Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Avast SecureLine: Odpojené
Moderátoři: james008, JaRon, Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Avast SecureLine: Odpojené
Zdravím, mám problém s avastom. Dole mi ukazuje ikonku že "Avast SecureLine: Odpojené" ale pritom internet mám zapojený a funguje ale nie v avaste. Pred pár dňami som si aktivoval skušobný antivírus, ktorý bol na 30 dní potom mi to odpojilo odinštalovalo a od vtedy sa to začalo skúsil som CCleaner vyčistiť nič sa nestalo, stále to ukazuje odinštaloval som to 2 krát a znovu nainštaloval základný balík a stále to ukazuje. Problém je v tom že mi to robí v PC ale aj bratovy na notebooku ked si premiestny internetový kábel, opera mu ide pomaly a píše tiež "Avast SecureLine: Odpojené". Problém je v tom že mi v nejakých intervaloch seká hra a tiež nemôžem aktualizovať avast ani prihlásiť sa. Pomôžte mi.
Re: Avast SecureLine: Odpojené
Zdravim 
Pouzijte avastclear.exe https://www.avast.com/cs-cz/uninstall-utility
Pak vycistete znovu CCleanerem, vcetne registru a zkuste opet nainstalovat Avast free https://www.avast.com/cs-cz/download-th ... cale=cs-cz
Kdyz to nepomuze, dejte vedet, zkusime to odpalit rucne.
Pouzijte avastclear.exe https://www.avast.com/cs-cz/uninstall-utility Pak vycistete znovu CCleanerem, vcetne registru a zkuste opet nainstalovat Avast free https://www.avast.com/cs-cz/download-th ... cale=cs-czKdyz to nepomuze, dejte vedet, zkusime to odpalit rucne.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
Stále to ukazuje. Urobil som to tak ako ste napísali. Pozerám teraz tému nižšie vidím že taký istý problém mal ten chlapík. Ako vypnem tie štíty alebo presnejšie popísať?
Re: Avast SecureLine: Odpojené
Spustte Avast, vlevo dole kliknete na Nastaveni a dale Aktivni ochrana. Tam budou stity.Boris píše:Ako vypnem tie štíty
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
Tu je FRST.txt a mám 32 bitov.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by PC (administrator) on PC-FEC689E48AF7 on 19-02-2015 19:31:43
Running from C:\Documents and Settings\PC\Desktop
Loaded Profiles: PC (Available profiles: PC & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Angličtina (USA)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(VIA Technologies) C:\Program Files\VIA\RAID\raid_tool.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTTrayp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-11-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RaidTool] => C:\Program Files\VIA\RAID\raid_tool.exe [589824 2004-10-11] (VIA Technologies)
HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2006-09-22] (S3 Graphics, Inc.)
HKLM\...\Run: [VTTrayp] => C:\WINDOWS\system32\VTtrayp.exe [200704 2007-08-28] (S3 Graphics Co., Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2015-02-19] (AVAST Software)
HKLM\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c2ed83cd-36d3-4b2c-868a-c7bb9cffbf4e.exe [183232 2015-02-19] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\MountPoints2: {c41db3c0-8e86-11e4-800a-0019db5e7710} - E:\Startme.exe
HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\MountPoints2: {cd16cae2-869f-11e2-a5c6-0019db5e7710} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fargus.com/
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.searchamong.com/searchvie ... s&bar=true
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchamong.com/searchvie ... s&bar=true
URLSearchHook: [S-1-5-21-1275210071-861567501-842925246-1003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchvie ... s&bar=true
SearchScopes: HKLM -> {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchvie ... s&bar=true
SearchScopes: HKU\S-1-5-21-1275210071-861567501-842925246-1003 -> DefaultScope {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKU\S-1-5-21-1275210071-861567501-842925246-1003 -> {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchvie ... s&bar=true
SearchScopes: HKU\S-1-5-21-1275210071-861567501-842925246-1003 -> {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\707t82jd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-19]
FF HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=48&cc=&mi=b07356860000000000000019db5e7710
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR DefaultSearchKeyword: Default -> softonic
CHR DefaultSearchURL: Default -> http://search.softonic.com/INF00176/tb_ ... 19db5e7710
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.91\pdf.dll No File
CHR Plugin: (Delta Toolbar) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\DeltaChromeToolbar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-06]
CHR Extension: (Google Drive) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-02]
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-06]
CHR Extension: (Google Search) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-06]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-06]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-19]
CHR HKLM\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files\TornTV.com\torn11.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files\FTDownloader.com\FTDownloader10.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-19] (AVAST Software)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4027840 2007-03-08] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-02-19] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73480 2015-02-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-02-19] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-02-19] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-02-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-02-19] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-02-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-02-19] ()
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-30] (Disc Soft Ltd)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2013-10-14] (LogMeIn, Inc.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [324096 2013-11-30] (Duplex Secure Ltd.)
R2 SVKP; C:\WINDOWS\system32\SVKP.sys [2368 2013-05-08] (AntiCracking) [File not signed]
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
R3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [283008 2007-09-28] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R0 viamraid; C:\WINDOWS\System32\DRIVERS\viamraid.sys [60672 2004-07-07] (VIA Technologies inc,.ltd)
U3 a3831ix7; C:\WINDOWS\system32\Drivers\a3831ix7.sys [0 ] (VIA Technologies inc,.ltd) <==== ATTENTION (zero size file/folder)
S3 AIDA64Driver; \??\E:\AIDA64\kerneld.x32 [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 19:31 - 2015-02-19 19:32 - 00014501 _____ () C:\Documents and Settings\PC\Desktop\FRST.txt
2015-02-19 19:31 - 2015-02-19 19:31 - 00029696 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\MSGBOX.EXE
2015-02-19 19:31 - 2015-02-19 19:31 - 00015327 _____ () C:\Documents and Settings\PC\Desktop\LM.bat
2015-02-19 19:30 - 2015-02-19 19:30 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\PC\Desktop\FRSTLauncher.exe
2015-02-19 19:25 - 2015-02-19 19:31 - 00000000 ____D () C:\FRST
2015-02-19 19:24 - 2015-02-19 19:25 - 01126400 _____ (Farbar) C:\Documents and Settings\PC\Desktop\FRST.exe
2015-02-19 15:18 - 2015-02-19 15:18 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2015-02-19 15:18 - 2015-02-19 15:18 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\AVAST Software
2015-02-19 15:17 - 2015-02-19 15:17 - 00001731 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-02-19 15:17 - 2015-02-19 15:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2015-02-19 15:16 - 2015-02-19 15:24 - 00000356 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-19 15:16 - 2015-02-19 15:17 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-02-19 15:16 - 2015-02-19 15:17 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-02-19 15:16 - 2015-02-19 15:17 - 00073480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1424355440156
2015-02-19 15:16 - 2015-02-19 15:16 - 00422760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1424355436250
2015-02-19 15:16 - 2015-02-19 15:16 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-02-19 15:16 - 2015-02-19 15:16 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.1424355442953
2015-02-19 15:16 - 2015-02-19 15:16 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-02-19 15:16 - 2015-02-19 15:16 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-02-19 15:11 - 2015-02-19 15:11 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-19 15:10 - 2015-02-19 15:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-01-27 16:04 - 2015-01-27 16:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 19:32 - 2013-03-05 23:09 - 00000000 ____D () C:\Documents and Settings\PC\Local Settings\Temp
2015-02-19 19:30 - 2013-03-06 20:03 - 00000000 ___RD () C:\Documents and Settings\PC\My Documents\Boris
2015-02-19 19:21 - 2013-03-07 04:11 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-19 18:58 - 2013-03-06 19:13 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 18:05 - 2014-07-31 15:37 - 00000000 ____D () C:\Documents and Settings\PC\Desktop\Gothic 2 Gold
2015-02-19 17:20 - 2013-03-07 14:16 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\Skype
2015-02-19 17:18 - 2014-12-02 19:00 - 00002273 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2015-02-19 16:33 - 2014-05-25 18:02 - 00000370 _____ () C:\WINDOWS\Tasks\update-sys.job
2015-02-19 15:58 - 2014-05-25 18:02 - 00000370 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-1275210071-861567501-842925246-1003.job
2015-02-19 15:57 - 2013-03-06 19:13 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 15:40 - 2013-03-06 22:05 - 00000000 ___RD () C:\Documents and Settings\PC\My Documents\Preberanie
2015-02-19 15:09 - 2013-03-05 23:09 - 00000000 ____D () C:\Documents and Settings\PC
2015-02-19 15:08 - 2013-03-05 22:59 - 01965671 ____N () C:\WINDOWS\WindowsUpdate.log
2015-02-19 15:07 - 2013-03-05 23:08 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-19 15:07 - 2013-03-05 14:45 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2015-02-19 15:07 - 2013-03-05 14:45 - 00000051 ____N () C:\WINDOWS\wiaservc.log
2015-02-19 15:07 - 2001-08-18 12:00 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-19 15:05 - 2013-03-05 23:09 - 00000178 ___SH () C:\Documents and Settings\PC\ntuser.ini
2015-02-19 15:03 - 2013-03-05 14:40 - 00000211 ___SH () C:\boot.ini
2015-02-19 15:01 - 2013-03-06 22:08 - 00000000 ___RD () C:\Documents and Settings\PC\My Documents\Filmy
2015-02-19 07:30 - 2013-03-05 23:08 - 00032568 ____N () C:\WINDOWS\SchedLgU.Txt
2015-02-18 20:09 - 2013-03-06 19:56 - 00096768 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 17:08 - 2013-08-28 14:58 - 00000000 ____D () C:\Program Files\Steam
2015-02-18 17:08 - 2013-03-16 13:52 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\uTorrent
2015-02-18 17:06 - 2013-05-08 10:33 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-16 17:00 - 2014-06-01 07:24 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\Dropbox
2015-02-16 16:40 - 2013-11-02 16:40 - 00000000 ____D () C:\Documents and Settings\PC\Local Settings\Application Data\temp
2015-02-14 14:25 - 2014-01-18 17:35 - 00000000 ____D () C:\Documents and Settings\PC\Desktop\Call of Duty United Offensive
2015-02-09 19:56 - 2014-09-29 17:09 - 00000000 ____D () C:\Program Files\Valve
2015-02-09 16:51 - 2013-10-08 17:34 - 00000000 ____D () C:\Documents and Settings\PC\Desktop\Warcraft III
2015-02-06 08:50 - 2013-03-06 19:15 - 00001825 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-02-05 17:21 - 2013-03-07 04:11 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 17:21 - 2013-03-07 04:11 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-29 15:19 - 2014-12-07 19:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-21 18:12 - 2013-03-06 23:01 - 00002565 _____ () C:\Documents and Settings\PC\Desktop\Microsoft Office Word 2007.lnk
2015-01-20 19:16 - 2014-08-30 12:56 - 00000000 ____D () C:\Documents and Settings\PC\Local Settings\Application Data\Adobe
==================== Files in the root of some directories =======
2013-03-06 19:56 - 2015-02-18 20:09 - 0096768 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-19 19:31 - 2015-02-19 19:31 - 0029696 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\MSGBOX.EXE
2014-05-25 18:02 - 2014-05-25 18:02 - 0000003 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\updater.log
2014-05-25 18:02 - 2014-05-31 11:08 - 0000059 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\UserProducts.xml
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 04:42] - [2013-04-08 15:26] - 0507904 ____A (Microsoft Corporation) 679a7259741f6a09994f02ce261b5f2e
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Tu je Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by PC at 2015-02-19 19:35:11
Running from C:\Documents and Settings\PC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Counter-Strike 1.6 Non-Steam v42b (HKLM\...\Counter-Strike 1.6 Non-Steam v42b Full Client_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
EAX Unified (HKLM\...\EAX Unified) (Version: - )
GameRanger (HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Gothic II - Modification Development Kit (HKLM\...\G2MDK) (Version: 2.6 - Piranha Bytes)
Gothic_Patch (HKLM\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
GOTHIC2 - ADDON_RETURNING (HKLM\...\GOTHIC2 - ADDON_RETURNING) (Version: 1.0 - T&G MOD TEAM © 2005 - 2008)
Khorana Prolog (HKLM\...\Khorana Prolog) (Version: 1.00 - Khorana ModTeam)
Lightshot-5.1.3.0 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.3.0 - Skillbrains)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 35.0.1 (x86 sk)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
Pirazstories (HKLM\...\Pirazstories) (Version: 1.0 - Orcjäger)
Platform (Version: 1.6 - VIA Technologies, Inc.) Hidden
Praetorians (HKLM\...\{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}) (Version: - Pyro Studios)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.34 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SimCity 3000 (HKLM\...\SimCity 3000) (Version: - )
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.6 - VIA Technologies, Inc.)
