Tak jsem to udelal, akorat jsem nenasel tohle:
C:\WINDOWS\system32\m6lslg3716.dll
a v killboxu mi to napsalo
PendingFileRenameOperationsRegistry data has been removed by external process.
Samovolné otvirání prohlížeče (vyřešeno)
a inzeraty stale naskakují...
další log je:
Logfile of HijackThis v1.99.1
Scan saved at 10:20:42, on 11.4.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Trend Micro\Internet Security\pccguide.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Patrik\LOCALS~1\Temp\Rar$EX00.844\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Oswb] "C:\DOCUME~1\Patrik\DOKUME~1\RACLE~1\javaw.exe" -vt yazr
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{874EA6CB-6166-4371-9DC7-8C6D0BDE7634}: NameServer = 160.218.10.200 160.218.43.200
O20 - Winlogon Notify: Themes - C:\WINDOWS\system32\h0n0la5m1d.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
další log je:
Logfile of HijackThis v1.99.1
Scan saved at 10:20:42, on 11.4.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Trend Micro\Internet Security\pccguide.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Patrik\LOCALS~1\Temp\Rar$EX00.844\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Oswb] "C:\DOCUME~1\Patrik\DOKUME~1\RACLE~1\javaw.exe" -vt yazr
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{874EA6CB-6166-4371-9DC7-8C6D0BDE7634}: NameServer = 160.218.10.200 160.218.43.200
O20 - Winlogon Notify: Themes - C:\WINDOWS\system32\h0n0la5m1d.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
-
mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
V taskmanageru jsi vypnul ten proces jawaw.exe, takže musí být někde na disku v Document and Settings/Patrik/ a teď nějaký adresář Racle~ a v něm ten soubor Jawaw.exe.
Tak se nedá nic dělat, budeš si muset stáhnout MWAV scaner (návod) a projet komp. Předtím si stáhni Removerexe a projeď komp(neinstaluje se - jen spustíš a dáš scan), stáhni a aplikuj NNClener a hlavně vyčisti CCleanerem všechny zbytečnosti, aby log mwavu nebyl kilometr dlouhý. Potom z logu MWAVu vyber řádky, kde se jedná o spyware, malware, virech, trojanech,atd i s úplnou cestou k nim.
Příklad:
File C:\WINDOWS\system32\dfrgsrv.exe infected by "Trojan-Downloader.Win32.Zlob.ia" Virus! Action Taken: No Action Taken
nebo
Sat Mar 25 10:52:18 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\ares !!!
Sat Mar 25 10:52:18 2006 => Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
a dej je sem do příspěvku. Bude to ale dost dlouhá operace, počítej aspoň hodinku - dvě.
Tak se nedá nic dělat, budeš si muset stáhnout MWAV scaner (návod) a projet komp. Předtím si stáhni Removerexe a projeď komp(neinstaluje se - jen spustíš a dáš scan), stáhni a aplikuj NNClener a hlavně vyčisti CCleanerem všechny zbytečnosti, aby log mwavu nebyl kilometr dlouhý. Potom z logu MWAVu vyber řádky, kde se jedná o spyware, malware, virech, trojanech,atd i s úplnou cestou k nim.
Příklad:
File C:\WINDOWS\system32\dfrgsrv.exe infected by "Trojan-Downloader.Win32.Zlob.ia" Virus! Action Taken: No Action Taken
nebo
Sat Mar 25 10:52:18 2006 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\ares !!!
Sat Mar 25 10:52:18 2006 => Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
a dej je sem do příspěvku. Bude to ale dost dlouhá operace, počítej aspoň hodinku - dvě.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWebProducts Spyware/Adware" found in File System! Action Taken: No Action.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "MyWebSearch Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWeb Spyware/Adware" found in File System! Action Taken: No Action.
Object "FunWebProducts Spyware/Adware" found in File System! Action Taken: No Action.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action.
TEn remover se mi vzdycky sekne u jednoho souboru, kterej urcite neni vir, je ze hry GTA.
