to invalid object "{BBBFCB14-3B21-491c-9E2A-B0F3D50F83FD}". Action Taken: No Action Taken.
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerPrivateNative.MessengerPriv.1" refers to invalid object "{BBBFCB14-3B21-491c-9E2A-B0F3D50F83FD}". Action Taken: No Action Taken.
ab výchozí REG_SZ
? order REG_BINARY
Tue Oct 10 19:33:18 2006 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Tue Oct 10 19:33:28 2006 => Offending Key found: HKLM\Software\microsoft\downloadmanager !!!
Tue Oct 10 19:33:28 2006 => Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet !!!
Tue Oct 10 19:33:29 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing !!!
Tue Oct 10 19:33:29 2006 => Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch !!!
Tue Oct 10 19:33:29 2006 => Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\altnet !!!
Tue Oct 10 19:33:29 2006 => Object "topsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\gain publishing !!!
Tue Oct 10 19:33:29 2006 => Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:29 2006 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\whenusearch !!!
Tue Oct 10 19:33:29 2006 => Object "whenu/search Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Oct 10 19:33:32 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat
Tue Oct 10 19:33:32 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Tue Oct 10 19:33:33 2006 => Offending file found: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\hp\digital imaging\cache\3.dat
Tue Oct 10 19:33:33 2006 => System found infected with wareout Adware (3.dat)! Action taken: No Action Taken.
Tue Oct 10 19:33:38 2006 => Checking CLSID Reference Entries...
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerNative.UIAutomation" refers to invalid object "{DF66AFC9-C61D-404a-B535-64FBF91D420F}". Action Taken: No Action Taken.
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerNative.UIAutomation.1" refers to invalid object "{DF66AFC9-C61D-404a-B535-64FBF91D420F}". Action Taken: No Action Taken.
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerPrivateNative.MessengerPriv" refers to invalid object "{BBBFCB14-3B21-491c-9E2A-B0F3D50F83FD}". Action Taken: No Action Taken.
Tue Oct 10 19:33:40 2006 => Entry "HKCR\MessengerPrivateNative.MessengerPriv.1" refers to invalid object "{BBBFCB14-3B21-491c-9E2A-B0F3D50F83FD}". Action Taken: No Action Taken.
- mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
Zlikviduj jen to, co ti mwav označil jako konečnou hodnotu - tedy ne celou větev, ale jen tu červenou hodnotu v klíči v pravém okně editoru (tj celý ten řádek):
HKLM\Software\microsoft\downloadmanager
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet - pokud je altnet složka v levém okně smaž ji celou!
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch
a tento soubor tam ještě zůstal:
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat - pryč s ním
HKLM\Software\microsoft\downloadmanager
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\altnet - pokud je altnet složka v levém okně smaž ji celou!
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\gain publishing
HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\whenusearch
a tento soubor tam ještě zůstal:
C:\Documents and Settings\Zdeněk\Local Settings\data aplikací\hp\digital imaging\cache\3.dat - pryč s ním
Tak tu složku altnet v levém okně jsem odstranil. To samé v levém okně mám udělat i se složkami gain publishing, whenusearch a downloadmanager ? Nebo složky mám nechat a odstranit vše co zobrazují v pravém okně ? Píšeš, že mám odstranit celý řádek v pravém okně, ale který tam jsou někdy dva.
Například :
ab výchozí REG_SZ
? order REG_BINARY
Například :
ab výchozí REG_SZ
? order REG_BINARY
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 10 hostů