kontrola logu z MWAV

[kony]

Včera jsem poslala ke kontrole omylem celý log namísto vyfiltrovaných chyb. Toto jsou jen výpisy chyb:


Sat Feb 24 08:32:08 2007 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\gator.com !!!
Sat Feb 24 08:32:09 2007 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Feb 24 08:32:09 2007 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sat Feb 24 08:32:09 2007 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Feb 24 08:32:09 2007 => Offending Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\p3p\history\gator.com !!!
Sat Feb 24 08:32:09 2007 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.

Sat Feb 24 08:32:23 2007 => Checking CLSID Reference Entries...
Entry "HKCR\Photoshop.ActionDescriptor" refers to invalid object "{817c4ced-c2e7-4ce6-839b-812940e412b4}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.ActionList" refers to invalid object "{e56c890e-2974-463f-8d39-cedea8bed418}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.ActionReference" refers to invalid object "{a7c190cf-534e-4d85-a844-726762f0fafc}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.BatchOptions" refers to invalid object "{6ef2bc9f-827b-455b-89c9-5ab3aa233790}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.BitmapConversionOptions" refers to invalid object "{b861c213-1a7f-4fe3-a19b-3927ebea7bd8}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.BMPSaveOptions" refers to invalid object "{ebdba1ed-d57d-4ccd-bd9e-cb60e5e6cb07}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.CameraRAWOpenOptions" refers to invalid object "{a35cd676-3f1a-405b-b97b-6fb59011e7e3}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.CMYKColor" refers to invalid object "{41ebbed9-0e3c-45b8-8c78-7b07faf46ad2}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.ContactSheetOptions" refers to invalid object "{d765f6c2-748b-476b-8884-e5118e646179}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.DCS1_SaveOptions" refers to invalid object "{b1c1feb9-c46d-4959-9b92-a962fa41c511}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.DCS2_SaveOptions" refers to invalid object "{61da6070-5785-4c7f-9785-c7036d01b1be}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.EPSOpenOptions" refers to invalid object "{7468f85c-d655-4331-890e-4086c70cf67a}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.EPSSaveOptions" refers to invalid object "{074b66cb-4bef-4a83-a699-77f33d3cd5e0}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.ExportOptionsIllustrator" refers to invalid object "{cacec2f5-ec15-4dfd-8955-244d2a7efe60}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.ExportOptionsSaveForWeb" refers to invalid object "{d434c3c7-5bca-4856-8a21-af46c2147fd0}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GalleryBannerOptions" refers to invalid object "{d5d9c71a-56dc-459d-a433-9b8c334165a5}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GalleryCustomColorOptions" refers to invalid object "{6f3b0065-21db-44a6-bf09-624d88ecf768}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GalleryImagesOptions" refers to invalid object "{26bb16c1-67d1-44a7-aa75-dd2f361352e3}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GalleryOptions" refers to invalid object "{b10d4055-8c78-4c7f-bae7-5b5ffded928a}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GallerySecurityOptions" refers to invalid object "{6a0f1370-78fb-4fbc-b66b-d6a96c9fe7df}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GalleryThumbnailOptions" refers to invalid object "{dff332ed-0c72-416b-b128-5cc5bd888865}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GIFSaveOptions" refers to invalid object "{22f619c0-72b1-46fc-b04b-dc364cd0c33e}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.GrayColor" refers to invalid object "{f6aef75a-66c3-49bf-92c9-4232320a2e47}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.HSBColor" refers to invalid object "{f3831a80-1c6f-4aff-b19a-13b32dae9a28}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.Image.9" refers to invalid object "{3fd07b5f-b17a-4243-949b-94c5a9d2e465}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.IndexedConversionOptions" refers to invalid object "{4f2f6abf-e0ac-4377-8474-b60fcb8e7530}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.JPEGSaveOptions" refers to invalid object "{d9bd1073-009b-48f0-9f6a-5a5fdaf64aba}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.LabColor" refers to invalid object "{f01d4f29-35d6-47b5-9e29-74f033bb70d7}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.LensBlurOptions" refers to invalid object "{bdaac887-cc96-406c-a0b4-32d453df078a}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.NoColor" refers to invalid object "{43e87bef-112a-477c-a4e8-813081732c86}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PathPointInfo" refers to invalid object "{0e2ae636-f285-4493-b504-ea9b96d00c8e}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PDFOpenOptions" refers to invalid object "{5fb84343-d1db-42fa-b5fc-52032cc459c5}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PDFSaveOptions" refers to invalid object "{77ba575e-46fb-4d84-9cb2-968fce815b62}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PhotoCDOpenOptions" refers to invalid object "{a55a5c39-4885-445e-a33f-c4376b87a8ff}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PhotoshopSaveOptions" refers to invalid object "{6814bc96-ed0e-4794-90c8-c50b4c3b25ee}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PICTFileSaveOptions" refers to invalid object "{c815086c-036f-4f99-84e0-b2fb14f0180e}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PicturePackageOptions" refers to invalid object "{8f1e9c09-d03f-4e28-b16c-fbed7540fb92}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PixarSaveOptions" refers to invalid object "{4efd5560-b2a7-43e3-a763-86bfa256c871}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PNGSaveOptions" refers to invalid object "{cac33536-a1f7-4cd3-8e5a-443f4829a2e3}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.PresentationOptions" refers to invalid object "{3a3a8228-fbb4-414d-816b-38b5adfe07c5}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.RawFormatOpenOptions" refers to invalid object "{d0d08dd0-c5f8-4dc7-8d53-51310430c423}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.RawSaveOptions" refers to invalid object "{0ba89c9f-38bd-4061-a23e-43c69e472bae}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.RGBColor" refers to invalid object "{878c878f-617c-46b9-84a7-0fa356d48efe}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.SGIRGBSaveOptions" refers to invalid object "{76de9d01-4d38-4cb8-9c34-5a5e2142c8e2}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.SolidColor" refers to invalid object "{6946b6e1-f949-455f-97d6-9ea68bda11c4}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.SubPathInfo" refers to invalid object "{92a24d3f-8a3f-4825-af4f-5d429a975ffd}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.TargaSaveOptions" refers to invalid object "{ab314690-6bdd-438d-b7d7-c6afc643bee2}". Action Taken: No Action Taken.
Entry "HKCR\Photoshop.TiffSaveOptions" refers to invalid object "{e9d36b87-bd83-4920-aa8b-66acb95ee19a}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\Adobe\Adobe Photoshop CS2\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Program Files\Adobe\Adobe Photoshop CS2\Required\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\msoc.dll" refers to invalid object "C:\Program Files\Microsoft Office\Office". Action Taken: No Action Taken.


Sat Feb 24 08:33:31 2007 => ***** Scanning complete. *****
Sat Feb 24 08:33:31 2007 => Total Objects Scanned: 26664
Sat Feb 24 08:33:31 2007 => Total Critical Objects: 3
Sat Feb 24 08:33:31 2007 => Total Disinfected Objects: 0
Sat Feb 24 08:33:31 2007 => Total Objects Renamed: 0
Sat Feb 24 08:33:31 2007 => Total Deleted Objects: 0
Sat Feb 24 08:33:31 2007 => Total Errors: 55
Sat Feb 24 08:33:31 2007 => Time Elapsed: 00:01:44
Sat Feb 24 08:33:31 2007 => Virus Database Date: 2/23/2007
Sat Feb 24 08:33:31 2007 => Virus Database Count: 272669

Sat Feb 24 08:33:31 2007 => Scan Completed.


Moc se omlouvám a děkuji za radu, jak je odstranit.

[Reklama]

[fredik]

Jestli používáš program SpywareBlaster tak ten log je v pořádku. Nicméně pokud si stáhneš novější verzi Mwav začíná číslem 9 (odkaz na stažení najdeš zde:) provedeš update a spustíš prohlídku přes tlačítko Scan & Clean (nesmíš mít zatrhnutou volbu Scan Only) tak nalezené položky ti Mwav sám odstraní. Tato funkce (co najde odstraní) je v v něm funkční do 31. března.

[Damned]

Vyčisti to podle návodu Fredíka gain.gator je trojan, co máš za antivir, že se ti tam dostal? Přijmi od MWAV i nabídku restartu a kontroly po restartu

[fredik]

Není to žádný trojan

[Damned]

Identifikace souboru je gen,gator.trojan.Win32/Malware. MD5 ti nevezme ani virusstotal

[kony]

Jestli používáš program SpywareBlaster tak ten log je v pořádku. Nicméně pokud si stáhneš novější verzi Mwav začíná číslem 9 (odkaz na stažení najdeš zde:) provedeš update a spustíš prohlídku přes tlačítko Scan & Clean (nesmíš mít zatrhnutou volbu Scan Only) tak nalezené položky ti Mwav sám odstraní. Tato funkce (co najde odstraní) je v v něm funkční do 31. března.

Díky za radu, všechno se mi vyčistilo tou novější versí MWAV, zůstala tam jen jedna chyba. Pro úplnost ji ještě posílám

eb 24 18:11:51 2007 => ***** C:\WINDOWS\system32\Drivers\sptd.sys File Locked!!! Scanning may fail...
Sat Feb 24 18:11:51 2007 => ERROR!!! ScanFile Fails...

eb 24 18:28:26 2007 => Total Objects Scanned: 26384
Sat Feb 24 18:28:26 2007 => Total Critical Objects: 0
Sat Feb 24 18:28:26 2007 => Total Disinfected Objects: 0
Sat Feb 24 18:28:26 2007 => Total Objects Renamed: 0
Sat Feb 24 18:28:26 2007 => Total Deleted Objects: 0
Sat Feb 24 18:28:26 2007 => Total Errors: 1
Sat Feb 24 18:28:26 2007 => Time Elapsed: 00:00:57
Sat Feb 24 18:28:26 2007 => Virus Database Date: 2/24/2007
Sat Feb 24 18:28:26 2007 => Virus Database Count: 273103

Sat Feb 24 18:28:26 2007 => Scan Completed.

Používám AVAST.

Ještě jednou díky.

[fredik]

Ten log je v pořádku jen píše že daný soubor nemohl otevřít protože je zamčený teď přesně nevím ale měl by patřit k Deamon Tools ale nedělej si s tím hlavu.

To Damned: mluvíš tu o něčem jiném než je tu řeč a víš jak na tom jsi a budeš se furt hádat

[kony]

Ten log je v pořádku jen píše že daný soubor nemohl otevřít protože je zamčený teď přesně nevím ale měl by patřit k Deamon Tools ale nedělej si s tím hlavu.

To Damned: mluvíš tu o něčem jiném než je tu řeč a víš jak na tom jsi a budeš se furt hádat

To Fredik: Tak jo, a ještě jednou dík!!!!