Napodruhy uz se mi ten MWAV scan povedl, vysledek je tady:
File C:\WINDOWS\system32\mrimsg.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\wjcsvc.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\guard.tmp tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\Documents and Settings\Patrik\Plocha\ccsetup128.exe tagged as not-a-virus:RiskTool.Win32.PsKill.n. No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearchemailplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cws.loadadv.400 Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearchemailplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "clickspring Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "paymite Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "downloadplus Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "casinoclient Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "tencent qq Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ezula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "casinoclient Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "tencent qq Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\WINDOWS\DH.dll infected by "Trojan-Clicker.Win32.Small.jf" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\icont.exe tagged as "not-a-virus:AdWare.Win32.AdURL.c". Action Taken: No Action Taken.
File C:\WINDOWS\iconu.exe tagged as "not-a-virus:AdWare.Win32.Zestyfind". Action Taken: No Action Taken.
File C:\WINDOWS\internt.exe infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\eid.exe infected by "Trojan-Downloader.Win32.Small.buu" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\f3PSSavr.scr tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\WINDOWS\System32\htgako.dll tagged as "not-a-virus:AdWare.Win32.PurityScan.ak". Action Taken: No Action Taken.
File C:\WINDOWS\System32\IcagXRA7.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\System32\lncalui.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\System32\mssecure.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temp\ICD1.tmp\epl.exe infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[1].mrdani.com.exe tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[2].mrdani.com.exe tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].chm tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].exe tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\lup.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Patrik\Plocha\ccsetup128.exe tagged as not-a-virus:RiskTool.Win32.PsKill.n. No Action Taken.
File C:\drsmartload45a.exe infected by "Trojan-Downloader.Win32.Adload.ai" Virus! Action Taken: No Action Taken.
File C:\ex.cab infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\Installer.exe tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\Program Files\FunWebProducts\Installr\3.bin\F3EZSETP.DLL tagged as "not-a-virus:AdWare.Win32.FunWeb.e". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.al". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.af". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.al". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.f". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL tagged as "not-a-virus:AdWare.Win32.IWon.a". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.ad". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.al". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.i". Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\14.tmp infected by "Trojan-Downloader.VBS.Psyme.ac" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\15.tmp infected by "Exploit.VBS.Phel.a" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\16.tmp infected by "Exploit.HTML.Mht" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\17.tmp infected by "Trojan.Java.ClassLoader.c" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\18.tmp infected by "Trojan-Downloader.Win32.Small.arr" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\19.tmp infected by "Trojan-Downloader.Win32.Small.arr" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1A.tmp infected by "Trojan.Java.ClassLoader.c" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1B.tmp infected by "Exploit.HTML.Mht" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1C.tmp infected by "Trojan-Downloader.VBS.Psyme.ac" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1D.tmp infected by "Exploit.VBS.Phel.a" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1E.tmp infected by "Exploit.HTML.Mht" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1F.tmp infected by "Exploit.HTML.CodeBaseExec" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\20.tmp infected by "Trojan-Downloader.JS.Psyme.bi" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\21.tmp infected by "Trojan-Downloader.VBS.Psyme.ac" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\22.tmp infected by "Trojan-Downloader.Win32.Small.arr" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\23.tmp infected by "Backdoor.Win32.Rbot.af" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\24.tmp infected by "Backdoor.Win32.Aimbot.cs" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\25.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\26.tmp infected by "Backdoor.Win32.Aimbot.cs" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\27.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\2E.tmp infected by "Backdoor.Win32.Rbot.af" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\3.tmp infected by "Trojan-Downloader.Win32.TSUpdate.o" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\30.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\5.tmp infected by "Trojan-Downloader.Win32.Small.buy" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\55.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\7D9.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\8.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\99.tmp infected by "Trojan-Downloader.Java.OpenStream.w" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\9A.tmp infected by "Trojan-Downloader.Win32.Small.buy" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\9B.tmp infected by "Trojan-Downloader.Win32.TSUpdate.o" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\B.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\LUP.EXE infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\LUP_930.VI0 infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\lup_930.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\LUP_970.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\lup_98c.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc_970.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc_980.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\MSSVCC_988.VI0 infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc_988.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Windows Media Player\wmplayer.exe.tmp infected by "Trojan-Downloader.Win32.Small.anf" Virus! Action Taken: No Action Taken.
