VIRY.CZ

Opravdu čisto. V tom případě půjde o některou regulérní aplikaci s přístupem na net. Na zkoušku vypněte aut. aktualizace, příp přeinstalujte antivir.

Dobře, vyzkouším a tak za 2 dny bych se ozval co a jak ?

OK. Jsem tu skoro každý den.

Dobře, ozvu se A děkuji za Váš čas

Zatím není zač.

Tak už mám výsledek. Už to zaznamenal i MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 22.2.2015 2:38:42, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.21.10, 2015.2.22.1,
Protection, 22.2.2015 2:38:42, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 22.2.2015 2:38:42, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 22.2.2015 2:38:42, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 22.2.2015 2:38:50, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 22.2.2015 2:38:51, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 22.2.2015 2:38:51, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Update, 22.2.2015 3:26:33, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.22.1, 2015.2.22.2,
Protection, 22.2.2015 3:26:33, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 22.2.2015 3:26:33, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 22.2.2015 3:26:33, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 22.2.2015 3:26:43, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 22.2.2015 3:26:43, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 22.2.2015 3:26:43, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Scan, 22.2.2015 3:59:32, SYSTEM, UNIVERSE, Manual, Start:22.2.2015 3:26:33, Duration:32 min 58 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 22.2.2015 5:40:51, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.22.2, 2015.2.22.3,
Protection, 22.2.2015 5:40:51, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 22.2.2015 5:40:51, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 22.2.2015 5:40:51, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 22.2.2015 5:40:57, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 22.2.2015 5:40:57, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 22.2.2015 5:40:57, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Detection, 22.2.2015 9:53:20, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 193.107.16.206, 22, Inbound, C:\Windows\System32\svchost.exe,
Detection, 22.2.2015 9:53:21, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 193.107.16.206, 22, Inbound, C:\Windows\System32\svchost.exe,
Detection, 22.2.2015 9:53:21, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 193.107.16.206, 22, Inbound, C:\Windows\System32\svchost.exe,
Detection, 22.2.2015 9:53:21, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 193.107.16.206, 22, Inbound, C:\Windows\System32\svchost.exe,
Detection, 22.2.2015 9:53:21, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 193.107.16.206, 22, Inbound, C:\Windows\System32\svchost.exe,

(end)

Systém se snaží připojit k IP 193.107.16.206 (Seychely). Patrně podvodná stránka. Proveďte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Tak to bude trochu horší. Návod je již starší a rozhraní AVP se poměrně změnilo. Záznamy o infekcích tu sice mám, ovšem, nemám už nikde možnost je uložit a vložit sem. Jediné co by mohlo pomoci jsou sobory v Report složce. Problém je ten, že jsou to soubory typu ENC1, což vidím prvně.

MBAM už ale taky trošku přitvrdil. Všiml jsem si že našel i cosi ve Skypu:

Malwarebytes Anti-Malware
http://www.malwarebytes.org


Update, 23.2.2015 0:54:33, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.22.7, 2015.2.22.8,
Protection, 23.2.2015 0:54:33, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 0:54:33, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 0:54:33, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 0:54:45, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 0:54:45, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 0:54:46, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Scan, 23.2.2015 4:03:54, SYSTEM, UNIVERSE, Manual, Začátek: % 1 23.2.2015, Doba trvání: % 1 min 35 sekund, Sken hrozeb, Dokončeno, 0 Malware odhalení, 0-Malware odhalení,
Detection, 23.2.2015 5:17:10, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 195.24.79.22, 44528, Inbound, C:\Windows\System32\svchost.exe,
Detection, 23.2.2015 5:17:10, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 195.24.79.22, 44528, Inbound, C:\Windows\System32\svchost.exe,
Update, 23.2.2015 5:43:07, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.22.8, 2015.2.23.1,
Protection, 23.2.2015 5:43:08, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 5:43:08, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 5:43:08, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 5:44:04, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 5:44:04, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 5:44:04, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Detection, 23.2.2015 6:12:30, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 178.152.1.87, 22909, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe,
Detection, 23.2.2015 6:12:30, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 178.152.1.87, 22909, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe,
Update, 23.2.2015 8:39:09, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.1, 2015.2.23.2,
Protection, 23.2.2015 8:39:09, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 8:39:09, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 8:39:09, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 8:39:39, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 8:39:39, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 8:39:39, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Update, 23.2.2015 12:31:33, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.2, 2015.2.23.3,
Protection, 23.2.2015 12:31:33, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 12:31:33, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 12:31:33, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 12:32:37, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 12:32:37, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 12:32:38, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Detection, 23.2.2015 13:10:53, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 89.248.172.78, 137, Inbound,
Detection, 23.2.2015 13:10:53, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 89.248.172.78, 137, Inbound,
Detection, 23.2.2015 13:41:27, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 213.55.112.40, 443, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe,
Detection, 23.2.2015 13:41:27, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, IP, 213.55.112.40, 443, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe,
Update, 23.2.2015 16:46:50, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.3, 2015.2.23.4,
Protection, 23.2.2015 16:46:50, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 16:46:50, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 16:46:50, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 16:48:00, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 16:48:00, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 16:48:01, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Update, 23.2.2015 19:33:43, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.4, 2015.2.23.6,
Protection, 23.2.2015 19:33:43, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 19:33:43, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 19:33:45, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 20:04:54, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 20:04:55, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 20:05:17, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Update, 23.2.2015 20:44:11, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.6, 2015.2.23.7,
Protection, 23.2.2015 20:44:12, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 20:44:12, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 20:44:23, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Protection, 23.2.2015 21:05:10, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 21:05:10, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 21:05:16, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Update, 23.2.2015 23:32:34, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.7, 2015.2.23.8,
Protection, 23.2.2015 23:32:37, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 23:32:37, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 23:32:44, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,
Update, 23.2.2015 23:43:58, SYSTEM, UNIVERSE, Scheduler, Malware Database, 2015.2.23.8, 2015.2.23.9,
Protection, 23.2.2015 23:59:48, SYSTEM, UNIVERSE, Protection, Refresh, Success,
Protection, 23.2.2015 23:59:49, SYSTEM, UNIVERSE, Protection, Refresh, Starting,
Protection, 23.2.2015 23:59:51, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Starting,
Protection, 23.2.2015 23:59:54, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Started,
Protection, 23.2.2015 23:59:54, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopping,
Protection, 23.2.2015 23:59:54, SYSTEM, UNIVERSE, Protection, Malicious Website Protection, Stopped,

(end)

OTM zkopírujete třeba na plochu a spustíte. Necháte pracovat a na závěr se ukáže log, který sem zkopírujete. Nic víc. Toto je pořád stejné.

To je ten problém. Log se mi neukázal. Dostal jsem jen upozornění že mám restartovat notebook. Nehledě na to že jsem ho asi 30 minut nechal nabíhat ( Po restartu jsem měl černou plochu a zobrazil se jen příkazový řádek ), musel jsem ho nuceně vypnout a znovu zapnout.

EDIT: Zkusím to tedy znovu, uvidíme jestli něco najde, podle hlášení které zde mám 4 detekované hrozby smazal. (Ikdyž je můžu obnovit v karánténě )
Report

OK.

Toto je první co mi naběhne.
Sken
Nikde tam log ani možnost ho uložit vážně nevidím.

OK. Ten objekt smažte.

Smazáno
Buď se MBAM zbláznil nebo to nebylo vše. Dnes mi blokoval soubor v System32 / wininit.exe. Prý se notebook znovu pokoušel napojit na jinou IP.

Pokud to bylo zablokováno, je vše v pořádku.