pomoc s vyčištěním PC

Sekce věnovaná virům a jiným škodlivým kódům, rovněž ale nástrojům, kterým se lze proti nim bránit…

Moderátoři: Mods_senior, Security team

Odpovědět
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 08:52

ahoj, spustila jsem Spyware Terminator a našel toho požehnaně. Potřebuji poradit, co mohu smazat a jak to mám nenávratně smazat. Nechala jsem běžet i Ccleaner, ten však nic nenašel :smile: děkuji za pomoc

Logfile of Spyware Terminator v2.8.0.18 (db:1.000.000.000)
Scan Time: 27/04/2011 7:51:09 length: 2091 s
Platform: WXP (5.1.0.2600)
Scan type: Full_Virus__Spyware_Scan
Scanned Objects: 40696 (Critical:283)
Filter: No System items, No Safe items, No Invalid items
Running Processes
nvsvc32.exe [NVIDIA Corporation] : D:\WINDOWS\system32\nvsvc32.exe
avgchsvx.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgchsvx.exe
avgrsx.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgrsx.exe
avgcsrvx.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgcsrvx.exe
steam.exe [Valve Corporation] : D:\Program Files\steam 3\steam.exe
avgwdsvc.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgwdsvc.exe
avgnsx.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgnsx.exe
jqs.exe [Sun Microsystems, Inc.] : D:\Program Files\Java\jre6\bin\jqs.exe
LSSrvc.exe [Hewlett-Packard Company] : D:\Program Files\Common Files\LightScribe\LSSrvc.exe
PnkBstrA.exe : D:\WINDOWS\system32\PnkBstrA.exe
scanquery123.exe : D:\Documents and Settings\All Users\Data aplikací\ScanQuery\scanquery123.exe
avgemc.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgemc.exe
avgcsrvx.exe [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgcsrvx.exe
scanquery.exe : D:\Program Files\ScanQuery\scanquery.exe
SpywareTerminatorUpdate.exe [Crawler.com] : D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60342
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60342
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60342
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60342
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60342
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - [Adobe Systems Incorporated] : D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
02 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgssie.dll
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - [Sun Microsystems, Inc.] : D:\Program Files\Java\jre6\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - [Sun Microsystems, Inc.] : D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Steam : [Valve Corporation] : D:\Program Files\steam 3\steam.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uninstall_CToolbar : [Crawler.com] : D:\Documents and Settings\home\Local Settings\Temp\CUninst.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SpywareTerminatorUpdate : [Crawler.com] : D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateSched : [Sun Microsystems, Inc.] : D:\Program Files\Common Files\JAVA\JAVA UPDATE\JUSCHED.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVG9_TRAY : [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgtray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSPM Startup : [InstallShield Software Corporation] : D:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ISUSScheduler : [InstallShield Software Corporation] : D:\Program Files\Common Files\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe Reader Speed Launcher : [Adobe Systems Incorporated] : D:\Program Files\ADOBE\READER 10.0\READER\READER_SL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe ARM : [Adobe Systems Incorporated] : D:\Program Files\Common Files\ADOBE\ARM\1.0\ADOBEARM.EXE
04 - Startup: %STARTUP%\OpenOffice.org 3.2.lnk : D:\Program Files\OpenOffice.org 3\program\quickstart.exe

Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : D:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : D:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : D:\WINDOWS\system32\nvshell.dll
7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [Igor Pavlov] : D:\Program Files\7-Zip\7-zip.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - [Alexander Roshal] : D:\Program Files\WinRAR\rarext.dll
AVG Shell Extension Class - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgse.dll
Haali Matroska Shell Property Page - {5574006C-28F5-4a65-A28C-74DE6BFBE0BB} - : D:\Program Files\Combined Community Codec Pack - matroska\Filters\Haali\mmfinfo.dll
- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} - [OpenOffice.org] : D:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
- {087B3AE3-E237-4467-B8DB-5A38AB959AC9} - [OpenOffice.org] : D:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
- {63542C48-9552-494A-84F7-73AA6A7C99C1} - [OpenOffice.org] : D:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
- {3B092F0C-7696-40E3-A80F-68D74DA84210} - [OpenOffice.org] : D:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
PDF-XChange PDF Preview Provider - {CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} - [Tracker Software Products Ltd.] : D:\Program Files\pdfviewer\Shell Extensions\XCShInfo.dll
PDF-XChange PDF Property Handler - {67EB453C-1BE1-48EC-AAF3-23B10277FCC1} - [Tracker Software Products Ltd.] : D:\Program Files\pdfviewer\Shell Extensions\XCShInfo.dll
PDF-XChange PDF Thumbnail Provider - {EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} - [Tracker Software Products Ltd.] : D:\Program Files\pdfviewer\Shell Extensions\XCShInfo.dll
PXCPreviewHandlerXP Class - {5B043439-4F53-436E-8CFE-28F80934DBE6} - [Tracker Software Products Ltd.] : D:\Program Files\PDFVIEWER\SHELL EXTENSIONS\PXCPREVHOST.EXE

Protocol Handler
XPLPPFilter Class - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgpp.dll
IEProtocolHandler Class - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - [Skype Technologies] : D:\Program Files\Common Files\Skype\Skype4COM.dll

Services
23 - : D:\WINDOWS\system32\DRIVERS\atksgt.sys
23 - [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgemc.exe
23 - [AVG Technologies CZ, s.r.o.] : D:\Program Files\AVG\AVG9\avgwdsvc.exe
23 - [AVG Technologies CZ, s.r.o.] : D:\WINDOWS\system32\Drivers\avgldx86.sys
23 - [AVG Technologies CZ, s.r.o.] : D:\WINDOWS\system32\Drivers\avgmfx86.sys
23 - [AVG Technologies CZ, s.r.o.] : D:\WINDOWS\system32\Drivers\avgtdix.sys
23 - [Eutron] : D:\WINDOWS\system32\Drivers\eusk2par.sys
23 - [Realtek Semiconductor Corp.] : D:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [Sun Microsystems, Inc.] : D:\Program Files\Java\jre6\bin\jqs.exe
23 - [Hewlett-Packard Company] : D:\Program Files\Common Files\LightScribe\LSSrvc.exe
23 - : D:\WINDOWS\system32\DRIVERS\lirsgt.sys
23 - [NVIDIA Corporation] : D:\WINDOWS\system32\nvsvc32.exe
23 - [VSO Software] : D:\WINDOWS\system32\Drivers\Pcouffin.sys
23 - : D:\WINDOWS\system32\PnkBstrA.exe
23 - [Realtek Semiconductor Corporation] : D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23 - : D:\Documents and Settings\All Users\Data aplikací\ScanQuery\scanquery123.exe
23 - [Protection Technology (StarForce)] : D:\WINDOWS\system32\drivers\sfdrv01.sys
23 - [Protection Technology (StarForce)] : D:\WINDOWS\system32\drivers\sfhlp02.sys
23 - [Protection Technology (StarForce)] : D:\WINDOWS\system32\drivers\sfsync04.sys
23 - [Protection Technology (StarForce)] : D:\WINDOWS\system32\drivers\sfvfs02.sys
23 - [Crawler.com] : D:\WINDOWS\system32\drivers\sp_rsdrv2.sys

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter, DLLName : [AVG Technologies CZ, s.r.o.] : D:\WINDOWS\system32\avgrsstx.dll
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32, DLLName : : D:\WINDOWS\system32\cryptnet32.dll

Threat Files
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gimp-2.6.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gimp-2.6.exe
<Fakesec-310> : D:\Documents and Settings\All Users\Nabídka Start\Programy\GIMP\GIMP 2.lnk
<Trojan.Fakesec-310> : D:\Documents and Settings\All Users\Nabídka Start\Programy\GIMP\GIMP 2.lnk
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
<Heuristics.Broken.Executable> : D:\Documents and Settings\All Users\Nabídka Start\Programy\Skype\Skype.lnk
<Heuristics.Broken.Executable> : D:\Documents and Settings\All Users\Nabídka Start\Programy\Skype\Skype.lnk
<Zwinky-MWS> : D:\Program Files\FunWebProducts\ScreenSaver\Images\00FF0F2A.urr
<Zwinky-MWS> : D:\Program Files\FunWebProducts\ScreenSaver\Images\00FF961D.urr
<Zwinky-MWS> : D:\Program Files\FunWebProducts\ScreenSaver\Images\010050F1.dat
<Zwinky-MWS> : D:\Program Files\FunWebProducts\ScreenSaver\Images\01019827.dat
<Zwinky-MWS> : D:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst
<Zwinky-MWS> : D:\Program Files\FunWebProducts\Shared\00F6EB8C.dat
<GenericFF-1> : D:\Program Files\Blender Foundation\Blender\vcomp90.dll
<Trojan.GenericFF-1> : D:\Program Files\Blender Foundation\Blender\vcomp90.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gimp-console-2.6.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gimp-console-2.6.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gspawn-win32-helper-console.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gspawn-win32-helper-console.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gspawn-win32-helper.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\gspawn-win32-helper.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\intl.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\intl.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libasprintf-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libasprintf-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libcairo-2.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libcairo-2.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimp-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimp-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpbase-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpbase-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpcolor-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpcolor-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpconfig-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpconfig-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpmath-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpmath-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpmodule-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpmodule-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpthumb-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpthumb-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpui-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpui-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpwidgets-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgimpwidgets-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgio-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgio-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libglib-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libglib-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgmodule-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgmodule-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgobject-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgobject-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgthread-2.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libgthread-2.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpango-1.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpango-1.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpangocairo-1.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpangocairo-1.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpangoft2-1.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpangoft2-1.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpangowin32-1.0-0.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpangowin32-1.0-0.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpng14-14.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libpng14-14.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libtiff-3.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libtiff-3.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libtiffxx-3.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\libtiffxx-3.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\bin\pango-querymodules.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\bin\pango-querymodules.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcolor-selector-cmyk.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcolor-selector-cmyk.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcolor-selector-water.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcolor-selector-water.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcolor-selector-wheel.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcolor-selector-wheel.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcontroller-dx-dinput.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libcontroller-dx-dinput.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-color-blind.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-color-blind.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-gamma.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-gamma.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-high-contrast.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-high-contrast.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-proof.dll
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\libdisplay-filter-proof.dll
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\alien-map.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\alien-map.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\align-layers.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\align-layers.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\animation-optimize.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\animation-optimize.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\animation-play.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\animation-play.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\antialias.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\antialias.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\apply-canvas.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\apply-canvas.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blinds.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blinds.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur-gauss-selective.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur-gauss-selective.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur-gauss.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur-gauss.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur-motion.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur-motion.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\blur.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\border-average.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\border-average.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\bump-map.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\bump-map.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\cartoon.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\cartoon.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\channel-mixer.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\channel-mixer.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\checkerboard.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\checkerboard.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\cml-explorer.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\cml-explorer.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-cube-analyze.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-cube-analyze.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-enhance.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-enhance.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-exchange.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-exchange.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-rotate.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-rotate.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-to-alpha.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\color-to-alpha.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\colorify.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\colorify.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\colormap-remap.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\colormap-remap.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\compose.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\compose.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-normalize.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-normalize.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-retinex.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-retinex.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-stretch-hsv.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-stretch-hsv.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-stretch.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\contrast-stretch.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\convolution-matrix.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\convolution-matrix.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\crop-auto.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\crop-auto.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\crop-zealous.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\crop-zealous.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\cubism.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\cubism.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\curve-bend.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\curve-bend.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\decompose.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\decompose.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\deinterlace.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\deinterlace.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\depth-merge.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\depth-merge.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\despeckle.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\despeckle.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\destripe.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\destripe.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\diffraction.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\diffraction.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\displace.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\displace.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-dog.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-dog.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-laplace.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-laplace.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-neon.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-neon.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-sobel.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge-sobel.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\edge.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\emboss.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\emboss.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\engrave.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\engrave.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-bmp.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-bmp.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-cel.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-cel.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-compressor.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-compressor.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-csource.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-csource.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-desktop-link.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-desktop-link.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-dicom.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-dicom.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-faxg3.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-faxg3.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-fits.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-fits.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-fli.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-fli.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gbr.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gbr.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gif-load.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gif-load.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gif-save.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gif-save.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gih.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-gih.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-glob.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-glob.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-header.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-header.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-html-table.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-html-table.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-ico.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-ico.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-jpeg.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-jpeg.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-mng.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-mng.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pat.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pat.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pcx.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pcx.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pdf.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pdf.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pix.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pix.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-png.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-png.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pnm.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-pnm.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-ps.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-ps.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-psd-load.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-psd-load.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-psd-save.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-psd-save.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-psp.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-psp.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-raw.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-raw.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-sgi.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-sgi.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-sunras.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-sunras.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-svg.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-svg.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-tga.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-tga.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-tiff-load.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-tiff-load.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-tiff-save.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-tiff-save.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-uri.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-uri.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-wmf.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-wmf.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-xbm.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-xbm.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-xpm.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-xpm.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-xwd.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\file-xwd.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\film.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\film.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\filter-pack.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\filter-pack.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\flame.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\flame.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\fractal-explorer.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\fractal-explorer.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\fractal-trace.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\fractal-trace.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gee-zoom.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gee-zoom.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gee.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gee.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gfig.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gfig.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gimpressionist.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gimpressionist.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gradient-flare.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gradient-flare.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gradient-map.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\gradient-map.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\grid.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\grid.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\guillotine.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\guillotine.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\help.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\help.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\hot.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\hot.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\ifs-compose.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\ifs-compose.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\illusion.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\illusion.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\imagemap.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\imagemap.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\iwarp.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\iwarp.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\jigsaw.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\jigsaw.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lcms.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lcms.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lens-apply.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lens-apply.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lens-distortion.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lens-distortion.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lens-flare.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lens-flare.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lighting.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\lighting.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\map-object.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\map-object.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\max-rgb.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\max-rgb.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\maze.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\maze.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\metadata.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\metadata.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\mosaic.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\mosaic.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\newsprint.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\newsprint.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\nl-filter.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\nl-filter.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-hsv.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-hsv.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-randomize.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-randomize.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-rgb.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-rgb.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-solid.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-solid.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-spread.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\noise-spread.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\nova.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\nova.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\oilify.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\oilify.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\pagecurl.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\pagecurl.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\photocopy.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\photocopy.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\pixelize.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\pixelize.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\plasma.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\plasma.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\plugin-browser.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\plugin-browser.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\polar-coords.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\polar-coords.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\print.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\print.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\procedure-browser.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\procedure-browser.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\qbist.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\qbist.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\red-eye-removal.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\red-eye-removal.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\ripple.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\ripple.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\rotate.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\rotate.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sample-colorize.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sample-colorize.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\selection-to-path.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\selection-to-path.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\semi-flatten.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\semi-flatten.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sharpen.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sharpen.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\shift.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\shift.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sinus.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sinus.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\smooth-palette.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\smooth-palette.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\softglow.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\softglow.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sparkle.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sparkle.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sphere-designer.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\sphere-designer.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\threshold-alpha.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\threshold-alpha.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-glass.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-glass.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-paper.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-paper.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-seamless.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-seamless.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-small.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile-small.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\tile.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\twain.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\twain.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\unit-editor.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\unit-editor.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\unsharp-mask.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\unsharp-mask.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\value-invert.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\value-invert.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\value-propagate.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\value-propagate.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\van-gogh-lic.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\van-gogh-lic.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\video.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\video.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\warp.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\warp.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\waves.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\waves.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\web-browser.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\web-browser.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\whirl-pinch.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\whirl-pinch.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\win-snap.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\win-snap.exe
<Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\wind.exe
<Trojan.Fakesec-310> : D:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\wind.exe
<GenericFF-1> : D:\WINDOWS\$hf_mig$\KB956572\SP3GDR\pdh.dll
<Trojan.GenericFF-1> : D:\WINDOWS\$hf_mig$\KB956572\SP3GDR\pdh.dll
<GenericFF-1> : D:\WINDOWS\$NtUninstallKB956572_0$\pdh.dll
<Trojan.GenericFF-1> : D:\WINDOWS\$NtUninstallKB956572_0$\pdh.dll
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\18e3a1.msi
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\18e3a1.msi
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\33feee.msi
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\33feee.msi
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\654e77.msi
<Heuristics.Broken.Executable> : D:\WINDOWS\Installer\654e77.msi
<Heuristics.Broken.Executable> : D:\WINDOWS\SoftwareDistribution\Download\2eee68619c5f7a06948777b7b3e0aad67a116337
<Heuristics.Broken.Executable> : D:\WINDOWS\SoftwareDistribution\Download\2eee68619c5f7a06948777b7b3e0aad67a116337
<Heuristics.Broken.Executable> : D:\WINDOWS\SoftwareDistribution\Download\379a7c74048e2729720459d20e32a05f832dd29e
<Heuristics.Broken.Executable> : D:\WINDOWS\SoftwareDistribution\Download\379a7c74048e2729720459d20e32a05f832dd29e
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dhcpmon.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dhcpmon.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\fxswzrd.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\fxswzrd.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\grpconv.exe
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\grpconv.exe
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ieakeng.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ieakeng.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lang\imekrcic.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lang\imekrcic.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\msident.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\msident.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\msoobe.exe
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\msoobe.exe
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\olecli32.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\olecli32.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\pdh.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\pdh.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfloppy.sys
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfloppy.sys
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\snmpapi.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\snmpapi.dll
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\unimdmat.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\unimdmat.dll
<Heuristics.Broken.Executable> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\update.sys
<Heuristics.Broken.Executable> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\update.sys
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wmplayer.exe
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wmplayer.exe
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wscript.exe
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wscript.exe
<GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\xrxwiadr.dll
<Trojan.GenericFF-1> : D:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\xrxwiadr.dll
<GenericFF-1> : D:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
<Trojan.GenericFF-1> : D:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
<Heuristics.Broken.Executable> : e:\Programy\install_centrum_cz_icq7.exe
<Heuristics.Broken.Executable> : e:\Programy\install_centrum_cz_icq7.exe
<Heuristics.Broken.Executable> : e:\Programy\install_icq7.exe
<Heuristics.Broken.Executable> : e:\Programy\install_icq7.exe
<Heuristics.Broken.Executable> : e:\Programy\mozilla-win32-1.7.13-installer.exe
<Heuristics.Broken.Executable> : e:\Programy\mozilla-win32-1.7.13-installer.exe
<Heuristics.Broken.Executable> : e:\Programy\total comd 750\tcmd750a.exe
<Heuristics.Broken.Executable> : e:\Programy\total comd 750\tcmd750a.exe
<GenericFF-1> : l:\Program Files\Windows Media Player\wmplayer.exe
<Trojan.GenericFF-1> : l:\Program Files\Windows Media Player\wmplayer.exe
<Heuristics.Broken.Executable> : l:\programs\TeamViewer VZDÁLENÉ OVLÁDÁNÍ PC_Setup.exe
<Heuristics.Broken.Executable> : l:\programs\TeamViewer VZDÁLENÉ OVLÁDÁNÍ PC_Setup.exe
<GenericFF-1> : l:\WINDOWS\explorer.exe
<Trojan.GenericFF-1> : l:\WINDOWS\explorer.exe
<GenericFF-1> : l:\WINDOWS\system32\dllcache\explorer.exe
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\explorer.exe
<GenericFF-1> : l:\WINDOWS\system32\dllcache\fxswzrd.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\fxswzrd.dll
<GenericFF-1> : l:\WINDOWS\system32\dllcache\grpconv.exe
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\grpconv.exe
<GenericFF-1> : l:\WINDOWS\system32\dllcache\ieakeng.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\ieakeng.dll
<GenericFF-1> : l:\WINDOWS\system32\dllcache\imekrcic.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\imekrcic.dll
<GenericFF-1> : l:\WINDOWS\system32\dllcache\msident.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\msident.dll
<GenericFF-1> : l:\WINDOWS\system32\dllcache\mup.sys
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\mup.sys
<GenericFF-1> : l:\WINDOWS\system32\dllcache\pdh.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\pdh.dll
<GenericFF-1> : l:\WINDOWS\system32\dllcache\snmpapi.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\snmpapi.dll
<GenericFF-1> : l:\WINDOWS\system32\dllcache\unimdmat.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\unimdmat.dll
<Heuristics.Broken.Executable> : l:\WINDOWS\system32\dllcache\update.sys
<Heuristics.Broken.Executable> : l:\WINDOWS\system32\dllcache\update.sys
<GenericFF-1> : l:\WINDOWS\system32\dllcache\wmplayer.exe
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\wmplayer.exe
<GenericFF-1> : l:\WINDOWS\system32\dllcache\wscript.exe
<Trojan.GenericFF-1> : l:\WINDOWS\system32\dllcache\wscript.exe
<GenericFF-1> : l:\WINDOWS\system32\drivers\mup.sys
<Trojan.GenericFF-1> : l:\WINDOWS\system32\drivers\mup.sys
<GenericFF-1> : l:\WINDOWS\system32\drivers\sfloppy.sys
<Trojan.GenericFF-1> : l:\WINDOWS\system32\drivers\sfloppy.sys
<Heuristics.Broken.Executable> : l:\WINDOWS\system32\drivers\update.sys
<Heuristics.Broken.Executable> : l:\WINDOWS\system32\drivers\update.sys
<GenericFF-1> : l:\WINDOWS\system32\grpconv.exe
<Trojan.GenericFF-1> : l:\WINDOWS\system32\grpconv.exe
<GenericFF-1> : l:\WINDOWS\system32\ieakeng.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\ieakeng.dll
<GenericFF-1> : l:\WINDOWS\system32\msident.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\msident.dll
<GenericFF-1> : l:\WINDOWS\system32\pdh.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\pdh.dll
<GenericFF-1> : l:\WINDOWS\system32\snmpapi.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\snmpapi.dll
<GenericFF-1> : l:\WINDOWS\system32\unimdmat.dll
<Trojan.GenericFF-1> : l:\WINDOWS\system32\unimdmat.dll
<GenericFF-1> : l:\WINDOWS\system32\wscript.exe
<Trojan.GenericFF-1> : l:\WINDOWS\system32\wscript.exe
Nahoru
Reklama
Top
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod Žbeky » 27 dub 2011 09:07

ST odinstaluj a dej sem log z programu HJT
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 10:20

děkuji za reakci a za radu, však potřebuji poradit takovým způsobem, abych to pochopila. Tolik se v tomto oboru nepohybuji. Mám odinstalovat ST - co to je? HJT bude zřejmě HiJackThis? Díky
Nahoru
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 10:25

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:24:14, on 27/04/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\PROGRA~1\AVG\AVG9\avgtray.exe
D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\steam 3\steam.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Program Files\AVG\AVG9\avgwdsvc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\AVG\AVG9\avgnsx.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Documents and Settings\All Users\Data aplikací\ScanQuery\scanquery123.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\AVG\AVG9\avgemc.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\Program Files\ScanQuery\scanquery.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Common Files\Java\Java Update\jucheck.exe
E:\Programy\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60342
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60342
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60342
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60342
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60342
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60342
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "D:\Program Files\steam 3\steam.exe" -silent
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{535F5670-A59D-4529-AEE8-713D5CE616CC}: NameServer = 10.102.0.1,10.102.0.2
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ScanQuery Service - Unknown owner - D:\Documents and Settings\All Users\Data aplikací\ScanQuery\scanquery123.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - D:\WINDOWS\system32\sfrem01.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8817 bytes
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod Žbeky » 27 dub 2011 13:22

ST = Spyware terminator

Proč sis to zamkla?

V HJT fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60342
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60342
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60342
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60342
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60342
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60342
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] D:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 14:33

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 6456

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

27/04/2011 14:29:23
mbam-log-2011-04-27 (14-29-12).txt

Typ kontroly: Rychlý test
Testované objekty: 137303
Uplynulý čas: 1 minut, 57 sekund

Infikované procesy v paměti: 2
Infikované moduly v paměti: 2
Infikované klíče v registru: 37
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 18
Infikované soubory: 20

Infikované procesy v paměti:
d:\documents and settings\all users\data aplikací\scanquery\scanquery123.exe (Adware.Agent.Gen) -> 976 -> No action taken.
d:\program files\scanquery\scanquery.exe (Adware.Agent.Gen) -> 2768 -> No action taken.

Infikované moduly v paměti:
d:\program files\scanquery\scanquery.dll (Adware.Agent.Gen) -> No action taken.
d:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> No action taken.

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ScanQuery Service (Adware.Agent.Gen) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\KOO9RV9K4Z (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ScanQuery (Adware.ScanQuery) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScanQuery (Adware.ScanQuery) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SCANQUERY_SERVICE (Adware.ScanQuery) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790773B576595034A990 (Malware.Trace) -> Value: SRS_IT_E8790773B576595034A990 -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
d:\documents and settings\home\data aplikací\funwebproducts (Adware.MyWebSearch) -> No action taken.
d:\documents and settings\home\data aplikací\funwebproducts\Data (Adware.MyWebSearch) -> No action taken.
d:\documents and settings\home\data aplikací\funwebproducts\Data\home (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver\Images\101x135 (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch\bar (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64} (Adware.ScanQuery) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome (Adware.ScanQuery) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults (Adware.ScanQuery) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences (Adware.ScanQuery) -> No action taken.
d:\program files\scanquery (Adware.ScanQuery) -> No action taken.
d:\documents and settings\all users\data aplikací\scanquery (Adware.ScanQuery) -> No action taken.

Infikované soubory:
d:\program files\scanquery\scanquery.dll (Adware.Agent.Gen) -> No action taken.
d:\documents and settings\all users\data aplikací\scanquery\scanquery123.exe (Adware.Agent.Gen) -> No action taken.
d:\program files\scanquery\scanquery.exe (Adware.Agent.Gen) -> No action taken.
d:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> No action taken.
d:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> No action taken.
d:\WINDOWS\Tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) -> No action taken.
d:\program files\funwebproducts\screensaver\Images\00FF0F2A.urr (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver\Images\00FF961D.urr (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver\Images\010050F1.dat (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver\Images\01019827.dat (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\screensaver\Images\wrkparam.lst (Adware.MyWebSearch) -> No action taken.
d:\program files\funwebproducts\Shared\00F6EB8C.dat (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch\bar\Settings\s_FeatCk.dat (Adware.MyWebSearch) -> No action taken.
d:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome.manifest (Adware.ScanQuery) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\install.rdf (Adware.ScanQuery) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome\scanquery.jar (Adware.ScanQuery) -> No action taken.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> No action taken.
d:\program files\scanquery\uninstall.exe (Adware.ScanQuery) -> No action taken.
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod Žbeky » 27 dub 2011 14:53

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 15:08

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6456

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

27/04/2011 15:08:14
mbam-log-2011-04-27 (15-08-14).txt

Typ kontroly: Rychlý test
Testované objekty: 137317
Uplynulý čas: 3 minut, 2 sekund

Infikované procesy v paměti: 2
Infikované moduly v paměti: 2
Infikované klíče v registru: 37
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 18
Infikované soubory: 21

Infikované procesy v paměti:
d:\documents and settings\all users\data aplikací\scanquery\scanquery123.exe (Adware.Agent.Gen) -> 340 -> Unloaded process successfully.
d:\program files\scanquery\scanquery.exe (Adware.Agent.Gen) -> 3040 -> Unloaded process successfully.

Infikované moduly v paměti:
d:\program files\scanquery\scanquery.dll (Adware.Agent.Gen) -> Delete on reboot.
d:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ScanQuery Service (Adware.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\KOO9RV9K4Z (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScanQuery (Adware.ScanQuery) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SCANQUERY_SERVICE (Adware.ScanQuery) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790773B576595034A990 (Malware.Trace) -> Value: SRS_IT_E8790773B576595034A990 -> Quarantined and deleted successfully.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
d:\documents and settings\home\data aplikací\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\documents and settings\home\data aplikací\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\documents and settings\home\data aplikací\funwebproducts\Data\home (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images\101x135 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64} (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\scanquery (Adware.ScanQuery) -> Delete on reboot.
d:\documents and settings\all users\data aplikací\scanquery (Adware.ScanQuery) -> Quarantined and deleted successfully.

Infikované soubory:
d:\program files\scanquery\scanquery.dll (Adware.Agent.Gen) -> Delete on reboot.
d:\documents and settings\all users\data aplikací\scanquery\scanquery123.exe (Adware.Agent.Gen) -> Quarantined and deleted successfully.
d:\program files\scanquery\scanquery.exe (Adware.Agent.Gen) -> Quarantined and deleted successfully.
d:\WINDOWS\system32\crt.dat (Malware.Trace) -> Quarantined and deleted successfully.
d:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.
d:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
d:\WINDOWS\Tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images\00FF0F2A.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images\00FF961D.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images\010050F1.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images\01019827.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\screensaver\Images\wrkparam.lst (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\funwebproducts\Shared\00F6EB8C.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\Settings\s_FeatCk.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome.manifest (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\install.rdf (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\chrome\scanquery.jar (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\mozilla firefox\extensions\{de9265d8-d55d-4286-9dc4-f8d8a0ca2f64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> Quarantined and deleted successfully.
d:\program files\scanquery\uninstall.exe (Adware.ScanQuery) -> Quarantined and deleted successfully.
Nahoru
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 15:22

combofix nainstalovat nejde, pokud bych plně neodinstalovala avg. rezidentní štít je vypnutý.
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod Žbeky » 27 dub 2011 16:15

AVG odinstaluj, stejně nemáš nejaktuálnější verzi
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
kollara
nováček
Příspěvky: 7
Registrován: duben 11
Pohlaví: Žena
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod kollara » 27 dub 2011 16:39

nejde mi odstranit...hlásí : Tento počítač: instalace selhala
Instalace:
Chyba: Selhala akce pro klíč registru HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows: vytváření registrového klíče....
Přístup je odepřen.
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: pomoc s vyčištěním PC

Příspěvekod Žbeky » 27 dub 2011 17:53

Stáhni si AVG Remover http://www.avg.com/us-en/download-tools
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Odpovědět

Zpět na “Viry, antiviry, firewally…”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 1 host