File C:\Program Files\Yazzle Sudoku\Sudoku.exe infected by "Trojan-Dropper.Win32.VB.kk" Virus! Action Taken: No Action Taken.
File C:\sk02.exe infected by "Trojan-Clicker.Win32.Small.jf" Virus! Action Taken: No Action Taken.
File C:\Veracruz.exe infected by "Trojan-Dropper.Win32.VB.kk" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\DH.dll infected by "Trojan-Clicker.Win32.Small.jf" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\icont.exe tagged as "not-a-virus:AdWare.Win32.AdURL.c". Action Taken: No Action Taken.
File C:\WINDOWS\iconu.exe tagged as "not-a-virus:AdWare.Win32.Zestyfind". Action Taken: No Action Taken.
File C:\WINDOWS\internt.exe infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\eid.exe infected by "Trojan-Downloader.Win32.Small.buu" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\f3PSSavr.scr tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\WINDOWS\system32\htgako.dll tagged as "not-a-virus:AdWare.Win32.PurityScan.ak". Action Taken: No Action Taken.
File C:\WINDOWS\system32\IcagXRA7.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\lncalui.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\mssecure.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
Napodruhy uz se mi ten MWAV scan povedl, vysledek je tady:
File C:\WINDOWS\system32\mrimsg.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\wjcsvc.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\guard.tmp tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\Documents and Settings\Patrik\Plocha\ccsetup128.exe tagged as not-a-virus:RiskTool.Win32.PsKill.n. No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearchemailplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cws.loadadv.400 Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearchemailplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "clickspring Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funweb Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mywebsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "paymite Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "downloadplus Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mwsoemon Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "casinoclient Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "tencent qq Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ezula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "casinoclient Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "tencent qq Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\WINDOWS\DH.dll infected by "Trojan-Clicker.Win32.Small.jf" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\icont.exe tagged as "not-a-virus:AdWare.Win32.AdURL.c". Action Taken: No Action Taken.
File C:\WINDOWS\iconu.exe tagged as "not-a-virus:AdWare.Win32.Zestyfind". Action Taken: No Action Taken.
File C:\WINDOWS\internt.exe infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\eid.exe infected by "Trojan-Downloader.Win32.Small.buu" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\f3PSSavr.scr tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\WINDOWS\System32\htgako.dll tagged as "not-a-virus:AdWare.Win32.PurityScan.ak". Action Taken: No Action Taken.
File C:\WINDOWS\System32\IcagXRA7.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\System32\lncalui.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\System32\mssecure.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temp\ICD1.tmp\epl.exe infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[1].mrdani.com.exe tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[2].mrdani.com.exe tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].chm tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].exe tagged as "not-a-virus:Porn-Dialer.Win32.FreeFoto". Action Taken: No Action Taken.
File C:\Documents and Settings\David\lup.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Patrik\Plocha\ccsetup128.exe tagged as not-a-virus:RiskTool.Win32.PsKill.n. No Action Taken.
File C:\drsmartload45a.exe infected by "Trojan-Downloader.Win32.Adload.ai" Virus! Action Taken: No Action Taken.
