Dobrý den, při kontrole superantispy.. se mi objevil vir Gen-Dropper, program to odstranil ale nejsem si jistý jestli úplně, prosím o kontrolu logu.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-02-2015
Ran by uživatel (administrator) on U-F3DA959F89254 on 01-03-2015 13:06:02
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
() C:\WINDOWS\system32\ati2evxx.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(ATI Technologies, Inc.) C:\WINDOWS\system32\atiptaxx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Alcor Micro, Corp.) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Syntek Ltd.) C:\WINDOWS\STK03N\STK03NM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [118784 2001-08-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ATIModeChange] => C:\WINDOWS\system32\Ati2mdxx.exe [28672 2001-09-04] (ATI Technologies, Inc.)
HKLM\...\Run: [AtiPTA] => C:\WINDOWS\system32\atiptaxx.exe [286720 2002-03-12] (ATI Technologies, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Sunkist2k] => C:\Program Files\Multimedia Card Reader\shwicon2k.exe [139264 2005-10-27] (Alcor Micro, Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [196608 2001-11-20] (HP)
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\STK03N PNP Monitor.lnk
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\WINDOWS\STK03N\STK03NM.exe (Syntek Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Vyhledávací stránka = http://www.msn.com/access/allinone.asp
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Úvodní stránka = http://www.microsoft.com/msoffice/
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} http://proxynet.mbudejovice.cz:3333/VatDec.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\7wgvahbn.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @cadenas.de/PARTwebViewer -> C:\Program Files\cadenas\partwebviewer\bin\x86\32\npwebviewerplugins.dll (CADENAS GmbH)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1343024091-1993962763-1708537768-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-06-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-24]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-08]
CHR Extension: (Google Wallet) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-07] (SUPERAntiSpyware.com)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [110592 2002-02-19] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 idsvc; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-01-21] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2011-04-19] (Meetinghouse Data Communications) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-22] ()
R0 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-22] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-22] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-22] ()
S3 AtiDCM; C:\AMD\Support\13-4_xp32_dd_ccc_whql\Bin\atidcmxx.sys [27872 2013-04-11] (Advanced Micro Devices, Inc.)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DCamUSBSTK03N; C:\WINDOWS\System32\DRIVERS\STK03NW2.sys [108544 2009-12-18] (Syntek Ltd.)
R2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [38144 2007-10-09] (Realtek) [File not signed]
R3 FUJ02B1; C:\WINDOWS\System32\DRIVERS\FUJ02B1.sys [5248 2001-08-01] (FUJITSU LIMITED)
R3 LucentSoftModem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [807021 2001-12-18] (Lucent Technologies)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 OkiPar; C:\WINDOWS\System32\DRIVERS\OKIPAR.SYS [40192 2001-10-02] (Oki Data Corporation) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2008-06-27] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2009-04-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 scvad_simple; C:\WINDOWS\System32\drivers\SplitCamAudio.sys [18944 2013-11-01] (Windows (R) Win 7 DDK provider)
S3 silabenm; C:\WINDOWS\System32\DRIVERS\silabenm.sys [47176 2011-10-14] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\DRIVERS\silabser.sys [61312 2011-10-14] (Silicon Laboratories)
S3 slabbus; C:\WINDOWS\System32\DRIVERS\slabbus.sys [52384 2004-03-11] (MCCI) [File not signed]
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [35913 2001-10-24] (SMC)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2013-06-17] () [File not signed]
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [38468 2005-10-27] (Alcor Micro Corp.) [File not signed]
U3 au6nmoz0; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 12:43 - 2015-02-22 12:43 - 00000392 _____ () C:\Documents and Settings\uživatel\Dokumenty\cc_20150222_124304.reg
2015-02-22 12:36 - 2015-02-22 12:36 - 05325208 _____ (Piriform Ltd) C:\Documents and Settings\uživatel\Dokumenty\ccsetup502.exe
2015-02-02 15:14 - 2015-02-02 15:27 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
2015-02-02 15:13 - 2015-02-02 15:13 - 00000827 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spy Protector.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000816 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Security Task Manager.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000810 _____ () C:\Documents and Settings\All Users\Plocha\Security Task Manager.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000000 ____D () C:\Program Files\Security Task Manager
2015-02-02 15:08 - 2015-02-02 15:09 - 02931056 _____ () C:\Documents and Settings\uživatel\Dokumenty\SecurityTaskManager_Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 13:07 - 2014-12-03 22:27 - 00000000 ____D () C:\Documents and Settings\uživatel\Local Settings\Temp
2015-03-01 13:06 - 2014-12-03 19:47 - 00014051 _____ () C:\Documents and Settings\uživatel\Plocha\FRST.txt
2015-03-01 13:06 - 2014-12-03 19:47 - 00000000 ____D () C:\FRST
2015-03-01 13:06 - 2011-03-30 12:10 - 00000000 ____D () C:\Documents and Settings\uživatel\Plocha
2015-03-01 13:05 - 2014-12-03 21:25 - 00000000 ____D () C:\Documents and Settings\uživatel\Plocha\FRST-OlderVersion
2015-03-01 13:05 - 2014-12-03 19:21 - 01132032 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2015-03-01 12:42 - 2014-07-20 19:00 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-01 12:38 - 2012-10-11 20:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-01 12:36 - 2011-03-30 09:41 - 01549752 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-01 12:35 - 2012-07-19 00:39 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-01 12:35 - 2007-10-29 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-01 12:34 - 2011-03-30 12:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-01 12:34 - 2011-03-30 11:34 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-01 12:34 - 2011-03-30 11:34 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-03-01 12:33 - 2011-03-30 12:09 - 00032618 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-01 12:32 - 2013-07-09 12:00 - 00000000 ____D () C:\Documents and Settings\uživatel\Dokumenty\Warcraft III
2015-03-01 12:32 - 2011-03-30 12:10 - 00000272 ___SH () C:\Documents and Settings\uživatel\ntuser.ini
2015-02-25 22:31 - 2014-12-06 20:38 - 00971099 _____ () C:\Documents and Settings\uživatel\Plocha\skplatek.dwg
2015-02-25 22:27 - 2011-04-19 19:27 - 00000000 ____D () C:\Program Files\AutoCAD R14
2015-02-24 12:30 - 2014-12-06 20:38 - 00954997 _____ () C:\Documents and Settings\uživatel\Plocha\skplatek.bak
2015-02-23 12:23 - 2013-04-16 10:35 - 00283648 _____ () C:\Documents and Settings\uživatel\Plocha\povzáhum.xls
2015-02-23 12:07 - 2012-05-31 11:54 - 00002487 _____ () C:\Documents and Settings\uživatel\Plocha\Microsoft Excel (2).lnk
2015-02-22 12:50 - 2012-04-25 00:18 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-22 12:50 - 2011-03-30 12:10 - 00000000 ____D () C:\Documents and Settings\uživatel
2015-02-22 12:43 - 2011-03-30 12:10 - 00000000 ___RD () C:\Documents and Settings\uživatel\Dokumenty
2015-02-22 12:39 - 2013-12-25 17:43 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-02-22 12:39 - 2013-05-09 09:15 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-09 23:53 - 2013-10-17 01:30 - 00000000 ____D () C:\Documents and Settings\uživatel\Data aplikací\Skype
2015-02-08 16:42 - 2012-04-24 23:04 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-08 16:42 - 2012-04-24 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-02 15:14 - 2011-03-30 11:30 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-02 15:13 - 2011-03-30 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-02 15:13 - 2011-03-30 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-02 15:12 - 2015-01-02 12:53 - 00145920 ___SH () C:\Documents and Settings\uživatel\Dokumenty\Thumbs.db
==================== Files in the root of some directories =======
2012-10-26 20:36 - 2014-12-06 01:11 - 0045568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-03 19:47 - 2014-12-03 19:47 - 0029696 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MSGBOX.EXE
Some content of TEMP:
====================
C:\Documents and Settings\uživatel\Local Settings\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Trojan.Agent/Gen-Dropper
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan.Agent/Gen-Dropper
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan.Agent/Gen-Dropper
tady je log:
# AdwCleaner v4.111 - Logfile created 01/03/2015 at 14:24:30
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : uživatel - U-F3DA959F89254
# Running from : C:\Documents and Settings\uživatel\Plocha\adwcleaner_4.111 (1).exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v31.0 (x86 cs)
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R1].txt - [1550 bytes] - [03/12/2014 20:37:13]
AdwCleaner[R2].txt - [1458 bytes] - [01/03/2015 14:16:31]
AdwCleaner[S1].txt - [1627 bytes] - [03/12/2014 20:42:35]
AdwCleaner[S2].txt - [1395 bytes] - [01/03/2015 14:24:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1454 bytes] ##########
# AdwCleaner v4.111 - Logfile created 01/03/2015 at 14:24:30
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : uživatel - U-F3DA959F89254
# Running from : C:\Documents and Settings\uživatel\Plocha\adwcleaner_4.111 (1).exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v31.0 (x86 cs)
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R1].txt - [1550 bytes] - [03/12/2014 20:37:13]
AdwCleaner[R2].txt - [1458 bytes] - [01/03/2015 14:16:31]
AdwCleaner[S1].txt - [1627 bytes] - [03/12/2014 20:42:35]
AdwCleaner[S2].txt - [1395 bytes] - [01/03/2015 14:24:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1454 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan.Agent/Gen-Dropper
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan.Agent/Gen-Dropper
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-02-2015
Ran by uživatel (administrator) on U-F3DA959F89254 on 01-03-2015 17:47:28
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
() C:\WINDOWS\system32\ati2evxx.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(ATI Technologies, Inc.) C:\WINDOWS\system32\atiptaxx.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Alcor Micro, Corp.) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Syntek Ltd.) C:\WINDOWS\STK03N\STK03NM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [118784 2001-08-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ATIModeChange] => C:\WINDOWS\system32\Ati2mdxx.exe [28672 2001-09-04] (ATI Technologies, Inc.)
HKLM\...\Run: [AtiPTA] => C:\WINDOWS\system32\atiptaxx.exe [286720 2002-03-12] (ATI Technologies, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Sunkist2k] => C:\Program Files\Multimedia Card Reader\shwicon2k.exe [139264 2005-10-27] (Alcor Micro, Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [196608 2001-11-20] (HP)
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\STK03N PNP Monitor.lnk
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\WINDOWS\STK03N\STK03NM.exe (Syntek Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Vyhledávací stránka = http://www.msn.com/access/allinone.asp
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Úvodní stránka = http://www.microsoft.com/msoffice/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} http://proxynet.mbudejovice.cz:3333/VatDec.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\7wgvahbn.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @cadenas.de/PARTwebViewer -> C:\Program Files\cadenas\partwebviewer\bin\x86\32\npwebviewerplugins.dll (CADENAS GmbH)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1343024091-1993962763-1708537768-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-06-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-24]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-08]
CHR Extension: (Google Wallet) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-07] (SUPERAntiSpyware.com)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [110592 2002-02-19] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 idsvc; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-01-21] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2011-04-19] (Meetinghouse Data Communications) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-22] ()
R0 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-22] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-22] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-22] ()
S3 AtiDCM; C:\AMD\Support\13-4_xp32_dd_ccc_whql\Bin\atidcmxx.sys [27872 2013-04-11] (Advanced Micro Devices, Inc.)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DCamUSBSTK03N; C:\WINDOWS\System32\DRIVERS\STK03NW2.sys [108544 2009-12-18] (Syntek Ltd.)
R2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [38144 2007-10-09] (Realtek) [File not signed]
R3 FUJ02B1; C:\WINDOWS\System32\DRIVERS\FUJ02B1.sys [5248 2001-08-01] (FUJITSU LIMITED)
R3 LucentSoftModem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [807021 2001-12-18] (Lucent Technologies)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 OkiPar; C:\WINDOWS\System32\DRIVERS\OKIPAR.SYS [40192 2001-10-02] (Oki Data Corporation) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2008-06-27] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2009-04-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 scvad_simple; C:\WINDOWS\System32\drivers\SplitCamAudio.sys [18944 2013-11-01] (Windows (R) Win 7 DDK provider)
S3 silabenm; C:\WINDOWS\System32\DRIVERS\silabenm.sys [47176 2011-10-14] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\DRIVERS\silabser.sys [61312 2011-10-14] (Silicon Laboratories)
S3 slabbus; C:\WINDOWS\System32\DRIVERS\slabbus.sys [52384 2004-03-11] (MCCI) [File not signed]
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [35913 2001-10-24] (SMC)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2013-06-17] () [File not signed]
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [38468 2005-10-27] (Alcor Micro Corp.) [File not signed]
U3 agy5e8b1; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 14:14 - 2015-03-01 14:14 - 02126848 _____ () C:\Documents and Settings\uživatel\Plocha\adwcleaner_4.111 (1).exe
2015-03-01 14:10 - 2015-03-01 14:10 - 02126848 _____ () C:\Documents and Settings\uživatel\Plocha\adwcleaner_4.111.exe
2015-02-22 12:43 - 2015-02-22 12:43 - 00000392 _____ () C:\Documents and Settings\uživatel\Dokumenty\cc_20150222_124304.reg
2015-02-22 12:36 - 2015-02-22 12:36 - 05325208 _____ (Piriform Ltd) C:\Documents and Settings\uživatel\Dokumenty\ccsetup502.exe
2015-02-02 15:13 - 2015-02-02 15:13 - 00000827 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spy Protector.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000816 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Security Task Manager.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000810 _____ () C:\Documents and Settings\All Users\Plocha\Security Task Manager.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000000 ____D () C:\Program Files\Security Task Manager
2015-02-02 15:08 - 2015-02-02 15:09 - 02931056 _____ () C:\Documents and Settings\uživatel\Dokumenty\SecurityTaskManager_Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 17:48 - 2014-12-03 22:27 - 00000000 ____D () C:\Documents and Settings\uživatel\Local Settings\Temp
2015-03-01 17:48 - 2014-12-03 19:47 - 00014246 _____ () C:\Documents and Settings\uživatel\Plocha\FRST.txt
2015-03-01 17:47 - 2014-12-03 19:47 - 00000000 ____D () C:\FRST
2015-03-01 17:47 - 2011-03-30 12:10 - 00000000 ____D () C:\Documents and Settings\uživatel\Plocha
2015-03-01 16:42 - 2014-07-20 19:00 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-01 14:42 - 2011-03-30 12:09 - 00032502 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-01 14:29 - 2011-03-30 09:41 - 01553116 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-01 14:28 - 2012-07-19 00:39 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-01 14:28 - 2007-10-29 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-01 14:27 - 2011-03-30 12:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-01 14:27 - 2011-03-30 11:34 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-01 14:27 - 2011-03-30 11:34 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-03-01 14:25 - 2011-03-30 12:10 - 00000272 ___SH () C:\Documents and Settings\uživatel\ntuser.ini
2015-03-01 14:24 - 2014-12-03 20:36 - 00000000 ____D () C:\AdwCleaner
2015-03-01 14:24 - 2011-03-30 11:30 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-01 13:09 - 2014-12-03 19:49 - 00035974 _____ () C:\Documents and Settings\uživatel\Plocha\Addition.txt
2015-03-01 13:05 - 2014-12-03 21:25 - 00000000 ____D () C:\Documents and Settings\uživatel\Plocha\FRST-OlderVersion
2015-03-01 13:05 - 2014-12-03 19:21 - 01132032 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2015-03-01 12:38 - 2012-10-11 20:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-01 12:32 - 2013-07-09 12:00 - 00000000 ____D () C:\Documents and Settings\uživatel\Dokumenty\Warcraft III
2015-02-25 22:31 - 2014-12-06 20:38 - 00971099 _____ () C:\Documents and Settings\uživatel\Plocha\skplatek.dwg
2015-02-25 22:27 - 2011-04-19 19:27 - 00000000 ____D () C:\Program Files\AutoCAD R14
2015-02-24 12:30 - 2014-12-06 20:38 - 00954997 _____ () C:\Documents and Settings\uživatel\Plocha\skplatek.bak
2015-02-23 12:23 - 2013-04-16 10:35 - 00283648 _____ () C:\Documents and Settings\uživatel\Plocha\povzáhum.xls
2015-02-23 12:07 - 2012-05-31 11:54 - 00002487 _____ () C:\Documents and Settings\uživatel\Plocha\Microsoft Excel (2).lnk
2015-02-22 12:50 - 2012-04-25 00:18 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-22 12:50 - 2011-03-30 12:10 - 00000000 ____D () C:\Documents and Settings\uživatel
2015-02-22 12:43 - 2011-03-30 12:10 - 00000000 ___RD () C:\Documents and Settings\uživatel\Dokumenty
2015-02-22 12:39 - 2013-12-25 17:43 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-02-22 12:39 - 2013-05-09 09:15 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-09 23:53 - 2013-10-17 01:30 - 00000000 ____D () C:\Documents and Settings\uživatel\Data aplikací\Skype
2015-02-08 16:42 - 2012-04-24 23:04 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-08 16:42 - 2012-04-24 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-02 15:13 - 2011-03-30 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-02 15:13 - 2011-03-30 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-02 15:12 - 2015-01-02 12:53 - 00145920 ___SH () C:\Documents and Settings\uživatel\Dokumenty\Thumbs.db
==================== Files in the root of some directories =======
2012-10-26 20:36 - 2014-12-06 01:11 - 0045568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-03 19:47 - 2014-12-03 19:47 - 0029696 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MSGBOX.EXE
Some content of TEMP:
====================
C:\Documents and Settings\uživatel\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\uživatel\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\uživatel\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by uživatel (administrator) on U-F3DA959F89254 on 01-03-2015 17:47:28
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
() C:\WINDOWS\system32\ati2evxx.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(ATI Technologies, Inc.) C:\WINDOWS\system32\atiptaxx.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Alcor Micro, Corp.) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Syntek Ltd.) C:\WINDOWS\STK03N\STK03NM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [118784 2001-08-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ATIModeChange] => C:\WINDOWS\system32\Ati2mdxx.exe [28672 2001-09-04] (ATI Technologies, Inc.)
HKLM\...\Run: [AtiPTA] => C:\WINDOWS\system32\atiptaxx.exe [286720 2002-03-12] (ATI Technologies, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Sunkist2k] => C:\Program Files\Multimedia Card Reader\shwicon2k.exe [139264 2005-10-27] (Alcor Micro, Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [196608 2001-11-20] (HP)
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\STK03N PNP Monitor.lnk
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\WINDOWS\STK03N\STK03NM.exe (Syntek Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Vyhledávací stránka = http://www.msn.com/access/allinone.asp
HKU\S-1-5-21-1343024091-1993962763-1708537768-1003\Software\Microsoft\Internet Explorer\Main,Úvodní stránka = http://www.microsoft.com/msoffice/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} http://proxynet.mbudejovice.cz:3333/VatDec.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\7wgvahbn.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @cadenas.de/PARTwebViewer -> C:\Program Files\cadenas\partwebviewer\bin\x86\32\npwebviewerplugins.dll (CADENAS GmbH)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1343024091-1993962763-1708537768-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-06-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-24]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-08]
CHR Extension: (Google Wallet) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-07] (SUPERAntiSpyware.com)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [110592 2002-02-19] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 idsvc; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2010-01-21] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21035 2011-04-19] (Meetinghouse Data Communications) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-22] ()
R0 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-22] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-22] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-22] ()
S3 AtiDCM; C:\AMD\Support\13-4_xp32_dd_ccc_whql\Bin\atidcmxx.sys [27872 2013-04-11] (Advanced Micro Devices, Inc.)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DCamUSBSTK03N; C:\WINDOWS\System32\DRIVERS\STK03NW2.sys [108544 2009-12-18] (Syntek Ltd.)
R2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [38144 2007-10-09] (Realtek) [File not signed]
R3 FUJ02B1; C:\WINDOWS\System32\DRIVERS\FUJ02B1.sys [5248 2001-08-01] (FUJITSU LIMITED)
R3 LucentSoftModem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [807021 2001-12-18] (Lucent Technologies)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 OkiPar; C:\WINDOWS\System32\DRIVERS\OKIPAR.SYS [40192 2001-10-02] (Oki Data Corporation) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2008-06-27] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2009-04-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 scvad_simple; C:\WINDOWS\System32\drivers\SplitCamAudio.sys [18944 2013-11-01] (Windows (R) Win 7 DDK provider)
S3 silabenm; C:\WINDOWS\System32\DRIVERS\silabenm.sys [47176 2011-10-14] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\DRIVERS\silabser.sys [61312 2011-10-14] (Silicon Laboratories)
S3 slabbus; C:\WINDOWS\System32\DRIVERS\slabbus.sys [52384 2004-03-11] (MCCI) [File not signed]
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [35913 2001-10-24] (SMC)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2013-06-17] () [File not signed]
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [38468 2005-10-27] (Alcor Micro Corp.) [File not signed]
U3 agy5e8b1; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 14:14 - 2015-03-01 14:14 - 02126848 _____ () C:\Documents and Settings\uživatel\Plocha\adwcleaner_4.111 (1).exe
2015-03-01 14:10 - 2015-03-01 14:10 - 02126848 _____ () C:\Documents and Settings\uživatel\Plocha\adwcleaner_4.111.exe
2015-02-22 12:43 - 2015-02-22 12:43 - 00000392 _____ () C:\Documents and Settings\uživatel\Dokumenty\cc_20150222_124304.reg
2015-02-22 12:36 - 2015-02-22 12:36 - 05325208 _____ (Piriform Ltd) C:\Documents and Settings\uživatel\Dokumenty\ccsetup502.exe
2015-02-02 15:13 - 2015-02-02 15:13 - 00000827 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spy Protector.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000816 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Security Task Manager.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000810 _____ () C:\Documents and Settings\All Users\Plocha\Security Task Manager.lnk
2015-02-02 15:13 - 2015-02-02 15:13 - 00000000 ____D () C:\Program Files\Security Task Manager
2015-02-02 15:08 - 2015-02-02 15:09 - 02931056 _____ () C:\Documents and Settings\uživatel\Dokumenty\SecurityTaskManager_Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 17:48 - 2014-12-03 22:27 - 00000000 ____D () C:\Documents and Settings\uživatel\Local Settings\Temp
2015-03-01 17:48 - 2014-12-03 19:47 - 00014246 _____ () C:\Documents and Settings\uživatel\Plocha\FRST.txt
2015-03-01 17:47 - 2014-12-03 19:47 - 00000000 ____D () C:\FRST
2015-03-01 17:47 - 2011-03-30 12:10 - 00000000 ____D () C:\Documents and Settings\uživatel\Plocha
2015-03-01 16:42 - 2014-07-20 19:00 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-01 14:42 - 2011-03-30 12:09 - 00032502 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-01 14:29 - 2011-03-30 09:41 - 01553116 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-01 14:28 - 2012-07-19 00:39 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-01 14:28 - 2007-10-29 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-01 14:27 - 2011-03-30 12:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-01 14:27 - 2011-03-30 11:34 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-01 14:27 - 2011-03-30 11:34 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-03-01 14:25 - 2011-03-30 12:10 - 00000272 ___SH () C:\Documents and Settings\uživatel\ntuser.ini
2015-03-01 14:24 - 2014-12-03 20:36 - 00000000 ____D () C:\AdwCleaner
2015-03-01 14:24 - 2011-03-30 11:30 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-01 13:09 - 2014-12-03 19:49 - 00035974 _____ () C:\Documents and Settings\uživatel\Plocha\Addition.txt
2015-03-01 13:05 - 2014-12-03 21:25 - 00000000 ____D () C:\Documents and Settings\uživatel\Plocha\FRST-OlderVersion
2015-03-01 13:05 - 2014-12-03 19:21 - 01132032 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2015-03-01 12:38 - 2012-10-11 20:26 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-01 12:32 - 2013-07-09 12:00 - 00000000 ____D () C:\Documents and Settings\uživatel\Dokumenty\Warcraft III
2015-02-25 22:31 - 2014-12-06 20:38 - 00971099 _____ () C:\Documents and Settings\uživatel\Plocha\skplatek.dwg
2015-02-25 22:27 - 2011-04-19 19:27 - 00000000 ____D () C:\Program Files\AutoCAD R14
2015-02-24 12:30 - 2014-12-06 20:38 - 00954997 _____ () C:\Documents and Settings\uživatel\Plocha\skplatek.bak
2015-02-23 12:23 - 2013-04-16 10:35 - 00283648 _____ () C:\Documents and Settings\uživatel\Plocha\povzáhum.xls
2015-02-23 12:07 - 2012-05-31 11:54 - 00002487 _____ () C:\Documents and Settings\uživatel\Plocha\Microsoft Excel (2).lnk
2015-02-22 12:50 - 2012-04-25 00:18 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-22 12:50 - 2011-03-30 12:10 - 00000000 ____D () C:\Documents and Settings\uživatel
2015-02-22 12:43 - 2011-03-30 12:10 - 00000000 ___RD () C:\Documents and Settings\uživatel\Dokumenty
2015-02-22 12:39 - 2013-12-25 17:43 - 00000682 _____ () C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-02-22 12:39 - 2013-05-09 09:15 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-09 23:53 - 2013-10-17 01:30 - 00000000 ____D () C:\Documents and Settings\uživatel\Data aplikací\Skype
2015-02-08 16:42 - 2012-04-24 23:04 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-08 16:42 - 2012-04-24 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-02 15:13 - 2011-03-30 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-02 15:13 - 2011-03-30 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-02 15:12 - 2015-01-02 12:53 - 00145920 ___SH () C:\Documents and Settings\uživatel\Dokumenty\Thumbs.db
==================== Files in the root of some directories =======
2012-10-26 20:36 - 2014-12-06 01:11 - 0045568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-03 19:47 - 2014-12-03 19:47 - 0029696 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MSGBOX.EXE
Some content of TEMP:
====================
C:\Documents and Settings\uživatel\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\uživatel\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\uživatel\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan.Agent/Gen-Dropper
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 agy5e8b1; No ImagePath
C:\Documents and Settings\uživatel\Local Settings\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan.Agent/Gen-Dropper
tady je: je to strašně pomalý, internet naběhne až po druhém odkliknutí "POČKAT" ,
je to tak už delší dobu.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-02-2015
Ran by uživatel at 2015-03-01 21:19:19 Run:2
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available profiles: uživatel & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 agy5e8b1; No ImagePath
C:\Documents and Settings\uživatel\Local Settings\Temp
End
*****************
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
agy5e8b1 => Service not found.
C:\Documents and Settings\uživatel\Local Settings\Temp => Moved successfully.
==== End of Fixlog 21:19:22 ====
je to tak už delší dobu.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-02-2015
Ran by uživatel at 2015-03-01 21:19:19 Run:2
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available profiles: uživatel & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 agy5e8b1; No ImagePath
C:\Documents and Settings\uživatel\Local Settings\Temp
End
*****************
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
agy5e8b1 => Service not found.
C:\Documents and Settings\uživatel\Local Settings\Temp => Moved successfully.
==== End of Fixlog 21:19:22 ====
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan.Agent/Gen-Dropper
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan.Agent/Gen-Dropper
tady je log z mbam - 3 soubory strčil avast během skenu do truhly:
pz2z30us.exe Win32:Evo-gen(Susp)
FRSTLauncher(1).exe Win32:Malware-gen
A0040813.exe Win32:Malware-gen
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2015.03.01.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
uživatel :: U-F3DA959F89254 [administrátor]
Ochrana: Zakázána
1.3.2015 23:18:12
mbam-log-2015-03-01 (23-18-12).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 548426
Uplynulý čas: 3 hodin, 22 minut, 5 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
pz2z30us.exe Win32:Evo-gen(Susp)
FRSTLauncher(1).exe Win32:Malware-gen
A0040813.exe Win32:Malware-gen
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2015.03.01.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
uživatel :: U-F3DA959F89254 [administrátor]
Ochrana: Zakázána
1.3.2015 23:18:12
mbam-log-2015-03-01 (23-18-12).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 548426
Uplynulý čas: 3 hodin, 22 minut, 5 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan.Agent/Gen-Dropper
Log je OK. PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan.Agent/Gen-Dropper
Mockrát děkuji za pomoc,
nevím, co bych bez Vaší pomoci dělal.
Honza
nevím, co bych bez Vaší pomoci dělal.
Honza
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan.Agent/Gen-Dropper
Jsme tu stále. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?