Wed Mar 19 16:33:57 2008 => ***** Scanning Registry and File system for Adware/Spyware *****
Wed Mar 19 16:33:58 2008 => Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\spydb.avs, Size: 231546].
Wed Mar 19 16:34:00 2008 => Indexed Spyware Databases Successfully Created...
Wed Mar 19 16:34:02 2008 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Wed Mar 19 16:34:07 2008 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Wed Mar 19 16:34:07 2008 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Wed Mar 19 16:34:07 2008 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Wed Mar 19 16:34:07 2008 => Key found with NULL Character: HKLM\Software\Microsoft\Windows\CurrentVersion\System !!!
Wed Mar 19 16:34:07 2008 => Object "NULLBYTE Spyware/Adware" found in File System! Action Taken: No Action Taken.
Wed Mar 19 16:34:07 2008 => Offending Key found: HKLM\System\CurrentControlSet\Services\nwsapagent !!!
Wed Mar 19 16:34:07 2008 => Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Wed Mar 19 16:34:07 2008 => Offending Key found: HKLM\System\ControlSet001\Services\nwsapagent !!!
Wed Mar 19 16:34:07 2008 => Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Wed Mar 19 16:34:08 2008 => Offending Key found: HKLM\System\ControlSet003\Services\nwsapagent !!!
Wed Mar 19 16:34:08 2008 => Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Wed Mar 19 16:34:09 2008 => Offending file found: C:\WINDOWS\system32\swreg.exe
Wed Mar 19 16:34:09 2008 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Wed Mar 19 16:34:09 2008 => Offending file found: C:\WINDOWS\system32\swsc.exe
Wed Mar 19 16:34:09 2008 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swsc.exe)! Action taken: No Action Taken.
pomoc při odstranění šmejdů (nalezeni v mwav)
Re: pomoc při odstranění šmejdů (nalezeni v mwav)
Todle nám nic nepoví. Stáhni si nejnovější HijackThis udělej log a vlož ho sem. Pak budeme chytřejší.
Re: pomoc při odstranění šmejdů (nalezeni v mwav)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:41:21, on 19.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RevoTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PCTranslator2005\WEBIE.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RevoTaskbarApp] C:\WINDOWS\system32\RevoTask.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F48595F-4660-4423-B495-B44862C2452A}: NameServer = 169.254.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5578B32C-F06D-43C7-9323-2FE87957836E}: NameServer = 217.117.209.1
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
--
End of file - 6816 bytes
Scan saved at 16:41:21, on 19.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RevoTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PCTranslator2005\WEBIE.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RevoTaskbarApp] C:\WINDOWS\system32\RevoTask.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F48595F-4660-4423-B495-B44862C2452A}: NameServer = 169.254.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5578B32C-F06D-43C7-9323-2FE87957836E}: NameServer = 217.117.209.1
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
--
End of file - 6816 bytes
Re: pomoc při odstranění šmejdů (nalezeni v mwav)
mam problém v tom že mi nefungují uživatelské účty ! ( místní uživatelé a účty )
Re: pomoc při odstranění šmejdů (nalezeni v mwav)
prosim o radu !
-
Baron Prášil
- Master Level 7
- Příspěvky: 4882
- Registrován: červen 06
- Pohlaví:
- Stav:
Offline
Re: pomoc při odstranění šmejdů (nalezeni v mwav)
to nevím. v účtech se nevyznám. a tato sekce ani k tomuto není určená.
log je v pořádku. takže doporučuju sekci Windows a můžeš tam dát link sem,třeba někoho něco trkne
log je v pořádku. takže doporučuju sekci Windows a můžeš tam dát link sem,třeba někoho něco trkne
Re: pomoc při odstranění šmejdů (nalezeni v mwav)
21 III 2008 10:22:24 - **********************************************************
21 III 2008 10:22:24 - MicroWorld Anti Virus & Spyware Toolkit Utility.
21 III 2008 10:22:24 - Copyright © 2003-2006, MicroWorld Technologies Inc.
21 III 2008 10:22:24 - **********************************************************
21 III 2008 10:22:24 - Source: D:\Install\Antiviry\Mwav\mwav.exe
21 III 2008 10:22:24 - Verze 9.7.7 (C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\mexe.com)
21 III 2008 10:22:24 - Log soubor: C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\MWAV.LOG
21 III 2008 10:22:24 - Datum a čas posledního testu: 20.03.2008 16:29:42
21 III 2008 10:22:24 - MWAV Registered: FALSE
21 III 2008 10:22:24 - User Account: David Folvarčný (Administrator Mode)
21 III 2008 10:22:24 - OS Type: Windows Workstation
21 III 2008 10:22:24 - OS: Windows XP
21 III 2008 10:22:24 - Ver: Service Pack 2 (Build 2600)
21 III 2008 10:22:24 - Windows Root Folder: C:\WINDOWS
21 III 2008 10:22:24 - Windows Sys32 Folder: C:\WINDOWS\system32
21 III 2008 10:22:24 - Interface0 NameServer: 169.254.0.1
21 III 2008 10:22:24 - Interface1 NameServer: 217.117.209.1
21 III 2008 10:22:24 - Local Fixed Drives: c:\,d:\
21 III 2008 10:22:24 - MWAV Mode: Only Scan files
21 III 2008 10:22:24 - [CREATED ZIP FILE C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\pinfect.zip]
21 III 2008 10:25:33 - ERROR!!! Invalid Entry \??\C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys in SYSTEM\CurrentControlSet\Services\AMDMSRIO...
21 III 2008 10:25:34 - ERROR!!! Invalid Entry system32\DRIVERS\btwhid.sys in SYSTEM\CurrentControlSet\Services\btwhid...
21 III 2008 10:25:41 - ERROR!!! Invalid Entry system32\drivers\ctoss2k.sys in SYSTEM\CurrentControlSet\Services\ossrv...
21 III 2008 10:25:45 - ***** Testování registrů a souborů na přítomnost Adware/Spyware *****
21 III 2008 10:25:45 - Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\spydb.avs, Size: 359872].
21 III 2008 10:25:49 - Indexed Spyware Databases Successfully Created...
21 III 2008 10:25:53 - Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
21 III 2008 10:26:00 - Objekt "gain.gator Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:00 - Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
21 III 2008 10:26:00 - Objekt "gain.gator Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:00 - Key found with NULL Character: HKLM\Software\Microsoft\Windows\CurrentVersion\System !!!
21 III 2008 10:26:00 - Objekt "NULLBYTE Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:00 - Offending Key found: HKLM\System\CurrentControlSet\Services\nwsapagent !!!
21 III 2008 10:26:00 - Objekt "linkmedia Trojan" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:01 - Offending Key found: HKLM\System\ControlSet001\Services\nwsapagent !!!
21 III 2008 10:26:01 - Objekt "linkmedia Trojan" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:01 - Offending Key found: HKLM\System\ControlSet003\Services\nwsapagent !!!
21 III 2008 10:26:01 - Objekt "linkmedia Trojan" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:07 - Offending Registry Entry found: hkey_local_machine\software\microsoft\windows\currentversion\internet settings\zonemap\domains\net-nucleus.com
21 III 2008 10:26:07 - System found infected with mirar Spyware/Adware (hkey_local_machine\software\microsoft\windows\currentversion\internet settings\zonemap\domains\net-nucleus.com)! Action taken: Nic nebylo provedeno.
21 III 2008 10:26:07 - Offending Registry Entry found: hkey_local_machine\software\microsoft\windows\currentversion\explorer\alwaysunloaddll
21 III 2008 10:26:07 - System found infected with regsort Corrupted Adware/Spyware (hkey_local_machine\software\microsoft\windows\currentversion\explorer\alwaysunloaddll)! Action taken: Nic nebylo provedeno.
21 III 2008 10:26:08 - Offending file found: C:\WINDOWS\iun6002.exe
21 III 2008 10:26:08 - System found infected with remacc.multiwebsurv Generic Malware (C:\WINDOWS\iun6002.exe)! Action taken: Nic nebylo provedeno.
22 III 2008 14:03:54 - ***** Test dokončen, kontrolu proveďte na http://www.viry.cz. *****
22 III 2008 14:03:54 - Testovaných objektů: 40154
22 III 2008 14:03:54 - Kritických objektů: 8
22 III 2008 14:03:54 - Celkem vyléčených objektů: 0
22 III 2008 14:03:54 - Celkem přejmenováno: 0
22 III 2008 14:03:54 - Smazaných objektů: 0
22 III 2008 14:03:54 - Celkem chyb: 6
22 III 2008 14:03:54 - Uplynulý čas: 00:05:03
22 III 2008 14:03:54 - Datum vydání databáze: 22 Mar 2008
22 III 2008 14:03:54 - Verze virové databáze: 654299
22 III 2008 14:03:54 - Test je dokončen, kontrolu lze provést na http://www.viry.cz.
21 III 2008 10:22:24 - MicroWorld Anti Virus & Spyware Toolkit Utility.
21 III 2008 10:22:24 - Copyright © 2003-2006, MicroWorld Technologies Inc.
21 III 2008 10:22:24 - **********************************************************
21 III 2008 10:22:24 - Source: D:\Install\Antiviry\Mwav\mwav.exe
21 III 2008 10:22:24 - Verze 9.7.7 (C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\mexe.com)
21 III 2008 10:22:24 - Log soubor: C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\MWAV.LOG
21 III 2008 10:22:24 - Datum a čas posledního testu: 20.03.2008 16:29:42
21 III 2008 10:22:24 - MWAV Registered: FALSE
21 III 2008 10:22:24 - User Account: David Folvarčný (Administrator Mode)
21 III 2008 10:22:24 - OS Type: Windows Workstation
21 III 2008 10:22:24 - OS: Windows XP
21 III 2008 10:22:24 - Ver: Service Pack 2 (Build 2600)
21 III 2008 10:22:24 - Windows Root Folder: C:\WINDOWS
21 III 2008 10:22:24 - Windows Sys32 Folder: C:\WINDOWS\system32
21 III 2008 10:22:24 - Interface0 NameServer: 169.254.0.1
21 III 2008 10:22:24 - Interface1 NameServer: 217.117.209.1
21 III 2008 10:22:24 - Local Fixed Drives: c:\,d:\
21 III 2008 10:22:24 - MWAV Mode: Only Scan files
21 III 2008 10:22:24 - [CREATED ZIP FILE C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\pinfect.zip]
21 III 2008 10:25:33 - ERROR!!! Invalid Entry \??\C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys in SYSTEM\CurrentControlSet\Services\AMDMSRIO...
21 III 2008 10:25:34 - ERROR!!! Invalid Entry system32\DRIVERS\btwhid.sys in SYSTEM\CurrentControlSet\Services\btwhid...
21 III 2008 10:25:41 - ERROR!!! Invalid Entry system32\drivers\ctoss2k.sys in SYSTEM\CurrentControlSet\Services\ossrv...
21 III 2008 10:25:45 - ***** Testování registrů a souborů na přítomnost Adware/Spyware *****
21 III 2008 10:25:45 - Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp\spydb.avs, Size: 359872].
21 III 2008 10:25:49 - Indexed Spyware Databases Successfully Created...
21 III 2008 10:25:53 - Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
21 III 2008 10:26:00 - Objekt "gain.gator Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:00 - Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
21 III 2008 10:26:00 - Objekt "gain.gator Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:00 - Key found with NULL Character: HKLM\Software\Microsoft\Windows\CurrentVersion\System !!!
21 III 2008 10:26:00 - Objekt "NULLBYTE Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:00 - Offending Key found: HKLM\System\CurrentControlSet\Services\nwsapagent !!!
21 III 2008 10:26:00 - Objekt "linkmedia Trojan" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:01 - Offending Key found: HKLM\System\ControlSet001\Services\nwsapagent !!!
21 III 2008 10:26:01 - Objekt "linkmedia Trojan" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:01 - Offending Key found: HKLM\System\ControlSet003\Services\nwsapagent !!!
21 III 2008 10:26:01 - Objekt "linkmedia Trojan" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
21 III 2008 10:26:07 - Offending Registry Entry found: hkey_local_machine\software\microsoft\windows\currentversion\internet settings\zonemap\domains\net-nucleus.com
21 III 2008 10:26:07 - System found infected with mirar Spyware/Adware (hkey_local_machine\software\microsoft\windows\currentversion\internet settings\zonemap\domains\net-nucleus.com)! Action taken: Nic nebylo provedeno.
21 III 2008 10:26:07 - Offending Registry Entry found: hkey_local_machine\software\microsoft\windows\currentversion\explorer\alwaysunloaddll
21 III 2008 10:26:07 - System found infected with regsort Corrupted Adware/Spyware (hkey_local_machine\software\microsoft\windows\currentversion\explorer\alwaysunloaddll)! Action taken: Nic nebylo provedeno.
21 III 2008 10:26:08 - Offending file found: C:\WINDOWS\iun6002.exe
21 III 2008 10:26:08 - System found infected with remacc.multiwebsurv Generic Malware (C:\WINDOWS\iun6002.exe)! Action taken: Nic nebylo provedeno.
22 III 2008 14:03:54 - ***** Test dokončen, kontrolu proveďte na http://www.viry.cz. *****
22 III 2008 14:03:54 - Testovaných objektů: 40154
22 III 2008 14:03:54 - Kritických objektů: 8
22 III 2008 14:03:54 - Celkem vyléčených objektů: 0
22 III 2008 14:03:54 - Celkem přejmenováno: 0
22 III 2008 14:03:54 - Smazaných objektů: 0
22 III 2008 14:03:54 - Celkem chyb: 6
22 III 2008 14:03:54 - Uplynulý čas: 00:05:03
22 III 2008 14:03:54 - Datum vydání databáze: 22 Mar 2008
22 III 2008 14:03:54 - Verze virové databáze: 654299
22 III 2008 14:03:54 - Test je dokončen, kontrolu lze provést na http://www.viry.cz.
Kdo je online
Uživatelé prohlížející si toto fórum: Google [Bot] a 108 hostů