VIA/S3G Display Driver 6.14.10.0380 (HKLM\...\VIA/S3G UniChrome Family Win2K/XP/Server2003 Display) (Version: - )
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Život Pirátů (HKLM\...\{EA9680B6-FAC6-46D0-95CF-DA6E36C7EA98}) (Version: 1.00.0000 - Název společnosti:)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-01-2015 18:37:08 avast! antivirus system restore point
26-01-2015 19:19:38 Kontrolný bod systému
09-02-2015 16:46:44 Revo Uninstaller's restore point - iLivid
09-02-2015 16:53:24 Revo Uninstaller's restore point - MyPC Backup
11-02-2015 15:54:55 Revo Uninstaller's restore point - Avast Internet Security
11-02-2015 19:38:29 Revo Uninstaller's restore point - Synthesia
11-02-2015 19:43:34 Revo Uninstaller's restore point - Synthesia
12-02-2015 19:07:13 avast! antivirus system restore point
12-02-2015 19:11:45 Revo Uninstaller's restore point - Weihnachtsmod 2008
14-02-2015 13:12:15 Revo Uninstaller's restore point - GothicSourcer 3.10
15-02-2015 13:16:19 Kontrolný bod systému
16-02-2015 16:28:14 Revo Uninstaller's restore point - Avast Free Antivirus
16-02-2015 16:32:34 Revo Uninstaller's restore point - Avast Free Antivirus
16-02-2015 16:33:06 avast! antivirus system restore point
16-02-2015 16:49:14 avast! antivirus system restore point
18-02-2015 16:49:57 Revo Uninstaller's restore point - Avast Free Antivirus
18-02-2015 16:51:46 avast! antivirus system restore point
18-02-2015 17:14:30 avast! antivirus system restore point
19-02-2015 15:11:00 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-18 12:00 - 2014-04-01 19:40 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1275210071-861567501-842925246-1003.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-19 15:16 - 2015-02-19 15:16 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021900\algo.dll
2015-02-19 15:16 - 2015-02-19 15:16 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-27 16:04 - 2015-01-27 16:05 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2008-04-14 04:42 - 2013-01-02 07:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2008-04-14 04:41 - 2008-04-14 04:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 04:42 - 2008-04-14 04:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2015-02-05 17:21 - 2015-02-05 17:21 - 16852144 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1275210071-861567501-842925246-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1275210071-861567501-842925246-1589 - Limited - Enabled)
Guest (S-1-5-21-1275210071-861567501-842925246-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1275210071-861567501-842925246-1000 - Limited - Disabled)
PC (S-1-5-21-1275210071-861567501-842925246-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PC
SUPPORT_388945a0 (S-1-5-21-1275210071-861567501-842925246-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/08/2015 03:23:17 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt> s chybou: Operácia sa vrátila, pretože uplynul časový limit.
Error: (01/29/2015 08:46:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie plugin-container.exe, verzia 35.0.1.5500, zlyhanie modulu mozalloc.dll, verzia 35.0.1.5500, adresa zlyhania 0x00001425.
Spracováva sa udalosť viažuca sa konkrétne médium pre [plugin-container.exe!ws!]
Error: (01/08/2015 06:38:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikácia Gothic2.exe, verzia 2.6.0.0, zablokovaný modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error: (01/01/2015 04:01:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie hl.exe, verzia 1.1.0.8, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [hl.exe!ws!]
Error: (12/31/2014 06:21:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie hl.exe, verzia 1.1.0.8, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [hl.exe!ws!]
Error: (12/31/2014 10:18:44 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt> s chybou: Operácia sa vrátila, pretože uplynul časový limit.
Error: (12/30/2014 11:57:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie cracktro.exe, verzia 0.0.0.0, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [cracktro.exe!ws!]
Error: (12/29/2014 02:41:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie cracktro.exe, verzia 0.0.0.0, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [cracktro.exe!ws!]
Error: (12/06/2014 07:30:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie plugin-container.exe, verzia 34.0.0.5442, zlyhanie modulu mozalloc.dll, verzia 34.0.0.5442, adresa zlyhania 0x00001425.
Spracováva sa udalosť viažuca sa konkrétne médium pre [plugin-container.exe!ws!]
Error: (12/06/2014 11:07:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikácia Game.exe, verzia 1.0.0.0, zablokovaný modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
System errors:
=============
Error: (02/19/2015 03:05:48 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Server DCOM zistil chybu %%1084 pri pokuse spustiť službu EventSystem s argumentmi
potrebnú na spustenie servera:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby IPSEC driver, od ktorej závisí služba IPSEC Services, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby AFD, od ktorej závisí služba TCP/IP NetBIOS Helper, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby TCP/IP Protocol Driver, od ktorej závisí služba DNS Client, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetBios over Tcpip, od ktorej závisí služba DHCP Client, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:03:35 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Server DCOM zistil chybu %%1084 pri pokuse spustiť službu EventSystem s argumentmi
potrebnú na spustenie servera:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (02/19/2015 03:03:07 PM) (Source: 0) (EventID: 4) (User: )
Description:
Error: (02/19/2015 06:56:56 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (02/17/2015 02:51:36 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of memory in use: 70%
Total physical RAM: 958.48 MB
Available physical RAM: 281.39 MB
Total Pagefile: 1548.56 MB
Available Pagefile: 796.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:76.69 GB) (Free:1.07 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 76.7 GB) (Disk ID: D976CB47)
Partition 1: (Active) - (Size=76.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by PC (administrator) on PC-FEC689E48AF7 on 19-02-2015 19:31:43
Running from C:\Documents and Settings\PC\Desktop
Loaded Profiles: PC (Available profiles: PC & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Angličtina (USA)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(VIA Technologies) C:\Program Files\VIA\RAID\raid_tool.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\VTTrayp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-11-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RaidTool] => C:\Program Files\VIA\RAID\raid_tool.exe [589824 2004-10-11] (VIA Technologies)
HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2006-09-22] (S3 Graphics, Inc.)
HKLM\...\Run: [VTTrayp] => C:\WINDOWS\system32\VTtrayp.exe [200704 2007-08-28] (S3 Graphics Co., Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2015-02-19] (AVAST Software)
HKLM\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c2ed83cd-36d3-4b2c-868a-c7bb9cffbf4e.exe [183232 2015-02-19] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\MountPoints2: {c41db3c0-8e86-11e4-800a-0019db5e7710} - E:\Startme.exe
HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\MountPoints2: {cd16cae2-869f-11e2-a5c6-0019db5e7710} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fargus.com/
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.searchamong.com/searchvie ... s&bar=true
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchamong.com/searchvie ... s&bar=true
URLSearchHook: [S-1-5-21-1275210071-861567501-842925246-1003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchvie ... s&bar=true
SearchScopes: HKLM -> {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchvie ... s&bar=true
SearchScopes: HKU\S-1-5-21-1275210071-861567501-842925246-1003 -> DefaultScope {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKU\S-1-5-21-1275210071-861567501-842925246-1003 -> {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = http://search.searchamong.com/searchvie ... s&bar=true
SearchScopes: HKU\S-1-5-21-1275210071-861567501-842925246-1003 -> {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\707t82jd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-19]
FF HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=48&cc=&mi=b07356860000000000000019db5e7710
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR DefaultSearchKeyword: Default -> softonic
CHR DefaultSearchURL: Default -> http://search.softonic.com/INF00176/tb_ ... 19db5e7710
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.91\pdf.dll No File
CHR Plugin: (Delta Toolbar) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\DeltaChromeToolbar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-06]
CHR Extension: (Google Drive) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-02]
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-06]
CHR Extension: (Google Search) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-06]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-06]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-19]
CHR HKLM\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files\TornTV.com\torn11.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files\FTDownloader.com\FTDownloader10.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-19] (AVAST Software)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4027840 2007-03-08] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-02-19] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73480 2015-02-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-02-19] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-02-19] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-02-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-02-19] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-02-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-02-19] ()
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-30] (Disc Soft Ltd)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2013-10-14] (LogMeIn, Inc.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [324096 2013-11-30] (Duplex Secure Ltd.)
R2 SVKP; C:\WINDOWS\system32\SVKP.sys [2368 2013-05-08] (AntiCracking) [File not signed]
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
R3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [283008 2007-09-28] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
R0 viamraid; C:\WINDOWS\System32\DRIVERS\viamraid.sys [60672 2004-07-07] (VIA Technologies inc,.ltd)
U3 a3831ix7; C:\WINDOWS\system32\Drivers\a3831ix7.sys [0 ] (VIA Technologies inc,.ltd) <==== ATTENTION (zero size file/folder)
S3 AIDA64Driver; \??\E:\AIDA64\kerneld.x32 [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 19:31 - 2015-02-19 19:32 - 00014501 _____ () C:\Documents and Settings\PC\Desktop\FRST.txt
2015-02-19 19:31 - 2015-02-19 19:31 - 00029696 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\MSGBOX.EXE
2015-02-19 19:31 - 2015-02-19 19:31 - 00015327 _____ () C:\Documents and Settings\PC\Desktop\LM.bat
2015-02-19 19:30 - 2015-02-19 19:30 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\PC\Desktop\FRSTLauncher.exe
2015-02-19 19:25 - 2015-02-19 19:31 - 00000000 ____D () C:\FRST
2015-02-19 19:24 - 2015-02-19 19:25 - 01126400 _____ (Farbar) C:\Documents and Settings\PC\Desktop\FRST.exe
2015-02-19 15:18 - 2015-02-19 15:18 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2015-02-19 15:18 - 2015-02-19 15:18 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\AVAST Software
2015-02-19 15:17 - 2015-02-19 15:17 - 00001731 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-02-19 15:17 - 2015-02-19 15:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2015-02-19 15:16 - 2015-02-19 15:24 - 00000356 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-19 15:16 - 2015-02-19 15:17 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-02-19 15:16 - 2015-02-19 15:17 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-02-19 15:16 - 2015-02-19 15:17 - 00073480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1424355440156
2015-02-19 15:16 - 2015-02-19 15:16 - 00422760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1424355436250
2015-02-19 15:16 - 2015-02-19 15:16 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-02-19 15:16 - 2015-02-19 15:16 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.1424355442953
2015-02-19 15:16 - 2015-02-19 15:16 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-02-19 15:16 - 2015-02-19 15:16 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-02-19 15:16 - 2015-02-19 15:16 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-02-19 15:11 - 2015-02-19 15:11 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-19 15:10 - 2015-02-19 15:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-01-27 16:04 - 2015-01-27 16:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 19:32 - 2013-03-05 23:09 - 00000000 ____D () C:\Documents and Settings\PC\Local Settings\Temp
2015-02-19 19:30 - 2013-03-06 20:03 - 00000000 ___RD () C:\Documents and Settings\PC\My Documents\Boris
2015-02-19 19:21 - 2013-03-07 04:11 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-19 18:58 - 2013-03-06 19:13 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 18:05 - 2014-07-31 15:37 - 00000000 ____D () C:\Documents and Settings\PC\Desktop\Gothic 2 Gold
2015-02-19 17:20 - 2013-03-07 14:16 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\Skype
2015-02-19 17:18 - 2014-12-02 19:00 - 00002273 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2015-02-19 16:33 - 2014-05-25 18:02 - 00000370 _____ () C:\WINDOWS\Tasks\update-sys.job
2015-02-19 15:58 - 2014-05-25 18:02 - 00000370 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-1275210071-861567501-842925246-1003.job
2015-02-19 15:57 - 2013-03-06 19:13 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 15:40 - 2013-03-06 22:05 - 00000000 ___RD () C:\Documents and Settings\PC\My Documents\Preberanie
2015-02-19 15:09 - 2013-03-05 23:09 - 00000000 ____D () C:\Documents and Settings\PC
2015-02-19 15:08 - 2013-03-05 22:59 - 01965671 ____N () C:\WINDOWS\WindowsUpdate.log
2015-02-19 15:07 - 2013-03-05 23:08 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-19 15:07 - 2013-03-05 14:45 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2015-02-19 15:07 - 2013-03-05 14:45 - 00000051 ____N () C:\WINDOWS\wiaservc.log
2015-02-19 15:07 - 2001-08-18 12:00 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-19 15:05 - 2013-03-05 23:09 - 00000178 ___SH () C:\Documents and Settings\PC\ntuser.ini
2015-02-19 15:03 - 2013-03-05 14:40 - 00000211 ___SH () C:\boot.ini
2015-02-19 15:01 - 2013-03-06 22:08 - 00000000 ___RD () C:\Documents and Settings\PC\My Documents\Filmy
2015-02-19 07:30 - 2013-03-05 23:08 - 00032568 ____N () C:\WINDOWS\SchedLgU.Txt
2015-02-18 20:09 - 2013-03-06 19:56 - 00096768 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 17:08 - 2013-08-28 14:58 - 00000000 ____D () C:\Program Files\Steam
2015-02-18 17:08 - 2013-03-16 13:52 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\uTorrent
2015-02-18 17:06 - 2013-05-08 10:33 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-16 17:00 - 2014-06-01 07:24 - 00000000 ____D () C:\Documents and Settings\PC\Application Data\Dropbox
2015-02-16 16:40 - 2013-11-02 16:40 - 00000000 ____D () C:\Documents and Settings\PC\Local Settings\Application Data\temp
2015-02-14 14:25 - 2014-01-18 17:35 - 00000000 ____D () C:\Documents and Settings\PC\Desktop\Call of Duty United Offensive
2015-02-09 19:56 - 2014-09-29 17:09 - 00000000 ____D () C:\Program Files\Valve
2015-02-09 16:51 - 2013-10-08 17:34 - 00000000 ____D () C:\Documents and Settings\PC\Desktop\Warcraft III
2015-02-06 08:50 - 2013-03-06 19:15 - 00001825 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-02-05 17:21 - 2013-03-07 04:11 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 17:21 - 2013-03-07 04:11 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-29 15:19 - 2014-12-07 19:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-21 18:12 - 2013-03-06 23:01 - 00002565 _____ () C:\Documents and Settings\PC\Desktop\Microsoft Office Word 2007.lnk
2015-01-20 19:16 - 2014-08-30 12:56 - 00000000 ____D () C:\Documents and Settings\PC\Local Settings\Application Data\Adobe
==================== Files in the root of some directories =======
2013-03-06 19:56 - 2015-02-18 20:09 - 0096768 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-19 19:31 - 2015-02-19 19:31 - 0029696 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\MSGBOX.EXE
2014-05-25 18:02 - 2014-05-25 18:02 - 0000003 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\updater.log
2014-05-25 18:02 - 2014-05-31 11:08 - 0000059 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\UserProducts.xml
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 04:42] - [2013-04-08 15:26] - 0507904 ____A (Microsoft Corporation) 679a7259741f6a09994f02ce261b5f2e
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Tu je Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by PC at 2015-02-19 19:35:11
Running from C:\Documents and Settings\PC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Counter-Strike 1.6 Non-Steam v42b (HKLM\...\Counter-Strike 1.6 Non-Steam v42b Full Client_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
EAX Unified (HKLM\...\EAX Unified) (Version: - )
GameRanger (HKU\S-1-5-21-1275210071-861567501-842925246-1003\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Gothic II - Modification Development Kit (HKLM\...\G2MDK) (Version: 2.6 - Piranha Bytes)
Gothic_Patch (HKLM\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
GOTHIC2 - ADDON_RETURNING (HKLM\...\GOTHIC2 - ADDON_RETURNING) (Version: 1.0 - T&G MOD TEAM © 2005 - 2008)
Khorana Prolog (HKLM\...\Khorana Prolog) (Version: 1.00 - Khorana ModTeam)
Lightshot-5.1.3.0 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.3.0 - Skillbrains)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 35.0.1 (x86 sk)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
Pirazstories (HKLM\...\Pirazstories) (Version: 1.0 - Orcjäger)
Platform (Version: 1.6 - VIA Technologies, Inc.) Hidden
Praetorians (HKLM\...\{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}) (Version: - Pyro Studios)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.34 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SimCity 3000 (HKLM\...\SimCity 3000) (Version: - )
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.6 - VIA Technologies, Inc.)
VIA/S3G Display Driver 6.14.10.0380 (HKLM\...\VIA/S3G UniChrome Family Win2K/XP/Server2003 Display) (Version: - )
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Život Pirátů (HKLM\...\{EA9680B6-FAC6-46D0-95CF-DA6E36C7EA98}) (Version: 1.00.0000 - Název společnosti:)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-01-2015 18:37:08 avast! antivirus system restore point
26-01-2015 19:19:38 Kontrolný bod systému
09-02-2015 16:46:44 Revo Uninstaller's restore point - iLivid
09-02-2015 16:53:24 Revo Uninstaller's restore point - MyPC Backup
11-02-2015 15:54:55 Revo Uninstaller's restore point - Avast Internet Security
11-02-2015 19:38:29 Revo Uninstaller's restore point - Synthesia
11-02-2015 19:43:34 Revo Uninstaller's restore point - Synthesia
12-02-2015 19:07:13 avast! antivirus system restore point
12-02-2015 19:11:45 Revo Uninstaller's restore point - Weihnachtsmod 2008
14-02-2015 13:12:15 Revo Uninstaller's restore point - GothicSourcer 3.10
15-02-2015 13:16:19 Kontrolný bod systému
16-02-2015 16:28:14 Revo Uninstaller's restore point - Avast Free Antivirus
16-02-2015 16:32:34 Revo Uninstaller's restore point - Avast Free Antivirus
16-02-2015 16:33:06 avast! antivirus system restore point
16-02-2015 16:49:14 avast! antivirus system restore point
18-02-2015 16:49:57 Revo Uninstaller's restore point - Avast Free Antivirus
18-02-2015 16:51:46 avast! antivirus system restore point
18-02-2015 17:14:30 avast! antivirus system restore point
19-02-2015 15:11:00 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-18 12:00 - 2014-04-01 19:40 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1275210071-861567501-842925246-1003.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-19 15:16 - 2015-02-19 15:16 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021900\algo.dll
2015-02-19 15:16 - 2015-02-19 15:16 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-27 16:04 - 2015-01-27 16:05 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2008-04-14 04:42 - 2013-01-02 07:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2008-04-14 04:41 - 2008-04-14 04:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 04:42 - 2008-04-14 04:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2015-02-05 17:21 - 2015-02-05 17:21 - 16852144 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1275210071-861567501-842925246-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1275210071-861567501-842925246-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1275210071-861567501-842925246-1589 - Limited - Enabled)
Guest (S-1-5-21-1275210071-861567501-842925246-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1275210071-861567501-842925246-1000 - Limited - Disabled)
PC (S-1-5-21-1275210071-861567501-842925246-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PC
SUPPORT_388945a0 (S-1-5-21-1275210071-861567501-842925246-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/08/2015 03:23:17 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt> s chybou: Operácia sa vrátila, pretože uplynul časový limit.
Error: (01/29/2015 08:46:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie plugin-container.exe, verzia 35.0.1.5500, zlyhanie modulu mozalloc.dll, verzia 35.0.1.5500, adresa zlyhania 0x00001425.
Spracováva sa udalosť viažuca sa konkrétne médium pre [plugin-container.exe!ws!]
Error: (01/08/2015 06:38:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikácia Gothic2.exe, verzia 2.6.0.0, zablokovaný modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error: (01/01/2015 04:01:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie hl.exe, verzia 1.1.0.8, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [hl.exe!ws!]
Error: (12/31/2014 06:21:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie hl.exe, verzia 1.1.0.8, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [hl.exe!ws!]
Error: (12/31/2014 10:18:44 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Pri automatickej aktualizácii zlyhalo načítanie poradového čísla zoznamu základných certifikátov nezávislých vydavateľov z: <http://www.download.windowsupdate.com/m ... ootseq.txt> s chybou: Operácia sa vrátila, pretože uplynul časový limit.
Error: (12/30/2014 11:57:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie cracktro.exe, verzia 0.0.0.0, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [cracktro.exe!ws!]
Error: (12/29/2014 02:41:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie cracktro.exe, verzia 0.0.0.0, zlyhanie modulu unknown, verzia 0.0.0.0, adresa zlyhania 0x00000000.
Spracováva sa udalosť viažuca sa konkrétne médium pre [cracktro.exe!ws!]
Error: (12/06/2014 07:30:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie plugin-container.exe, verzia 34.0.0.5442, zlyhanie modulu mozalloc.dll, verzia 34.0.0.5442, adresa zlyhania 0x00001425.
Spracováva sa udalosť viažuca sa konkrétne médium pre [plugin-container.exe!ws!]
Error: (12/06/2014 11:07:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikácia Game.exe, verzia 1.0.0.0, zablokovaný modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
System errors:
=============
Error: (02/19/2015 03:05:48 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Server DCOM zistil chybu %%1084 pri pokuse spustiť službu EventSystem s argumentmi
potrebnú na spustenie servera:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby IPSEC driver, od ktorej závisí služba IPSEC Services, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby AFD, od ktorej závisí služba TCP/IP NetBIOS Helper, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby TCP/IP Protocol Driver, od ktorej závisí služba DNS Client, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:04:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetBios over Tcpip, od ktorej závisí služba DHCP Client, zlyhalo kvôli nasledujúcej chybe:
%%31
Error: (02/19/2015 03:03:35 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Server DCOM zistil chybu %%1084 pri pokuse spustiť službu EventSystem s argumentmi
potrebnú na spustenie servera:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (02/19/2015 03:03:07 PM) (Source: 0) (EventID: 4) (User: )
Description:
Error: (02/19/2015 06:56:56 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Error: (02/17/2015 02:51:36 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of memory in use: 70%
Total physical RAM: 958.48 MB
Available physical RAM: 281.39 MB
Total Pagefile: 1548.56 MB
Available Pagefile: 796.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:76.69 GB) (Free:1.07 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 76.7 GB) (Disk ID: D976CB47)
Partition 1: (Active) - (Size=76.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Avast SecureLine: Odpojené
Odinstalujte McAfee Security Scan Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
# AdwCleaner v4.111 - Logfile created 20/02/2015 at 18:17:41
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : PC - PC-FEC689E48AF7
# Running from : C:\Documents and Settings\PC\Desktop\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Program Files\SearchAmong
Folder Deleted : C:\Documents and Settings\PC\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\PC\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\PC\Application Data\goforfiles
Folder Deleted : C:\Documents and Settings\PC\Application Data\WebExtend
Folder Deleted : C:\Documents and Settings\PC\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Documents and Settings\PC\Start Menu\Programs\TornTV.com
***** [ Scheduled tasks ] *****
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-1275210071-861567501-842925246-1003
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
***** [ Web browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v35.0.1 (x86 sk)
-\\ Google Chrome v40.0.2214.115
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=b07356860000000000000019db5e7710
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.searchamong.com/searchview.php?source=b352e604db984ca58beca13ded3ca415&query={searchTerms}&cat=webs&bar=true
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 19DB5E7710
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=b07356860000000000000019db5e7710
*************************
AdwCleaner[R0].txt - [5674 bytes] - [20/02/2015 18:07:48]
AdwCleaner[S0].txt - [4726 bytes] - [20/02/2015 18:17:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4785 bytes] ##########
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : PC - PC-FEC689E48AF7
# Running from : C:\Documents and Settings\PC\Desktop\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Program Files\SearchAmong
Folder Deleted : C:\Documents and Settings\PC\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\PC\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\PC\Application Data\goforfiles
Folder Deleted : C:\Documents and Settings\PC\Application Data\WebExtend
Folder Deleted : C:\Documents and Settings\PC\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Documents and Settings\PC\Start Menu\Programs\TornTV.com
***** [ Scheduled tasks ] *****
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-1275210071-861567501-842925246-1003
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
***** [ Web browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v35.0.1 (x86 sk)
-\\ Google Chrome v40.0.2214.115
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=b07356860000000000000019db5e7710
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.searchamong.com/searchview.php?source=b352e604db984ca58beca13ded3ca415&query={searchTerms}&cat=webs&bar=true
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 19DB5E7710
[C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=b07356860000000000000019db5e7710
*************************
AdwCleaner[R0].txt - [5674 bytes] - [20/02/2015 18:07:48]
AdwCleaner[S0].txt - [4726 bytes] - [20/02/2015 18:17:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4785 bytes] ##########
Re: Avast SecureLine: Odpojené
Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
Je mi ľúto ale tento program mi blbne celý PC a ani za svet mi to nespustí a problém je len v avaste mohol by som skúsiť to urobiť tak isto ako ten chlapík pod touto témou že vypnem štíty a odinštalujem avast v núdzovom režime. Mohli by ste mi pomôcť ako to odinštalujem v núdzovom režime a ktoré štíty mám vypnúť?
Re: Avast SecureLine: Odpojené
Zrejme jste MBAM nechal upgradovat na novejsi verzi a ta uz na XP nefunguje. Musi to byt ta starsi, cili 1.75
Jak odinstalovat Avast jsem vam psal jako uplne prvni krok
https://www.avast.com/cs-cz/uninstall-utility
Jak odinstalovat Avast jsem vam psal jako uplne prvni krok
https://www.avast.com/cs-cz/uninstall-utilityPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
Pri inštaláci sa ma to pítalo či aktualizovať tak som to odklikol a dole v ikonke mi písalo že je dostupná nová aktualizácia a nič som nedal a blblo to.
Re: Avast SecureLine: Odpojené
OK. No a co ta odinstalace Avastu?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
Márny pokus. Stále to ukazuje ale skúsil som vypnúť štíty a výkon sa trošku zvýšil ale stále tam bolo obmedzenie výkonu v PC.
Po odinštalovaní mi všetko fungovalo normálne výkon PC bol taký aký má byť až na znovu nainštalovanie avastu.
Po odinštalovaní mi všetko fungovalo normálne výkon PC bol taký aký má byť až na znovu nainštalovanie avastu.
Naposledy upravil(a) Boris dne 21 úno 2015 19:07, celkem upraveno 2 x.
Re: Avast SecureLine: Odpojené
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Avast SecureLine: Odpojené
Môže to mať niečo s týmto spoločné? S tou verziou čo bola na 30 dní?
http://i.imgur.com/jPMcwxh.png
Ďalšie sú problémy aj s aktualizáciou:
http://prntscr.com/681t9s
Tu mi ukázalo toto:
http://prntscr.com/682487
Tu je ComboFix.exe:
ComboFix 15-02-16.01 - PC 21.02.2015 19:31:00.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.958.597 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PC\Local Settings\Application Data\MSGBOX.EXE
c:\documents and settings\PC\WINDOWS
c:\windows\system32\MUI\041b\tourstart.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-01-21 to 2015-02-21 )))))))))))))))))))))))))))))))
.
.
2015-02-21 17:43 . 2015-02-21 17:43 -------- d-----w- c:\windows\jumpshot.com
2015-02-21 17:43 . 2015-02-21 17:43 -------- d-----w- c:\documents and settings\PC\Application Data\AVAST Software
2015-02-21 17:40 . 2015-02-21 17:40 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-02-21 17:40 . 2015-02-21 17:41 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-02-21 17:40 . 2015-02-21 17:40 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-02-21 17:40 . 2015-02-21 17:41 73480 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-02-21 17:40 . 2015-02-21 17:40 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-02-21 17:40 . 2015-02-21 17:40 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-02-21 17:40 . 2015-02-21 17:40 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-02-21 17:40 . 2015-02-21 17:41 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-02-21 17:40 . 2015-02-21 17:40 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-21 17:40 . 2015-02-21 17:40 43152 ----a-w- c:\windows\avastSS.scr
2015-02-21 17:30 . 2015-02-21 17:30 -------- d-----w- c:\program files\AVAST Software
2015-02-21 17:29 . 2015-02-21 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2015-02-21 09:13 . 2015-02-21 09:13 -------- d-----w- c:\documents and settings\PC\Application Data\Malwarebytes
2015-02-21 09:13 . 2015-02-21 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2015-02-20 17:07 . 2015-02-20 17:17 -------- d-----w- C:\AdwCleaner
2015-02-19 18:25 . 2015-02-19 18:36 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 16:21 . 2013-03-07 03:11 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 16:21 . 2013-03-07 03:11 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-29 13:48 . 2013-04-24 12:56 21840 ----atw- c:\windows\system32\SIntfNT.dll
2014-12-29 13:48 . 2013-04-24 12:56 17212 ----atw- c:\windows\system32\SIntf32.dll
2014-12-29 13:48 . 2013-04-24 12:56 12067 ----atw- c:\windows\system32\SIntf16.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-04-08 . 679A7259741F6A09994F02CE261B5F2E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-12-14 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-02-21 17:39 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2004-10-11 589824]
"VTTimer"="VTTimer.exe" [2006-09-22 53248]
"VTTrayp"="VTtrayp.exe" [2007-08-28 200704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-02-21 5227112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Documents and Settings\\PC\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"c:\\Documents and Settings\\PC\\Desktop\\Warcraft III\\Warcraft III.exe"=
"c:\\Documents and Settings\\PC\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Valve\\game.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Documents and Settings\\PC\\Desktop\\Rome Total War\\RomeTW.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Eidos Interactive\\Pyro Studios\\Praetorians\\praetorians.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [21.2.2015 18:40 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [21.2.2015 18:40 206248]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [21.2.2015 18:40 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [21.2.2015 18:40 423784]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [30.11.2013 13:47 243128]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [21.2.2015 18:40 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [21.2.2015 18:40 73480]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [8.5.2013 18:39 2368]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [11.12.2014 10:30 315496]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;\??\e:\aida64\kerneld.x32 --> e:\aida64\kerneld.x32 [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6.3.2013 21:55 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-20 13:58 1084744 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-02-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 16:21]
.
2015-02-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-21 17:39]
.
2015-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-06 18:12]
.
2015-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-06 18:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.fargus.com/
uSearchAssistant = hxxp://www.google.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\707t82jd.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-21 19:40
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AIDA64Driver]
"ImagePath"="\??\e:\aida64\kerneld.x32"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:7f,63,3e,be,ec,25,8e,19,be,a7,92,c6
.
Completion time: 2015-02-21 19:43:00
ComboFix-quarantined-files.txt 2015-02-21 18:42
.
Pre-Run: 7 971 930 112 bytes free
Post-Run: 8 adresárov, 11 782 721 536 voľných bajtov
.
- - End Of File - - 41A1FE7100C810A7DAAD7D63A707A089
8F558EB6672622401DA993E1E865C861
http://i.imgur.com/jPMcwxh.png
Ďalšie sú problémy aj s aktualizáciou:
http://prntscr.com/681t9s
Tu mi ukázalo toto:
http://prntscr.com/682487
Tu je ComboFix.exe:
ComboFix 15-02-16.01 - PC 21.02.2015 19:31:00.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.958.597 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PC\Local Settings\Application Data\MSGBOX.EXE
c:\documents and settings\PC\WINDOWS
c:\windows\system32\MUI\041b\tourstart.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-01-21 to 2015-02-21 )))))))))))))))))))))))))))))))
.
.
2015-02-21 17:43 . 2015-02-21 17:43 -------- d-----w- c:\windows\jumpshot.com
2015-02-21 17:43 . 2015-02-21 17:43 -------- d-----w- c:\documents and settings\PC\Application Data\AVAST Software
2015-02-21 17:40 . 2015-02-21 17:40 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-02-21 17:40 . 2015-02-21 17:41 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-02-21 17:40 . 2015-02-21 17:40 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-02-21 17:40 . 2015-02-21 17:41 73480 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-02-21 17:40 . 2015-02-21 17:40 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-02-21 17:40 . 2015-02-21 17:40 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-02-21 17:40 . 2015-02-21 17:40 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-02-21 17:40 . 2015-02-21 17:41 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-02-21 17:40 . 2015-02-21 17:40 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-21 17:40 . 2015-02-21 17:40 43152 ----a-w- c:\windows\avastSS.scr
2015-02-21 17:30 . 2015-02-21 17:30 -------- d-----w- c:\program files\AVAST Software
2015-02-21 17:29 . 2015-02-21 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2015-02-21 09:13 . 2015-02-21 09:13 -------- d-----w- c:\documents and settings\PC\Application Data\Malwarebytes
2015-02-21 09:13 . 2015-02-21 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2015-02-20 17:07 . 2015-02-20 17:17 -------- d-----w- C:\AdwCleaner
2015-02-19 18:25 . 2015-02-19 18:36 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-05 16:21 . 2013-03-07 03:11 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 16:21 . 2013-03-07 03:11 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-29 13:48 . 2013-04-24 12:56 21840 ----atw- c:\windows\system32\SIntfNT.dll
2014-12-29 13:48 . 2013-04-24 12:56 17212 ----atw- c:\windows\system32\SIntf32.dll
2014-12-29 13:48 . 2013-04-24 12:56 12067 ----atw- c:\windows\system32\SIntf16.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-04-08 . 679A7259741F6A09994F02CE261B5F2E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-12-14 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-02-21 17:39 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2004-10-11 589824]
"VTTimer"="VTTimer.exe" [2006-09-22 53248]
"VTTrayp"="VTtrayp.exe" [2007-08-28 200704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-02-21 5227112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Documents and Settings\\PC\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"c:\\Documents and Settings\\PC\\Desktop\\Warcraft III\\Warcraft III.exe"=
"c:\\Documents and Settings\\PC\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Valve\\game.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Documents and Settings\\PC\\Desktop\\Rome Total War\\RomeTW.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Eidos Interactive\\Pyro Studios\\Praetorians\\praetorians.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [21.2.2015 18:40 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [21.2.2015 18:40 206248]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [21.2.2015 18:40 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [21.2.2015 18:40 423784]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [30.11.2013 13:47 243128]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [21.2.2015 18:40 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [21.2.2015 18:40 73480]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [8.5.2013 18:39 2368]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [11.12.2014 10:30 315496]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;\??\e:\aida64\kerneld.x32 --> e:\aida64\kerneld.x32 [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6.3.2013 21:55 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-20 13:58 1084744 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-02-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 16:21]
.
2015-02-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-21 17:39]
.
2015-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-06 18:12]
.
2015-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-06 18:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.fargus.com/
uSearchAssistant = hxxp://www.google.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\707t82jd.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-02-21 19:40
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AIDA64Driver]
"ImagePath"="\??\e:\aida64\kerneld.x32"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:7f,63,3e,be,ec,25,8e,19,be,a7,92,c6
.
Completion time: 2015-02-21 19:43:00
ComboFix-quarantined-files.txt 2015-02-21 18:42
.
Pre-Run: 7 971 930 112 bytes free
Post-Run: 8 adresárov, 11 782 721 536 voľných bajtov
.
- - End Of File - - 41A1FE7100C810A7DAAD7D63A707A089
8F558EB6672622401DA993E1E865C861
Naposledy upravil(a) Boris dne 21 úno 2015 19:49, celkem upraveno 2 x.
Přispějete na provoz fóra?