File C:\ex.cab infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\Installer.exe tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\Program Files\FunWebProducts\Installr\3.bin\F3EZSETP.DLL tagged as "not-a-virus:AdWare.Win32.FunWeb.e". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.al". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.af". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.al". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.f". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL tagged as "not-a-virus:AdWare.Win32.IWon.a". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.ad". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.an". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.al". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.i". Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\14.tmp infected by "Trojan-Downloader.VBS.Psyme.ac" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\15.tmp infected by "Exploit.VBS.Phel.a" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\16.tmp infected by "Exploit.HTML.Mht" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\17.tmp infected by "Trojan.Java.ClassLoader.c" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\18.tmp infected by "Trojan-Downloader.Win32.Small.arr" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\19.tmp infected by "Trojan-Downloader.Win32.Small.arr" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1A.tmp infected by "Trojan.Java.ClassLoader.c" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1B.tmp infected by "Exploit.HTML.Mht" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1C.tmp infected by "Trojan-Downloader.VBS.Psyme.ac" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1D.tmp infected by "Exploit.VBS.Phel.a" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1E.tmp infected by "Exploit.HTML.Mht" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\1F.tmp infected by "Exploit.HTML.CodeBaseExec" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\20.tmp infected by "Trojan-Downloader.JS.Psyme.bi" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\21.tmp infected by "Trojan-Downloader.VBS.Psyme.ac" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\22.tmp infected by "Trojan-Downloader.Win32.Small.arr" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\23.tmp infected by "Backdoor.Win32.Rbot.af" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\24.tmp infected by "Backdoor.Win32.Aimbot.cs" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\25.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\26.tmp infected by "Backdoor.Win32.Aimbot.cs" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\27.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\2E.tmp infected by "Backdoor.Win32.Rbot.af" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\3.tmp infected by "Trojan-Downloader.Win32.TSUpdate.o" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\30.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\5.tmp infected by "Trojan-Downloader.Win32.Small.buy" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\55.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\7D9.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\8.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\99.tmp infected by "Trojan-Downloader.Java.OpenStream.w" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\9A.tmp infected by "Trojan-Downloader.Win32.Small.buy" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\9B.tmp infected by "Trojan-Downloader.Win32.TSUpdate.o" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\B.tmp infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\LUP.EXE infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\LUP_930.VI0 infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\lup_930.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\LUP_970.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\lup_98c.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc_970.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc_980.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\MSSVCC_988.VI0 infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Trend Micro\Internet Security\QUARANTINE\mssvcc_988.VIR infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
File C:\Program Files\Windows Media Player\wmplayer.exe.tmp infected by "Trojan-Downloader.Win32.Small.anf" Virus! Action Taken: No Action Taken.
File C:\Program Files\Yazzle Sudoku\Sudoku.exe infected by "Trojan-Dropper.Win32.VB.kk" Virus! Action Taken: No Action Taken.
File C:\sk02.exe infected by "Trojan-Clicker.Win32.Small.jf" Virus! Action Taken: No Action Taken.
File C:\Veracruz.exe infected by "Trojan-Dropper.Win32.VB.kk" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\DH.dll infected by "Trojan-Clicker.Win32.Small.jf" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\icont.exe tagged as "not-a-virus:AdWare.Win32.AdURL.c". Action Taken: No Action Taken.
File C:\WINDOWS\iconu.exe tagged as "not-a-virus:AdWare.Win32.Zestyfind". Action Taken: No Action Taken.
File C:\WINDOWS\internt.exe infected by "Trojan-Downloader.Win32.Agent.yj" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\eid.exe infected by "Trojan-Downloader.Win32.Small.buu" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\system32\f3PSSavr.scr tagged as "not-a-virus:AdWare.Win32.MyWebSearch". Action Taken: No Action Taken.
File C:\WINDOWS\system32\htgako.dll tagged as "not-a-virus:AdWare.Win32.PurityScan.ak". Action Taken: No Action Taken.
File C:\WINDOWS\system32\IcagXRA7.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\lncalui.dll tagged as "not-a-virus:AdWare.Win32.Look2Me.ab". Action Taken: No Action Taken.
File C:\WINDOWS\system32\mssecure.exe infected by "Backdoor.Win32.Agobot.agw" Virus! Action Taken: No Action Taken.
-
mijaja
- Tvůrce článků
-
Level 6.5
- Příspěvky: 4136
- Registrován: září 05
- Bydliště: Zlín
- Pohlaví:
- Stav:
Offline
- Kontakt:
No to je síla!. Takže stáhni si nnnl2mkill. Potom se odpoj od internetu (i ze zástrčky), vypni firewall a rezidentní štíty antivirů a antispyware a spusť nnnl2mkill. Po proběhnutí programu a restartu začni hledat tyhle soubory a bez milosti musí pryč. (i z koše!)
C:\WINDOWS\system32\mrimsg.dll
C:\WINDOWS\system32\wjcsvc.dll
C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\System32\eid.exe
C:\WINDOWS\System32\f3PSSavr.scr
C:\WINDOWS\System32\htgako.dll
C:\WINDOWS\System32\IcagXRA7.dll
C:\WINDOWS\System32\lncalui.dll
C:\WINDOWS\System32\mssecure.exe
C:\WINDOWS\DH.dll
C:\WINDOWS\icont.exe
C:\WINDOWS\iconu.exe
C:\WINDOWS\internt.exe
C:\ex.cab
C:\Installer.exe
C:\drsmartload45a.exe
C:\sk02.exe
C:\Veracruz.exe
C:\Documents and Settings\David\Local Settings\Temp\ICD1.tmp\epl.exe
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[1].mrdani.com.exe - tohle nehledej, ale dej zlikvidovat celý obsah Temporary Internet Files a Temp - ale ve všech profilech a účtech!!!!!
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[2].mrdani.com.exe
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].chm
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].exe
C:\Documents and Settings\David\lup.exe
C:\Program Files\FunWebProducts\Installr\3.bin\F3EZSETP.DLL - tohle nehledej, ale zlikviduj celou složku
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL - tohle taky nehledej, ale zlokviduj celou složku
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\Windows Media Player\wmplayer.exe.tmp - tady pozor, abys vymazal ten správný soubor (má dvě přípony!)
C:\Program Files\Yazzle Sudoku\Sudoku.exe - nemáš to cracknuté? Je v tom taky virus!
C:\Documents and Settings\Patrik\Plocha\ccsetup128.exe - instalačku už nepotřebuješ.
Zlikviduj taky celou karanténu Trend Micra
Pokud se ti nepodaří něco najít, je možné, že to nnnl2mkill už zlikvidoval. Dej sem potom nový log HJT.
C:\WINDOWS\system32\mrimsg.dll
C:\WINDOWS\system32\wjcsvc.dll
C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\System32\eid.exe
C:\WINDOWS\System32\f3PSSavr.scr
C:\WINDOWS\System32\htgako.dll
C:\WINDOWS\System32\IcagXRA7.dll
C:\WINDOWS\System32\lncalui.dll
C:\WINDOWS\System32\mssecure.exe
C:\WINDOWS\DH.dll
C:\WINDOWS\icont.exe
C:\WINDOWS\iconu.exe
C:\WINDOWS\internt.exe
C:\ex.cab
C:\Installer.exe
C:\drsmartload45a.exe
C:\sk02.exe
C:\Veracruz.exe
C:\Documents and Settings\David\Local Settings\Temp\ICD1.tmp\epl.exe
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[1].mrdani.com.exe - tohle nehledej, ale dej zlikvidovat celý obsah Temporary Internet Files a Temp - ale ve všech profilech a účtech!!!!!
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\435N627P\www[2].mrdani.com.exe
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].chm
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\GPMJ816J\www.sex-porno-freefoto.com[1].exe
C:\Documents and Settings\David\lup.exe
C:\Program Files\FunWebProducts\Installr\3.bin\F3EZSETP.DLL - tohle nehledej, ale zlikviduj celou složku
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL - tohle taky nehledej, ale zlokviduj celou složku
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\Windows Media Player\wmplayer.exe.tmp - tady pozor, abys vymazal ten správný soubor (má dvě přípony!)
C:\Program Files\Yazzle Sudoku\Sudoku.exe - nemáš to cracknuté? Je v tom taky virus!
C:\Documents and Settings\Patrik\Plocha\ccsetup128.exe - instalačku už nepotřebuješ.
Zlikviduj taky celou karanténu Trend Micra
Pokud se ti nepodaří něco najít, je možné, že to nnnl2mkill už zlikvidoval. Dej sem potom nový log HJT.
Vse jsem udelal, tady je log:
Logfile of HijackThis v1.99.1
Scan saved at 17:06:28, on 12.4.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Patrik\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Oswb] "C:\DOCUME~1\Patrik\DOKUME~1\RACLE~1\javaw.exe" -vt yazr
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of HijackThis v1.99.1
Scan saved at 17:06:28, on 12.4.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Patrik\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [Oswb] "C:\DOCUME~1\Patrik\DOKUME~1\RACLE~1\javaw.exe" -vt yazr
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti