Prosím o pomoc napadl mně vir a moc si nevím rady.Pořád mi avast hlasí Win32:Trojan-gen. {Other},nevím co stím.je prý v -C:\WINDOWS\system32\{7395DAF7-15AB-4BBB-9E63-FDB14F9A8228}.exe
-C:\WINDOWS\system32\{B18F2A0A-4351-42C8-BD21-9D596BCF9059}.exe
dík[/b]
Win32:Trojan-gen + Spyware
Win32:Trojan-gen + Spyware
Naposledy upravil(a) FABROS dne 04 srp 2006 22:00, celkem upraveno 3 x.
- El Diablo
- Moderátor
-
Elite Level 11.5
- Příspěvky: 14099
- Registrován: červen 06
- Bydliště: In Hell
- Pohlaví:
- Stav:
Offline
- Kontakt:
RTFM!!! UBCD - Ultimate Boot CD Zkusili jste to vypnout a zapnout? Aneb z PIO do DMA a zpět... :) * Jak provést Clear CMOS
Kdo se moc ptá, málo googlí. Doporučený freeware
i5 3570K, ASRock Z77 Extreme, 16GB Corsair, 120GB SSD Kingston +2TB Samsung, Gigabyte Radeon HD7870, Sharkoon ReX8VE, XL-747H
Kdo se moc ptá, málo googlí. Doporučený freeware
i5 3570K, ASRock Z77 Extreme, 16GB Corsair, 120GB SSD Kingston +2TB Samsung, Gigabyte Radeon HD7870, Sharkoon ReX8VE, XL-747H
- fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Vlož sem log z HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 10:09:14, on 4.8.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rpcc.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskdir.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hak\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.5:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {F2FEBAD8-4D42-496A-9B5E-33976139D69C} - C:\Program Files\MSN Gaming Zone\saledopyk.dll (file missing)
O2 - BHO: (no name) - {F484C398-C71D-4482-8700-A9CCE5D2A0BE} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [gmzlo.exe] C:\WINDOWS\system32\gmzlo.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://host13.nwt.cz/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\..\{67172102-A75C-4275-A62E-C7FE13DA02E2}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O20 - Winlogon Notify: winmmt32 - winmmt32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
doufám,že je to tak správně
Scan saved at 10:09:14, on 4.8.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rpcc.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskdir.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hak\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.5:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {F2FEBAD8-4D42-496A-9B5E-33976139D69C} - C:\Program Files\MSN Gaming Zone\saledopyk.dll (file missing)
O2 - BHO: (no name) - {F484C398-C71D-4482-8700-A9CCE5D2A0BE} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [gmzlo.exe] C:\WINDOWS\system32\gmzlo.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://host13.nwt.cz/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\..\{67172102-A75C-4275-A62E-C7FE13DA02E2}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O17 - HKLM\System\CS1\Services\Tcpip\..\{19A18288-9FD6-4FD7-B4DF-7165428F1528}: NameServer = 85.255.115.238,85.255.112.216
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.238 85.255.112.216
O20 - Winlogon Notify: winmmt32 - winmmt32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
doufám,že je to tak správně
trojan a spywer
Prosím pomoc trojan a spywer.Nechal jsem to ještě jednou projet ad.adwarem,ale obrazovka je teď bílá.Kluci fakt nevím co ztím je,a nejsem žádný velký znalec,na pc se zatím ještě učím!
jak smazat normálně ho odstranit do koše?Jinak co se děje ,už dlouho mně to tu upozorňovalo,že mám toho trojana v počitači a furt upozorňuje,ale jinak nic moc nedělal asi.Jenže jsem mněl problém z hrou a tak mně švagr poradil zastavit avast,no a vzapětí mi naběhlo ,nějaký černo červený obraz něco ve stylu upozornění a bylo tam napsané velkým .....SPYWARE.Tak jsem napsal tady jenže mně to nedalo a zkusil jsem projet ještě ad-adwrem.No a ten něco našel a tak jsem to nechal dát do truhly a vzápětí mi zmyzelo to upozornění ale obrazovkja je teď bílá anic nejde sní udělat.
typ ohrožení, které mwav detekoval
Fri Aug 04 20:33:14 2006 => File C:\WINDOWS\system32\rpcc.exe infected by "Trojan-Proxy.Win32.Dlena.k" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:33:14 2006 => File C:\WINDOWS\system32\taskdir.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:33:18 2006 => File C:\WINDOWS\system32\taskdir.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:33:31 2006 => System found infected with whenu.savenow Spyware/Adware ({c285d18d-43a2-4aef-83fb-bf280e660a97})! Action taken: No Action Taken.
Fri Aug 04 20:33:31 2006 => Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:31 2006 => Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:32 2006 => Object "Wareout adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:32 2006 => Object "Wareout adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:32 2006 => Object "UnSpyPC adware" found in File System! Action Taken: No Action
Fri Aug 04 20:33:32 2006 => Object "whenu.weathercast Spyware/Adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:34 2006 => Entry "HKCR\RunMSC.Loader" refers to invalid object "{9F95F736-0F62-4214-A4B4-CAA6738D4C07}". Action Taken: No Action Taken.
20:33:34 2006 => Entry "HKCR\RunMSC.Loader.1" refers to invalid object "{9F95F736-0F62-4214-A4B4-CAA6738D4C07}". Action Taken: No Action Taken.20:33:35 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""D:\data\cdw32.exe"". Action Taken: No Action Taken.Fri Aug 04 20:33:36 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "HijackThis". Action Taken: No Action Taken.Fri Aug 04 20:33:54 2006 => File C:\WINDOWS\system32\ipod.raw.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:34:22 2006 => File C:\WINDOWS\system32\taskdir.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:34:30 2006 => File C:\WINDOWS\system32\{431BCD12-5B13-4AFC-9307-B479F49F6AE1}.exe infected by "Trojan-Downloader.Win32.Small.buy" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:34:30 2006 => File C:\WINDOWS\system32\{B88B0CA8-559F-45A6-B99E-7EAC414FAF9A}.exe tagged as "not-a-virus:AdWare.Win32.Raze.a". Action Taken: No Action Taken.
ufff,dva jsem ale nenašel
Fri Aug 04 20:33:14 2006 => File C:\WINDOWS\system32\rpcc.exe infected by "Trojan-Proxy.Win32.Dlena.k" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:33:14 2006 => File C:\WINDOWS\system32\taskdir.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:33:18 2006 => File C:\WINDOWS\system32\taskdir.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:33:31 2006 => System found infected with whenu.savenow Spyware/Adware ({c285d18d-43a2-4aef-83fb-bf280e660a97})! Action taken: No Action Taken.
Fri Aug 04 20:33:31 2006 => Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:31 2006 => Object "wareout Adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:32 2006 => Object "Wareout adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:32 2006 => Object "Wareout adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:32 2006 => Object "UnSpyPC adware" found in File System! Action Taken: No Action
Fri Aug 04 20:33:32 2006 => Object "whenu.weathercast Spyware/Adware" found in File System! Action Taken: No Action Taken.
Fri Aug 04 20:33:34 2006 => Entry "HKCR\RunMSC.Loader" refers to invalid object "{9F95F736-0F62-4214-A4B4-CAA6738D4C07}". Action Taken: No Action Taken.
20:33:34 2006 => Entry "HKCR\RunMSC.Loader.1" refers to invalid object "{9F95F736-0F62-4214-A4B4-CAA6738D4C07}". Action Taken: No Action Taken.20:33:35 2006 => Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object ""D:\data\cdw32.exe"". Action Taken: No Action Taken.Fri Aug 04 20:33:36 2006 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "HijackThis". Action Taken: No Action Taken.Fri Aug 04 20:33:54 2006 => File C:\WINDOWS\system32\ipod.raw.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:34:22 2006 => File C:\WINDOWS\system32\taskdir.exe infected by "Packed.Win32.Tibs" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:34:30 2006 => File C:\WINDOWS\system32\{431BCD12-5B13-4AFC-9307-B479F49F6AE1}.exe infected by "Trojan-Downloader.Win32.Small.buy" Virus! Action Taken: No Action Taken.
Fri Aug 04 20:34:30 2006 => File C:\WINDOWS\system32\{B88B0CA8-559F-45A6-B99E-7EAC414FAF9A}.exe tagged as "not-a-virus:AdWare.Win32.Raze.a". Action Taken: No Action Taken.
ufff,dva jsem ale nenašel
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti