Loaris trojan mně našel v registrech tyto trojani:HKCU\Software\Microsoft\Internet Account Manager\Accounts\Bigfoot ---- Registry
trojan.Win32g
----- HKCU\Software\Microsoft\Internet Account Manager\Accounts\VeriSign ---- Registry
trojan.Win32g
----- HKCU\Software\Microsoft\Internet Account Manager\Accounts\WhoWhere ---- Registry
trojan.Win32g
Nemůžu je ale v registrech najít.Může někdo poradit ?Díky
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Mazání v registrech
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Mazání v registrech
Dobrý den 
použijeme kvalitnější program
Malwarebytes' Anti-Malware 
použijeme kvalitnější program
Malwarebytes' Anti-Malware
- Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
- Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
- Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
- Objeví se vám log,který mi sem vložte
- NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Mazání v registrech
Dobrý den
Dvakrát jsem nechal kontrolovat PC ant. programem.Při kontrole disk/F/files došlo k ukončení skenování a vyskočilo hlášení
"V aplikaci Malwarebytes došlo k problému a je třeba ji zavřít".Skenování bylo ukončeno!
Co s tím? Díky.Zdenrs
Dvakrát jsem nechal kontrolovat PC ant. programem.Při kontrole disk/F/files došlo k ukončení skenování a vyskočilo hlášení
"V aplikaci Malwarebytes došlo k problému a je třeba ji zavřít".Skenování bylo ukončeno!
Co s tím? Díky.Zdenrs
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Mazání v registrech
Zkuste udělat v nouzovém režimu(při startu pc mačkejte F8)
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Mazání v registrech
I v nouzovém režimu došlo k přerušení skenování a stejná hláška.
Posílám výsledky z Aviry
Avira AntiVir Premium
Report file date: 13. září 2011 08:06
Scanning for 3364062 virus strains and unwanted programs.
The program is running as a fully functional evaluation version.
Online services are available:
Licensee : zdeněk šturma
Serial number : 2215661863-PEPWE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BEDNA3
Version information:
BUILD.DAT : 10.2.0.728 36208 Bytes 21.7.2011 17:00:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 23.8.2011 10:02:10
AVSCAN.DLL : 10.0.5.0 47464 Bytes 23.8.2011 10:02:10
LUKE.DLL : 10.3.0.5 45416 Bytes 23.8.2011 10:02:10
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.2.2010 21:40:50
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 23.8.2011 10:02:11
AVREG.DLL : 10.3.0.9 88833 Bytes 23.8.2011 10:02:11
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6.11.2009 07:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 12:23:52
VBASE002.VDF : 7.11.3.0 1950720 Bytes 9.2.2011 06:32:50
VBASE003.VDF : 7.11.5.225 1980416 Bytes 7.4.2011 10:02:09
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.5.2011 10:02:09
VBASE005.VDF : 7.11.10.251 1788416 Bytes 7.7.2011 10:02:09
VBASE006.VDF : 7.11.13.60 6411776 Bytes 16.8.2011 10:02:09
VBASE007.VDF : 7.11.13.61 2048 Bytes 16.8.2011 10:02:09
VBASE008.VDF : 7.11.13.62 2048 Bytes 16.8.2011 10:02:09
VBASE009.VDF : 7.11.13.63 2048 Bytes 16.8.2011 10:02:09
VBASE010.VDF : 7.11.13.64 2048 Bytes 16.8.2011 10:02:09
VBASE011.VDF : 7.11.13.65 2048 Bytes 16.8.2011 10:02:09
VBASE012.VDF : 7.11.13.66 2048 Bytes 16.8.2011 10:02:09
VBASE013.VDF : 7.11.13.95 166400 Bytes 17.8.2011 10:02:09
VBASE014.VDF : 7.11.13.125 209920 Bytes 18.8.2011 10:02:09
VBASE015.VDF : 7.11.13.157 184832 Bytes 22.8.2011 10:02:09
VBASE016.VDF : 7.11.13.201 128000 Bytes 24.8.2011 15:01:39
VBASE017.VDF : 7.11.13.234 160768 Bytes 25.8.2011 15:01:40
VBASE018.VDF : 7.11.14.16 141312 Bytes 30.8.2011 05:12:44
VBASE019.VDF : 7.11.14.48 133120 Bytes 31.8.2011 05:12:45
VBASE020.VDF : 7.11.14.78 156160 Bytes 2.9.2011 05:44:22
VBASE021.VDF : 7.11.14.109 126976 Bytes 6.9.2011 15:10:44
VBASE022.VDF : 7.11.14.137 131584 Bytes 8.9.2011 15:10:45
VBASE023.VDF : 7.11.14.166 196096 Bytes 12.9.2011 06:05:00
VBASE024.VDF : 7.11.14.167 2048 Bytes 12.9.2011 06:05:00
VBASE025.VDF : 7.11.14.168 2048 Bytes 12.9.2011 06:05:00
VBASE026.VDF : 7.11.14.169 2048 Bytes 12.9.2011 06:05:00
VBASE027.VDF : 7.11.14.170 2048 Bytes 12.9.2011 06:05:00
VBASE028.VDF : 7.11.14.171 2048 Bytes 12.9.2011 06:05:00
VBASE029.VDF : 7.11.14.172 2048 Bytes 12.9.2011 06:05:00
VBASE030.VDF : 7.11.14.173 2048 Bytes 12.9.2011 06:05:00
VBASE031.VDF : 7.11.14.180 70144 Bytes 12.9.2011 06:05:01
Engineversion : 8.2.6.60
AEVDF.DLL : 8.1.2.1 106868 Bytes 10.1.2011 12:23:28
AESCRIPT.DLL : 8.1.3.76 1626490 Bytes 28.8.2011 15:01:58
AESCN.DLL : 8.1.7.2 127349 Bytes 10.1.2011 12:23:28
AESBX.DLL : 8.2.1.34 323957 Bytes 23.8.2011 10:02:09
AERDL.DLL : 8.1.9.15 639348 Bytes 9.9.2011 15:11:01
AEPACK.DLL : 8.2.10.10 684407 Bytes 2.9.2011 05:12:58
AEOFFICE.DLL : 8.1.2.13 201083 Bytes 23.8.2011 10:02:09
AEHEUR.DLL : 8.1.2.167 3690871 Bytes 9.9.2011 15:10:59
AEHELP.DLL : 8.1.17.7 254327 Bytes 23.8.2011 10:02:09
AEGEN.DLL : 8.1.5.9 401780 Bytes 28.8.2011 15:01:44
AEEMU.DLL : 8.1.3.0 393589 Bytes 10.1.2011 12:23:20
AECORE.DLL : 8.1.23.0 196983 Bytes 28.8.2011 15:01:43
AEBB.DLL : 8.1.1.0 53618 Bytes 10.1.2011 12:23:20
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10.1.2011 12:23:34
AVPREF.DLL : 10.0.3.2 44904 Bytes 23.8.2011 10:02:10
AVREP.DLL : 10.0.0.10 174120 Bytes 23.8.2011 10:02:11
AVARKT.DLL : 10.0.26.1 255336 Bytes 23.8.2011 10:02:09
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 23.8.2011 10:02:09
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.6.2010 12:27:24
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10.1.2011 12:23:32
NETNT.DLL : 10.0.0.0 11624 Bytes 17.6.2010 12:27:22
RCIMAGE.DLL : 10.0.0.33 2633064 Bytes 23.8.2011 10:02:08
RCTEXT.DLL : 10.0.63.0 97640 Bytes 23.8.2011 10:02:08
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: Default
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, F:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: Advanced
Start of the scan: 13. září 2011 08:06
Starting search for hidden objects.
HKEY_USERS\S-1-5-21-1960408961-1085031214-725345543-1003\Software\Zepter Software\RegLib\CloneDVD2/2\1
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1960408961-1085031214-725345543-1003\Software\Zepter Software\RegLib\CloneDVD2/2\2
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'rsmsink.exe' - '29' Module(s) have been scanned
Scan process 'Photoshop.exe' - '103' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '118' Module(s) have been scanned
Scan process 'ImApp.exe' - '86' Module(s) have been scanned
Scan process 'IncMail.exe' - '117' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '129' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '81' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'adb.exe' - '36' Module(s) have been scanned
Scan process 'htcUPCTLoader.exe' - '77' Module(s) have been scanned
Scan process 'avcenter.exe' - '70' Module(s) have been scanned
Scan process 'wuauclt.exe' - '34' Module(s) have been scanned
Scan process 'msmsgs.exe' - '47' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'avgnt.exe' - '54' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '39' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '43' Module(s) have been scanned
Scan process 'issch.exe' - '24' Module(s) have been scanned
Scan process 'jusched.exe' - '27' Module(s) have been scanned
Scan process 'Explorer.EXE' - '114' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '54' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '22' Module(s) have been scanned
Scan process 'apache.exe' - '54' Module(s) have been scanned
Scan process 'ScsiAccess.exe' - '6' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'PassThruSvr.exe' - '60' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '31' Module(s) have been scanned
Scan process 'jqs.exe' - '86' Module(s) have been scanned
Scan process 'apache.exe' - '54' Module(s) have been scanned
Scan process 'avguard.exe' - '65' Module(s) have been scanned
Scan process 'AntiSpyWareService.exe' - '23' Module(s) have been scanned
Scan process 'sched.exe' - '45' Module(s) have been scanned
Scan process 'spoolsv.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '169' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '27' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '75' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '674' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'F:\' <Disk2>
F:\Instal\patch & keygen CRUDE\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
F:\Instal\patch & keygen CRUDE\keygen.rar
[0] Archive type: RAR
--> keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
F:\Instal\patch & keygen CRUDE\keygen\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
F:\RECYCLER\S-1-5-21-1960408961-1085031214-725345543-1003\Df25.rar
[0] Archive type: RAR
--> patch & keygen CRUDE\keygen\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
--> patch & keygen CRUDE\keygen.rar
[1] Archive type: RAR
--> keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
Beginning disinfection:
F:\RECYCLER\S-1-5-21-1960408961-1085031214-725345543-1003\Df25.rar
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '4b8aa6a5.qua'.
F:\Instal\patch & keygen CRUDE\keygen\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '53548901.qua'.
F:\Instal\patch & keygen CRUDE\keygen.rar
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '010bd3e9.qua'.
F:\Instal\patch & keygen CRUDE\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '673c9c2b.qua'.
End of the scan: 13. září 2011 09:10
Used time: 57:47 Minute(s)
The scan has been done completely.
15040 Scanned directories
355412 Files were scanned
5 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
4 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
355407 Files not concerned
3721 Archives were scanned
0 Warnings
6 Notes
578324 Objects were scanned with rootkit scan
2 Hidden objects were found
Díky !!
Posílám výsledky z Aviry
Avira AntiVir Premium
Report file date: 13. září 2011 08:06
Scanning for 3364062 virus strains and unwanted programs.
The program is running as a fully functional evaluation version.
Online services are available:
Licensee : zdeněk šturma
Serial number : 2215661863-PEPWE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BEDNA3
Version information:
BUILD.DAT : 10.2.0.728 36208 Bytes 21.7.2011 17:00:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 23.8.2011 10:02:10
AVSCAN.DLL : 10.0.5.0 47464 Bytes 23.8.2011 10:02:10
LUKE.DLL : 10.3.0.5 45416 Bytes 23.8.2011 10:02:10
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.2.2010 21:40:50
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 23.8.2011 10:02:11
AVREG.DLL : 10.3.0.9 88833 Bytes 23.8.2011 10:02:11
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6.11.2009 07:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 12:23:52
VBASE002.VDF : 7.11.3.0 1950720 Bytes 9.2.2011 06:32:50
VBASE003.VDF : 7.11.5.225 1980416 Bytes 7.4.2011 10:02:09
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.5.2011 10:02:09
VBASE005.VDF : 7.11.10.251 1788416 Bytes 7.7.2011 10:02:09
VBASE006.VDF : 7.11.13.60 6411776 Bytes 16.8.2011 10:02:09
VBASE007.VDF : 7.11.13.61 2048 Bytes 16.8.2011 10:02:09
VBASE008.VDF : 7.11.13.62 2048 Bytes 16.8.2011 10:02:09
VBASE009.VDF : 7.11.13.63 2048 Bytes 16.8.2011 10:02:09
VBASE010.VDF : 7.11.13.64 2048 Bytes 16.8.2011 10:02:09
VBASE011.VDF : 7.11.13.65 2048 Bytes 16.8.2011 10:02:09
VBASE012.VDF : 7.11.13.66 2048 Bytes 16.8.2011 10:02:09
VBASE013.VDF : 7.11.13.95 166400 Bytes 17.8.2011 10:02:09
VBASE014.VDF : 7.11.13.125 209920 Bytes 18.8.2011 10:02:09
VBASE015.VDF : 7.11.13.157 184832 Bytes 22.8.2011 10:02:09
VBASE016.VDF : 7.11.13.201 128000 Bytes 24.8.2011 15:01:39
VBASE017.VDF : 7.11.13.234 160768 Bytes 25.8.2011 15:01:40
VBASE018.VDF : 7.11.14.16 141312 Bytes 30.8.2011 05:12:44
VBASE019.VDF : 7.11.14.48 133120 Bytes 31.8.2011 05:12:45
VBASE020.VDF : 7.11.14.78 156160 Bytes 2.9.2011 05:44:22
VBASE021.VDF : 7.11.14.109 126976 Bytes 6.9.2011 15:10:44
VBASE022.VDF : 7.11.14.137 131584 Bytes 8.9.2011 15:10:45
VBASE023.VDF : 7.11.14.166 196096 Bytes 12.9.2011 06:05:00
VBASE024.VDF : 7.11.14.167 2048 Bytes 12.9.2011 06:05:00
VBASE025.VDF : 7.11.14.168 2048 Bytes 12.9.2011 06:05:00
VBASE026.VDF : 7.11.14.169 2048 Bytes 12.9.2011 06:05:00
VBASE027.VDF : 7.11.14.170 2048 Bytes 12.9.2011 06:05:00
VBASE028.VDF : 7.11.14.171 2048 Bytes 12.9.2011 06:05:00
VBASE029.VDF : 7.11.14.172 2048 Bytes 12.9.2011 06:05:00
VBASE030.VDF : 7.11.14.173 2048 Bytes 12.9.2011 06:05:00
VBASE031.VDF : 7.11.14.180 70144 Bytes 12.9.2011 06:05:01
Engineversion : 8.2.6.60
AEVDF.DLL : 8.1.2.1 106868 Bytes 10.1.2011 12:23:28
AESCRIPT.DLL : 8.1.3.76 1626490 Bytes 28.8.2011 15:01:58
AESCN.DLL : 8.1.7.2 127349 Bytes 10.1.2011 12:23:28
AESBX.DLL : 8.2.1.34 323957 Bytes 23.8.2011 10:02:09
AERDL.DLL : 8.1.9.15 639348 Bytes 9.9.2011 15:11:01
AEPACK.DLL : 8.2.10.10 684407 Bytes 2.9.2011 05:12:58
AEOFFICE.DLL : 8.1.2.13 201083 Bytes 23.8.2011 10:02:09
AEHEUR.DLL : 8.1.2.167 3690871 Bytes 9.9.2011 15:10:59
AEHELP.DLL : 8.1.17.7 254327 Bytes 23.8.2011 10:02:09
AEGEN.DLL : 8.1.5.9 401780 Bytes 28.8.2011 15:01:44
AEEMU.DLL : 8.1.3.0 393589 Bytes 10.1.2011 12:23:20
AECORE.DLL : 8.1.23.0 196983 Bytes 28.8.2011 15:01:43
AEBB.DLL : 8.1.1.0 53618 Bytes 10.1.2011 12:23:20
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10.1.2011 12:23:34
AVPREF.DLL : 10.0.3.2 44904 Bytes 23.8.2011 10:02:10
AVREP.DLL : 10.0.0.10 174120 Bytes 23.8.2011 10:02:11
AVARKT.DLL : 10.0.26.1 255336 Bytes 23.8.2011 10:02:09
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 23.8.2011 10:02:09
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.6.2010 12:27:24
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10.1.2011 12:23:32
NETNT.DLL : 10.0.0.0 11624 Bytes 17.6.2010 12:27:22
RCIMAGE.DLL : 10.0.0.33 2633064 Bytes 23.8.2011 10:02:08
RCTEXT.DLL : 10.0.63.0 97640 Bytes 23.8.2011 10:02:08
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: Default
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, F:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: Advanced
Start of the scan: 13. září 2011 08:06
Starting search for hidden objects.
HKEY_USERS\S-1-5-21-1960408961-1085031214-725345543-1003\Software\Zepter Software\RegLib\CloneDVD2/2\1
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1960408961-1085031214-725345543-1003\Software\Zepter Software\RegLib\CloneDVD2/2\2
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'rsmsink.exe' - '29' Module(s) have been scanned
Scan process 'Photoshop.exe' - '103' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '118' Module(s) have been scanned
Scan process 'ImApp.exe' - '86' Module(s) have been scanned
Scan process 'IncMail.exe' - '117' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '129' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '81' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'adb.exe' - '36' Module(s) have been scanned
Scan process 'htcUPCTLoader.exe' - '77' Module(s) have been scanned
Scan process 'avcenter.exe' - '70' Module(s) have been scanned
Scan process 'wuauclt.exe' - '34' Module(s) have been scanned
Scan process 'msmsgs.exe' - '47' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'avgnt.exe' - '54' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '39' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '43' Module(s) have been scanned
Scan process 'issch.exe' - '24' Module(s) have been scanned
Scan process 'jusched.exe' - '27' Module(s) have been scanned
Scan process 'Explorer.EXE' - '114' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '54' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '22' Module(s) have been scanned
Scan process 'apache.exe' - '54' Module(s) have been scanned
Scan process 'ScsiAccess.exe' - '6' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'PassThruSvr.exe' - '60' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '31' Module(s) have been scanned
Scan process 'jqs.exe' - '86' Module(s) have been scanned
Scan process 'apache.exe' - '54' Module(s) have been scanned
Scan process 'avguard.exe' - '65' Module(s) have been scanned
Scan process 'AntiSpyWareService.exe' - '23' Module(s) have been scanned
Scan process 'sched.exe' - '45' Module(s) have been scanned
Scan process 'spoolsv.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '169' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '27' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '75' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '674' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'F:\' <Disk2>
F:\Instal\patch & keygen CRUDE\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
F:\Instal\patch & keygen CRUDE\keygen.rar
[0] Archive type: RAR
--> keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
F:\Instal\patch & keygen CRUDE\keygen\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
F:\RECYCLER\S-1-5-21-1960408961-1085031214-725345543-1003\Df25.rar
[0] Archive type: RAR
--> patch & keygen CRUDE\keygen\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
--> patch & keygen CRUDE\keygen.rar
[1] Archive type: RAR
--> keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
Beginning disinfection:
F:\RECYCLER\S-1-5-21-1960408961-1085031214-725345543-1003\Df25.rar
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '4b8aa6a5.qua'.
F:\Instal\patch & keygen CRUDE\keygen\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '53548901.qua'.
F:\Instal\patch & keygen CRUDE\keygen.rar
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '010bd3e9.qua'.
F:\Instal\patch & keygen CRUDE\keygen.exe
[DETECTION] Is the TR/Agent.tta.8 Trojan
[NOTE] The file was moved to the quarantine directory under the name '673c9c2b.qua'.
End of the scan: 13. září 2011 09:10
Used time: 57:47 Minute(s)
The scan has been done completely.
15040 Scanned directories
355412 Files were scanned
5 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
4 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
355407 Files not concerned
3721 Archives were scanned
0 Warnings
6 Notes
578324 Objects were scanned with rootkit scan
2 Hidden objects were found
Díky !!
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Mazání v registrech
jak to tak čtu,tak je to samý keygen,takže smazat + doporučuji nepoužívat nelegální SW..
Pravidla fora: č.1 a č.2, č.3
Pravidla fora: č.1 a č.2, č.3
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Přispějete na provoz fóra?