VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Firefox -> BSOD

https://forum.viry.cz:443/viewtopic.php?t=121761

Stránka 1 z 2

Firefox -> BSOD

Napsal: 19 kvě 2012 12:51
od Ricmen
Zdravím,
prohlížet web lze jen z nouzového režimu s prácí v síti. V tomto režimu nelze ani spustit Firefox (chyba "0xc0000005)". V běžném režimu se nenačte jakýkoliv prohlížeč (Chrome selže, Firefox hodí BSOD, Explorer se nenačítá...) Téměř jistě tu bude nějaká havěť, protože to není poprvé, co tento pc odvirovávám. Avast nemá ani spuštěné štíty (nelze opravit).
Děkuji za odpověď.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kohoutovi at 2012-05-19 13:39:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 353 GB (74%) free of 477 GB
Total RAM: 3583 MB (83% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\PROGRA~2\INTERN~1\iexplore.exe
"C:\PROGRA~2\INTERN~1\iexplore.exe" SCODEF:1724 CREDAT:145409
"C:\PROGRA~2\INTERN~1\iexplore.exe" SCODEF:1724 CREDAT:79893
"C:\PROGRA~2\INTERN~1\iexplore.exe" SCODEF:1724 CREDAT:145410
C:\Windows\system32\wbem\wmiprvse.exe
"C:\PROGRA~2\INTERN~1\iexplore.exe" SCODEF:1724 CREDAT:145413
C:\Users\KOHOUT~1\DOWNLO~1\RSITx64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\KOHOUT~1.EXE /silentautolog

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kohoutovi\AppData\Roaming\Mozilla\Firefox\Profiles\zeihg06l.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Kohoutovi\AppData\Roaming\Mozilla\Firefox\Profiles\zeihg06l.default\extensions\
battlefieldplay4free@ea.com
toolbar@ask.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-12-20 1244040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-12-20 1244040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MRT"=C:\Windows\system32\MRT.exe [2012-05-11 57848688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2012-05-19 2897408]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-05-19 968128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-19 13:39:27 ----D---- C:\rsit
2012-05-19 13:39:27 ----D---- C:\Program Files\trend micro
2012-05-16 06:37:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-05-16 06:31:57 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-15 18:24:00 ----D---- C:\Users\Kohoutovi\AppData\Roaming\Nokia
2012-05-13 14:26:47 ----A---- C:\Windows\ntbtlog.txt
2012-05-13 14:20:55 ----D---- C:\Windows\Minidump
2012-05-11 17:51:06 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-11 17:51:06 ----A---- C:\Windows\system32\DWrite.dll
2012-05-11 17:50:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-11 17:50:58 ----A---- C:\Windows\system32\win32k.sys
2012-05-11 17:50:57 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-11 17:50:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-11 17:50:11 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-11 17:49:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-10 14:32:08 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-05-10 14:32:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-05-10 14:32:08 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-05-10 14:32:08 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-05-10 14:32:07 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-05-10 14:32:07 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-05-10 14:26:35 ----D---- C:\Program Files (x86)\1C Company
2012-05-07 20:37:03 ----D---- C:\Users\Kohoutovi\AppData\Roaming\Need for Speed World
2012-05-06 18:56:47 ----A---- C:\Windows\directx.sys
2012-05-06 18:56:14 ----A---- C:\Windows\svchost.com
2012-05-05 20:38:03 ----D---- C:\Program Files (x86)\G5 Software
2012-05-05 19:54:59 ----D---- C:\Users\Kohoutovi\AppData\Roaming\.minecraft
2012-04-21 22:03:18 ----D---- C:\Program Files (x86)\GIANTS Software
2012-04-21 19:10:41 ----D---- C:\Program Files (x86)\Glest_2.0.0
2012-04-20 19:51:38 ----D---- C:\Program Files (x86)\Hunting Unlimited 3

======List of files/folders modified in the last 1 month======

2012-05-19 13:39:27 ----RD---- C:\Program Files
2012-05-19 13:30:49 ----D---- C:\Windows\System32
2012-05-19 13:30:49 ----D---- C:\Windows\inf
2012-05-19 13:30:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-19 13:24:13 ----D---- C:\Windows\Prefetch
2012-05-19 13:23:44 ----D---- C:\Windows\system32\config
2012-05-19 13:22:54 ----D---- C:\Windows\Temp
2012-05-19 13:20:39 ----D---- C:\Windows
2012-05-18 21:44:27 ----SHD---- C:\System Volume Information
2012-05-18 21:44:04 ----SHD---- C:\Windows\Installer
2012-05-16 06:37:37 ----D---- C:\Windows\SysWOW64
2012-05-16 06:31:58 ----D---- C:\Windows\Tasks
2012-05-16 06:31:58 ----D---- C:\Windows\system32\Tasks
2012-05-15 20:48:41 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-05-15 18:22:47 ----D---- C:\Windows\system32\drivers
2012-05-15 18:16:01 ----D---- C:\ProgramData\Nokia
2012-05-15 18:16:01 ----D---- C:\Program Files (x86)\Nokia
2012-05-15 18:15:12 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-05-15 18:15:03 ----D---- C:\Windows\system32\DriverStore
2012-05-15 18:15:03 ----D---- C:\Windows\system32\catroot
2012-05-13 14:40:40 ----D---- C:\Windows\system32\catroot2
2012-05-12 23:08:33 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-05-12 21:52:58 ----D---- C:\Program Files (x86)\Army Rage
2012-05-12 16:06:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-05-11 23:30:14 ----D---- C:\Windows\Microsoft.NET
2012-05-11 23:30:13 ----RSD---- C:\Windows\assembly
2012-05-11 21:17:18 ----D---- C:\Windows\winsxs
2012-05-11 18:06:40 ----A---- C:\Windows\system32\MRT.INI
2012-05-11 18:01:32 ----A---- C:\Windows\system32\MRT.exe
2012-05-10 17:55:55 ----D---- C:\Program Files (x86)\EA Games
2012-05-10 14:26:35 ----RD---- C:\Program Files (x86)
2012-05-06 18:56:15 ----A---- C:\install.exe
2012-05-05 23:47:44 ----SD---- C:\Users\Kohoutovi\AppData\Roaming\Microsoft
2012-05-05 22:22:59 ----D---- C:\ProgramData\Electronic Arts
2012-05-05 22:22:59 ----D---- C:\Program Files (x86)\Electronic Arts
2012-05-05 22:19:23 ----HD---- C:\ProgramData
2012-05-05 20:45:45 ----D---- C:\Program Files (x86)\Activision
2012-04-21 20:58:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-04-20 21:30:22 ----D---- C:\Program Files (x86)\GameSpy Arcade

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-27 67072]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-12-24 314016]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-12-24 43680]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-10 6368256]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-10 188416]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-11-01 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-11-01 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-04-14 208672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-11-01 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-11-01 9216]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-10-02 1349232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-10 202752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-13 177648]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-05-12 76888]
S2 PowerManager;Power Manager; C:\Windows\svchost.exe [2001-08-24 36352]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 257696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-13 177648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2012-05-06 111104]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-05-06 130608]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-05-17 801832]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-02 1255736]

-----------------EOF-----------------

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:27
od stell
Zdravim
Pc mas infikovany smejdom Virus.Neshta.
V nudzovom rezime oprav register.
1:Otvorte Notepad (Poznámkový blok) a skopíruj do neho text.
2:Potom klikneme na záložku Súbor v menu Uložiť ako.. ..
3:Ako je Názov súboru, tak do toho riadku napíšeme:oprava.reg
4:Typ súboru tak tam vyberiete všetky súbory
5:A uložíme ho na plochu.
6:2 x klikneme naň,povolíme zápis do registra.
NERESTARTOVAT PC.

TEXT:

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\UserChoice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\OpenWithProgids]
"exefile"=hex(0):
2:Stiahni na plochu OTL, spust, do okna vloz tento script a klikni na Gombik OPRAVIT, log po restarte vloz semUz mozes dovolit restart, alebo restartuj pc

http://oldtimer.geekstogo.com/OTL.exe

Script:

Kód: Vybrat vše

:reg
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\UserChoice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\OpenWithProgids]
"exefile"=hex(0):
:Files
C:\Windows\directx.sys
C:\Windows\svchost.com
C:\install.exe
ipconfig /flushdns /c
:Commands
[clearallrestorepoints]
[resethosts]
[emptytemp]
Uz mozes dovolit restart, alebo restartuj pc
3:
http://forum.viry.cz/viewtopic.php?f=29 ... 1#p1031821
Malwarebytes UPLNY skan, najdene odstranit log vloz sem.

4:Kontrola s programom AVPTOOL, a vyliecit pc, log vloz sem, a napis ako je na tom pc.
http://forum.viry.cz/viewtopic.php?f=29&t=58179

Ak nastanu problemy pisat.

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:49
od Ricmen
Bohužel, při pokusu o změnu registru se objeví tato chyba :(

edit: pokoušel jsem se i v režimu bez sítě, ale také nic

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:50
od stell
Pravy klik na oprava reg a daj SLOUCIT a pokracuj dalej.

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:52
od Ricmen
To stejné.

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:53
od stell
Ok, pockaj chvilku dam to do scriptu pre OTL,

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:55
od Ricmen
Dobrá, zatím děkuji :)

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 13:56
od stell
Mas to tam pokracuj programom OTL, log po restarte vloz sem

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 14:11
od Ricmen
OTL proveden, zrestartováno, vkládám log z RSIT a přesouvám se ke 3. bodu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Kohoutovi at 2012-05-19 15:07:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 373 GB (78%) free of 477 GB
Total RAM: 3583 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:28, on 19.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Kohoutovi\Downloads\RSITx64.exe
C:\Windows\svchost.com
C:\PROGRA~1\TRENDM~1\KOHOUT~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [OTL] "C:\Users\Kohoutovi\Downloads\OTL.exe"
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1796C9D-7204-4E29-AF4C-6B52C802606B}: NameServer = 89.235.20.5,212.24.128.8
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\Windows\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7055 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1572 CREDAT:145409
"C:\Users\KOHOUT~1\AppData\Local\Temp\3582-490\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1572 CREDAT:145410
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1572 CREDAT:145411
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kohoutovi\AppData\Roaming\Mozilla\Firefox\Profiles\zeihg06l.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Kohoutovi\AppData\Roaming\Mozilla\Firefox\Profiles\zeihg06l.default\extensions\
battlefieldplay4free@ea.com
toolbar@ask.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-12-20 1244040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-12-20 1244040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MRT"=C:\Windows\system32\MRT.exe [2012-05-11 57848688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2012-05-19 2897408]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-05-19 968128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTL"=C:\Users\Kohoutovi\Downloads\OTL.exe [2012-05-19 678400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-19 15:07:25 ----A---- C:\Windows\directx.sys
2012-05-19 15:07:20 ----A---- C:\Windows\svchost.com
2012-05-19 15:00:58 ----D---- C:\_OTL
2012-05-19 13:39:27 ----D---- C:\rsit
2012-05-19 13:39:27 ----D---- C:\Program Files\trend micro
2012-05-16 06:37:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-05-16 06:31:57 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-05-15 18:24:00 ----D---- C:\Users\Kohoutovi\AppData\Roaming\Nokia
2012-05-13 14:26:47 ----A---- C:\Windows\ntbtlog.txt
2012-05-13 14:20:55 ----D---- C:\Windows\Minidump
2012-05-11 17:51:06 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-11 17:51:06 ----A---- C:\Windows\system32\DWrite.dll
2012-05-11 17:50:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-11 17:50:58 ----A---- C:\Windows\system32\win32k.sys
2012-05-11 17:50:57 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-05-11 17:50:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-05-11 17:50:11 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-11 17:49:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-10 14:32:08 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-05-10 14:32:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-05-10 14:32:08 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-05-10 14:32:08 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-05-10 14:32:07 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-05-10 14:32:07 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-05-10 14:26:35 ----D---- C:\Program Files (x86)\1C Company
2012-05-07 20:37:03 ----D---- C:\Users\Kohoutovi\AppData\Roaming\Need for Speed World
2012-05-05 20:38:03 ----D---- C:\Program Files (x86)\G5 Software
2012-05-05 19:54:59 ----D---- C:\Users\Kohoutovi\AppData\Roaming\.minecraft
2012-04-21 22:03:18 ----D---- C:\Program Files (x86)\GIANTS Software
2012-04-21 19:10:41 ----D---- C:\Program Files (x86)\Glest_2.0.0
2012-04-20 19:51:38 ----D---- C:\Program Files (x86)\Hunting Unlimited 3

======List of files/folders modified in the last 1 month======

2012-05-19 15:07:25 ----D---- C:\Windows
2012-05-19 15:03:22 ----D---- C:\Windows\Temp
2012-05-19 15:00:59 ----D---- C:\Windows\system32\drivers\etc
2012-05-19 14:48:39 ----D---- C:\Windows\System32
2012-05-19 14:48:39 ----D---- C:\Windows\inf
2012-05-19 14:48:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-19 13:39:27 ----RD---- C:\Program Files
2012-05-19 13:24:13 ----D---- C:\Windows\Prefetch
2012-05-19 13:23:44 ----D---- C:\Windows\system32\config
2012-05-18 21:44:27 ----SHD---- C:\System Volume Information
2012-05-18 21:44:04 ----SHD---- C:\Windows\Installer
2012-05-16 06:37:37 ----D---- C:\Windows\SysWOW64
2012-05-16 06:31:58 ----D---- C:\Windows\Tasks
2012-05-16 06:31:58 ----D---- C:\Windows\system32\Tasks
2012-05-15 20:48:41 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-05-15 18:22:47 ----D---- C:\Windows\system32\drivers
2012-05-15 18:16:01 ----D---- C:\ProgramData\Nokia
2012-05-15 18:16:01 ----D---- C:\Program Files (x86)\Nokia
2012-05-15 18:15:12 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-05-15 18:15:03 ----D---- C:\Windows\system32\DriverStore
2012-05-15 18:15:03 ----D---- C:\Windows\system32\catroot
2012-05-13 14:40:40 ----D---- C:\Windows\system32\catroot2
2012-05-12 23:08:33 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-05-12 21:52:58 ----D---- C:\Program Files (x86)\Army Rage
2012-05-12 16:06:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-05-11 23:30:14 ----D---- C:\Windows\Microsoft.NET
2012-05-11 23:30:13 ----RSD---- C:\Windows\assembly
2012-05-11 21:17:18 ----D---- C:\Windows\winsxs
2012-05-11 18:06:40 ----A---- C:\Windows\system32\MRT.INI
2012-05-11 18:01:32 ----A---- C:\Windows\system32\MRT.exe
2012-05-10 17:55:55 ----D---- C:\Program Files (x86)\EA Games
2012-05-10 14:26:35 ----RD---- C:\Program Files (x86)
2012-05-05 23:47:44 ----SD---- C:\Users\Kohoutovi\AppData\Roaming\Microsoft
2012-05-05 22:22:59 ----D---- C:\ProgramData\Electronic Arts
2012-05-05 22:22:59 ----D---- C:\Program Files (x86)\Electronic Arts
2012-05-05 22:19:23 ----HD---- C:\ProgramData
2012-05-05 20:45:45 ----D---- C:\Program Files (x86)\Activision
2012-04-21 20:58:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-04-20 21:30:22 ----D---- C:\Program Files (x86)\GameSpy Arcade

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-27 67072]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-12-24 314016]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-12-24 43680]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-10 6368256]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-10 188416]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-11-01 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-11-01 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-04-14 208672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-11-01 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-11-01 9216]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-10-02 1349232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-05-19 105400]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-10 202752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-13 177648]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-05-12 76888]
S2 PowerManager;Power Manager; C:\Windows\svchost.exe [2001-08-24 36352]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 257696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-13 177648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2012-05-06 111104]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-05-06 130608]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-05-17 801832]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-02 1255736]

-----------------EOF-----------------

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 14:13
od stell
no Nie RSIT vloz ale log z OTL, malo by byt na C:\_OTLxxx

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 14:18
od Ricmen
Omlouvám se, raději jsem spustil opět v nouzovém režimu, ale pak mě napadlo, že už nebude potřeba. Tu je log z OTL

All processes killed
========== REGISTRY ==========
HKEY_CLASSES_ROOT\.EXE\\@|"exefile" /E : value set successfully!
HKEY_CLASSES_ROOT\.EXE\\"Content Type"|"application/x-msdownload" /E : value set successfully!
HKEY_CLASSES_ROOT\.EXE\PersistentHandler\\@|"{098f2470-bae0-11cd-b579-08002b30bfeb}" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\\@|"Application" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\\"EditFlags"|hex:38,07,00,00 /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\\"FriendlyTypeName"|hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00 /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\DefaultIcon\\@|"%1" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\open\\"EditFlags"|hex:00,00,00,00 /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\open\command\\@|"\"%1\" %*" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\open\command\\"IsolatedCommand"|"\"%1\" %*" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runas\\"HasLUAShield"|"" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runas\command\\@|"\"%1\" %*" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runas\command\\"IsolatedCommand"|"\"%1\" %*" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runasuser\\@|"@shell32.dll,-50944" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runasuser\\"Extended"|"" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runasuser\\"SuppressionPolicyEx"|"{F211AA05-D4DF-4370-A2A0-9F19C09756A7}" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shell\runasuser\command\\"DelegateExecute"|"{ea72d00e-4960-42fa-ba92-7792a7944c1d}" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\\@|"Compatibility" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility\\@|"{1d27f844-3a1f-4410-85ac-14651078412d}" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shellex\DropHandler\\@|"{86C86720-42A0-1069-A2E8-08002B30309D}" /E : value set successfully!
HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps\\@|"{86F19A00-42A0-1069-A2E9-08002B30309D}" /E : value set successfully!
Unable to set value : HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page\\@|"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" /E!
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\UserChoice\ not found.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EXE\OpenWithProgids\\"exefile"|hex(0): /E :invalid edit format. Invalid data type.
========== FILES ==========
C:\Windows\directx.sys moved successfully.
C:\Windows\svchost.com moved successfully.
C:\install.exe moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\Kohoutovi\Downloads\cmd.bat deleted successfully.
C:\Users\Kohoutovi\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
Unable to stop System Restore Service. Error code 1084. Restore points not cleared.
Unable to start System Restore Service. Error code 1084. Restore point not created.
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kohoutovi
->Temp folder emptied: 9735390740 bytes
->Temporary Internet Files folder emptied: 950235831 bytes
->Java cache emptied: 53602556 bytes
->FireFox cache emptied: 780955225 bytes
->Google Chrome cache emptied: 285782616 bytes
->Flash cache emptied: 43294501 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 397830831 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 9041761228 bytes

Total Files Cleaned = 20 303,00 mb


OTL by OldTimer - Version 3.2.43.0 log created on 05192012_150058

Files\Folders moved on Reboot...
C:\Users\Kohoutovi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Kohoutovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Kohoutovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODDU0LU8\afr[1].htm moved successfully.
C:\Users\Kohoutovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODDU0LU8\viewtopic[1].htm moved successfully.

Registry entries deleted on Reboot...

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 14:20
od stell
dobre restartuj pc do windows, a spust Malwarebytes tak ako som napisal, UPLNU kontrolu, log vloz sem, ak daco nepojde pisat.

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 14:59
od Ricmen
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.05.19.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kohoutovi :: KOHOUTOVI-PC [administrátor]

Ochrana: Zakázána

19.5.2012 15:21:19
mbam-log-2012-05-19 (15-58-05).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 360353
Uplynulý čas: 33 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 61
HKLM\SYSTEM\CurrentControlSet\Services\AdobeARMservice (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SYSTEM\CurrentControlSet\Services\PowerManager (Virus.Jeefo) -> Žádná instrukce nebyla provedena.
HKLM\SYSTEM\CurrentControlSet\Services\gupdate (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{7EC41441-2247-4DEC-BBFB-9E798627A17B} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{A16AB1E1-377D-4DF2-8D8A-C9F283857DDC} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SYSTEM\CurrentControlSet\Services\IDriverT (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SYSTEM\CurrentControlSet\Services\MBAMService (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SYSTEM\CurrentControlSet\Services\ServiceLayer (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D25AA91-4560-48C1-96B5-DE22D6707A16}_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{41738EEA-442F-477F-92CF-2889BD6CD7E7} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{D3F22039-E3CF-4FC4-9A30-426A46056B8C} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACRORD32.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{975F2150-DC2B-43F9-B41A-1C1046C68CD1}_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{58F69ADC-13E2-449D-94B1-3D8E94E90584} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{002ED9D1-096A-4A1F-B91C-892CB7128203} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{3147B9F7-D11F-11D4-AB83-00B0D02332EB} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{135F108E-AD38-11D5-ABCD-00B0D02332EB} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{9795D310-2B39-4E89-B714-C363293FCC6C} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{02C0495A-3F58-4701-9913-7E855178A5D9} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{C17E7E12-9C20-4B9C-A225-F79292C58BC9} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{02C6AB74-B563-48B3-9048-9AF5174D955E} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{91814EB1-B5F0-11D2-80B9-00104B1F6CEA} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{A6F53E68-B5B1-4EFB-A97A-2D248265D47B} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{2006900C-451D-4745-BCBA-C7356B0FA104} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{1685E4FD-C72D-4443-807B-9A9BB02F6232} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PunkBusterSvc (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{87686C21-8A15-4b4d-A3F1-11141D9BE094} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{714B928E-0AF6-4167-B3F4-DA46B2360E33} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\giants_editor_4.1.7_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Glest_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{3476FAB2-687F-4EA6-9AC2-88D72DC7D7FC} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hunting Unlimited 3 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{07119BED-86AE-4AE3-97A5-45A118A3F06A} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3108C217-BE83-42E4-AE9E-A56A2A92E549} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB394D95-C049-4EA4-00B3-F866A3357CCD} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Metin2_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{FD34A350-115F-43CA-8D6F-BBD45FD6F828} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{096CD548-0786-11D1-95FA-0080C78EE3BB} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 11.0 (x86 cs) (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{58A2351F-311D-4A17-A9A1-2BFF56292B82} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{55677780-72ED-42BB-A3D6-276A942E4D39} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{980A182F-E0A2-4A40-94C1-AE0C1235902E} (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PSPad editor_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Farm Frenzy 2 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Farm Frenzy: Na rybaření (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Záchranáři v akci (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Castle Strike_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Traktor 2_is1 (Trojan.Agent) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome (Trojan.Agent) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 24
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Adobe ARM (Trojan.Agent) -> Data: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ELECTRONIC ARTS\EADM\CORE.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|EA Core (Trojan.Agent) -> Data: C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\ATISHLX.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCCINSTALL.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CLI.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CLISTART.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\INSTALLSHELL.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\INSTALLSHELL64.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CODEMASTERS\RACEDRIVER\HARDWARESETUP.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CODEMASTERS\RACEDRIVER\PRD.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ADOBEARMHELPER.EXE (Trojan.Agent) -> Data: 2 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\ENGINE\6\INTEL 32\IKERNEL.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\PROFESSIONAL\RUNTIME\11\50\INTEL32\ISBEW64.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\SYSTEM\MSMAPI\1029\CNFNOT32.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\SYSTEM\MSMAPI\1029\SCANOST.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\SYSTEM\MSMAPI\1029\SCANPST.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE11\DSSM.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE11\GRAPH.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE11\MSACCESS.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE11\PROFLWIZ.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE11\1029\MSOHELP.EXE (Trojan.Agent) -> Data: 1 -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 1
HKCR\exefile\shell\open\command| (Broken.OpenCommand) -> Špatný: (C:\Windows\svchost.com "%1" %*) Dobrý: ("%1" %*) -> Žádná instrukce nebyla provedena.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 315
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Windows\svchost.exe (Virus.Jeefo) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\MSOCache\All Users\90000405-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\MSOCache\All Users\90000405-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\OFFCLN.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\MSOCache\All Users\90000405-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\1C Company\A Farewell to Dragons\thegame.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\1C Company\A Farewell to Dragons\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Activision\Call of Duty 2\CoD2MP_s.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Activision\Call of Duty 2\CoD2SP_s.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\64BitMAPIBroker.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\AcroBroker.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\AcroRd32.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\AcroTextExtractor.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\AdobeCollabSync.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\Eula.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\LogTransport2.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Adobe\Reader\Reader\wow_helper.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\AGEIA Technologies\bin\AGEIAPhysXBoxes.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\AGEIA Technologies\bin\TrayIcon.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\ArmyRage.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\vcredist_x86.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Bin\Client.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Bin\Editor.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Bin\nvdxt.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Bin\userTracer.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\HShield\AhnRpt.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\HShield\HsLogMgr.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\HShield\HSUpdate.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\HShield\Update\autoup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Launcher\Launcher.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Launcher\LauncherLoader.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\Launcher\Launcher_En.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\UpdateData\LauncherUpdate\Launcher\Launcher.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Army Rage\UpdateData\LauncherUpdate\Launcher\Launcher_En.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Ask.com\SaUpdate.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Ask.com\UpdateTask.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\LOG.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atishlx.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCCInstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\installShell.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\installShell64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Full-Existing\DXStress.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Full-Existing\MMLoadDrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\CCCDsPreview.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEPrev.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Vista\cccprev.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\ATI Technologies\ATI.ACE\MOM-InstallProxy\MOM.InstallProxy.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Audacity\audacity.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Audacity\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Codemasters\RaceDriver\HardwareSetup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Codemasters\RaceDriver\prd.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriver2.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\ISBEW64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver2.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Java\Java Update\jaucheck.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\MODI\11.0\MSPVIEW.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\OINFOP11.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOICONS.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLED.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\DFUICOM.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\System\MSMAPI\1029\CNFNOT32.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\System\MSMAPI\1029\SCANOST.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Common Files\System\MSMAPI\1029\SCANPST.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Battlefield Play4Free\pbsvc_p4f.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Battlefield Play4Free\Uninstaller.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Battlefield Play4Free\pb\pbsvc_p4f.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\Need for Speed Undercover_code.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\Need for Speed Undercover_uninst.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA SPORTS\F1 2002 WORK IN PROGRESS DEMO\3DConfig.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\EA SPORTS\F1 2002 WORK IN PROGRESS DEMO\F1_2002_Demo.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Electronic Arts\EADM\ProxyInstaller.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Electronic Arts\Need For Speed World\GameLauncher.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Electronic Arts\Need For Speed World\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\G5 Software\Whirlwind of Vietnam\WV.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\G5 Software\Whirlwind of Vietnam\Uninstall\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GameSpy Arcade\fpupdate.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GameSpy Arcade\GSAPak.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GameSpy Arcade\RptCrash.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GameSpy Arcade\UNWISE.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GIANTS Software\GIANTS_Editor_4.1.7\editor.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\GIANTS Software\GIANTS_Editor_4.1.7\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Glest_2.0.0\configurator.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Glest_2.0.0\glest.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Glest_2.0.0\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Google Earth\client\earthflashsol.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Google Earth\client\gpsbabel.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleUpdate.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleUpdateBroker.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleUpdateOnDemand.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleUpdateSetup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\Download\{1D2CF006-DB17-464E-9750-41394B6C8A5E}\GoogleUpdateSetup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.111\GoogleUpdateSetup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\16.0.912.77\chrome_updater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Hunting Unlimited 3\hu3.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Hunting Unlimited 3\prism3d.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Hunting Unlimited 3\uninst.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\InstallShield Installation Information\{07119BED-86AE-4AE3-97A5-45A118A3F06A}\Setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\InstallShield Installation Information\{BB394D95-C049-4EA4-00B3-F866A3357CCD}\Setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\java.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\javacpl.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\javaw.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\javaws.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\jbroker.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\jqs.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\jqsnotify.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Java\jre6\bin\unpack200.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\Basis\program\nsplugin.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-6.0.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-7.1.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-8.0.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\program\soffice.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\share\extensions\pdfimport\xpdfimport.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\URE\bin\regcomp.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\LibreOffice 3.4\URE\bin\uno.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\firefox.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-killer.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\config.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\errorlog.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\metin2.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\metin2_patcher.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\PatchUpdater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\hshield\AhnRpt.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Metin2\hshield\HsLogMgr.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\DSSM.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\GRAPH.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\INFOPATH.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\MSACCESS.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\MSOHTMED.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\MSPUB.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\MSTORDB.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\MSTORE.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\OIS.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\PPTVIEW.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\PROFLWIZ.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\WAVTOASF.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\1029\MSOHELP.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\OFFICE11\1029\UNPACK.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\Office12\Moc.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\Office12\Oice.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Microsoft Office\Office12\PPCNVCOM.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Mozilla Firefox\updater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Connectivity Cable Driver\setupextcmbx64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\7z.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\DeviceUpdaterProcess.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaMTranscodeServer.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuiteHelp.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\MS Outlook Connector\MsOutlookApiProxy.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\MS Outlook Connector\X64\MsOutlookApiProxy.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Nokia\Nokia Suite\Help\NokiaSuiteHelp_cze.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Pando Networks\Media Booster\BsSndRpt.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\DPInst.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\NclInstaller64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclBCBTSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclIrSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclIVTBTSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclToBTSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclToBTSrv64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PSPad editor\PSPad.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PSPad editor\TiDy.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Realtek\Audio\Drivers\RtkUpd64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Farm Frenzy 2\farm2.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Farm Frenzy 2\farm2.wrp.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Farm Frenzy 2\Uninstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Farm Frenzy Gone Fishing\FarmFrenzyGoneFishing.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Farm Frenzy Gone Fishing\FarmFrenzyGoneFishing.wrp.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Farm Frenzy Gone Fishing\Uninstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Rescue Frenzy\RescueFrenzy.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Rescue Frenzy\RescueFrenzy.wrp.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Superhry.cz\Rescue Frenzy\Uninstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\ChromEd.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\CoJ.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\CoJDX10_Benchmark.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\CoJ_DX10.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\protect.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\protect_DX10.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\java.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\javaw.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\jucheck.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\keytool.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\kinit.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\klist.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\ktab.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\orbd.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\policytool.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\rmid.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\rmiregistry.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\servertool.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Call of Juarez\jre\bin\tnameserv.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Xpand Rally\ChromEd.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Xpand Rally\xpandrally.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\Techland\Xpand Rally\jre\bin\jucheck.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\TopCD\Castle Strike\Castlestrike.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\TopCD\Castle Strike\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\VIA\VIAudioi\VDeck\SRSUIx64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\VIA\VIAudioi\VDeck\viaaud.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA0000000001}\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\InstallerService.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\InstallerServiceExec.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\IsPinned.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\pcswpc.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\RepairMplatform.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer\CommonCustomActions\Run_XML6_SP1.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\PnkBstrB.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\TopCD\Traktor 2\FarmingSimulator2011.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\TopCD\Traktor 2\game.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\TopCD\Traktor 2\GDFInstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\TopCD\Traktor 2\unins000.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\TopCD\Traktor 2\dxsetup\DXSETUP.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\TopCD\Traktor 2\sdk\GIANTS_Editor_4.1.7_win32.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\Application\chrome.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\Application\wow_helper.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\Application\18.0.1025.162\chrome_frame_helper.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\Application\18.0.1025.162\chrome_launcher.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\Application\18.0.1025.162\nacl64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\Application\18.0.1025.162\Installer\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\Google\Chrome\User Data\NPAPIFlash\FlashPlayerApp.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\PunkBuster\BFP4F\pb\PnkBstrA.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\PunkBuster\BFP4F\pb\PnkBstrB.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\PunkBuster\UNCO\pb\PnkBstrA.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Local\PunkBuster\UNCO\pb\PnkBstrB.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Roaming\Mozilla\Firefox\Profiles\zeihg06l.default\extensions\battlefieldplay4free@ea.com\plugins\BP4FUpdater.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\AppData\Roaming\Mozilla\Firefox\Profiles\zeihg06l.default\extensions\toolbar@ask.com\chrome\content\issigned.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Desktop\kaja\i_view32.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Desktop\LibreOffice 3.4 (4e546c63) Installation Files\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Desktop\LibreOffice 3.4 (4e546c63) Installation Files\redist\vcredist_x64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Desktop\LibreOffice 3.4 (4e546c63) Installation Files\redist\vcredist_x86.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Desktop\LibreOffice 3.4 (4e546c63) Installation Files – kopie\setup.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Documents\My Games\FarmingSimulator2011\mods\GIANTS_Editor_4.1.7_win32.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\ArmyRage_downloader(1).exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\ArmyRage_downloader.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\audacity-win-1.2.6.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\BHO_Downloader(1).exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\BHO_Downloader.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\Downloader_Metin2_cz (1).exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\Downloader_Metin2_cz (2).exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\Downloader_Metin2_cz.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\OTL.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\pspad456inst_cz.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\RSITx64.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\setup_857.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\Stronghold-Crusader.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\IrfanView\i_view32.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\IrfanView\Plugins\IV_Player.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\IrfanView\Plugins\Slideshow.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Kohoutovi\Downloads\Punske valky CZ\Punské války\Uninstall.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Windows\svchost.com (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\_OTL\MovedFiles\05192012_150058\C_\install.exe (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\_OTL\MovedFiles\05192012_150058\C_Windows\svchost.com (Trojan.Agent) -> Žádná instrukce nebyla provedena.

(konec)

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 15:04
od stell
Ok, nic nemaz, tak ako som tusil, mas tam skaredy virus,
Takze preskoc na AVPTOL, a presne podla navodu dezinfikujes pocitac, a pripoj aj vsetko co pouzivas cez USB, Flash.

AVPTOOL sprav komplet v Nudzovom rezime, pravdepodobne mas 100-vky suborov infikovanych, no uvidime, precitaj pozorne navod a po skonceni skenu, log vloz sem.

Re: Firefox -> BSOD

Napsal: 19 kvě 2012 23:22
od Ricmen
Mnohokrát děkuji za pomoc. Udělán krátký proces. :closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz