Zdravím
o včera mi Windows Defender vyhadzuje hlášku o potenciálne škodlivom softvéri, po jeho odstránení vyskočí hláška, že problém je odstránený a je potrebný reštart a v zápäti na spodnej lište pribudne nová hláška o potenciálne škodlivom softvéri.
Ďakujem
Tu je log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Zdeno at 17:15:54 on 2013-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.7884.6074 [GMT 1:00]
.
AV: Panda Internet Security 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\totalcmd\TOTALCMD64.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mrk.cz/
uSearch Bar = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uSearch Page = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mStart Page = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
mSearch Bar = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mSearch Page = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uURLSearchHooks: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
mURLSearchHooks: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
mWinlogon: Userinit = userinit.exe
BHO: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll
BHO: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {a9ff5a45-b433-4940-9299-de737a9c11f6} - {0de094f5-e894-48c7-b16f-338d64674721}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
TCP: NameServer = 195.68.234.1 195.68.234.10
TCP: Interfaces\{C1160917-EB48-4951-B02D-3EF8BAE57715} : DHCPNameServer = 195.68.234.1 195.68.234.10
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.oracle.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Notify: avldr - avldr64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-08 22:16; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF - ExtSQL: 2013-02-03 16:12; 50dc36f17f225@50dc36f17f25e.com; C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\50dc36f17f225@50dc36f17f25e.com
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-7 16152]
R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2012-12-23 30792]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2012-12-23 48136]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2012-12-23 65608]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2012-12-23 129096]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-8 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-11-8 149120]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2012-12-23 82952]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2012-12-23 31752]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2012-12-23 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2012-12-23 170504]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrlS.exe [2012-12-23 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-12-23 202016]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2012-12-23 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2012-12-23 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\psksvc.exe [2012-12-23 28992]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-19 3467768]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2012-12-23 74760]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-7 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-7 786200]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\System32\drivers\n64i1644.sys [2012-12-23 216648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-7 646248]
S1 zcgmrgvp;zcgmrgvp;C:\Windows\System32\drivers\zcgmrgvp.sys [2013-2-13 49872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-11-8 24368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-7 30208]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-7 1255736]
SUnknown xmomqbdt;xmomqbdt; [x]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .vbs: VBSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .js: JSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .jse: JSEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .wsf: WSFFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-02-13 15:40:54 49872 ----a-w- C:\Windows\System32\drivers\zcgmrgvp.sys
2013-02-13 15:17:41 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\offreg.dll
2013-02-12 16:21:00 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\mpengine.dll
2013-02-03 16:32:50 -------- d-----w- C:\Users\Zdeno\AppData\Local\Microsoft Games
2013-01-31 16:00:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 16:50:32 -------- d-----w- C:\ProgramData\NFS Underground
2013-01-26 08:05:34 -------- d-----w- C:\Users\Zdeno\.jfreereport
.
==================== Find3M ====================
.
2013-02-08 16:47:30 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:47:30 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-23 09:58:08 15928 ----a-w- C:\Windows\System32\drivers\COMFiltr.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 10:20:53 545056 ----a-w- C:\Windows\SysWow64\PavSHookWow.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-16 10:08:27 837920 ----a-w- C:\Windows\System32\PavSHook64.dll
.
============= FINISH: 17:16:52,57 ===============
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Výstraha Windows Defendeer
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Zdravím!
Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Zdravím
po spustení adwcleaneru sa otvorí okno:
Po kliknutí na OK otvorí:
http://general-changelog-team.fr/fr/dow ... adwcleaner
a tu akosi nevím kudy kam
po spustení adwcleaneru sa otvorí okno:
Po kliknutí na OK otvorí:
http://general-changelog-team.fr/fr/dow ... adwcleaner
a tu akosi nevím kudy kam
- Přílohy
-
- adwc.jpg (25.3 KiB) Zobrazeno 2372 x
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Klikněte na >Zrušiť< a ADW by se měl rozběhnout.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Zdravím
tu je ten log:
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 20:52:59
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeno - ZDENO-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeno\Downloads\AdwCleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\END
File Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Conduit.xml
File Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Web Search.xml
Folder Found : C:\Program Files (x86)\Ashampoo_US
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\CertifiedToolbar
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Protected Search
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Folder Found : C:\ProgramData\SaveByclick
Folder Found : C:\Users\Zdeno\AppData\Local\Conduit
Folder Found : C:\Users\Zdeno\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\Zdeno\AppData\LocalLow\Ashampoo_US
Folder Found : C:\Users\Zdeno\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Zdeno\AppData\LocalLow\CertifiedToolbar
Folder Found : C:\Users\Zdeno\AppData\LocalLow\Conduit
Folder Found : C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar
Folder Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\toolbar@ask.com
Folder Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\Smartbar
Folder Found : C:\Users\Zdeno\AppData\Roaming\pdfforge
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\Ashampoo_US
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\Ashampoo_US
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\wtb.Band
Key Found : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFBAECC-7E9B-4097-903D-E90E47330A53}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FB1C02-8750-45AF-B948-F7A38EC19D35}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_US Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-1178636279-3580483858-1665276810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
-\\ Mozilla Firefox v16.0.2 (sk)
File : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\prefs.js
Found : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Found : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Found : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2481032.FirstTime", "true");
Found : user_pref("CT2481032.FirstTimeFF3", "true");
Found : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Found : user_pref("CT2481032.UserID", "UN83050124433052774");
Found : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2481032.autoDisableScopes", -1);
Found : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2481032.cbcountry_001", "SK");
Found : user_pref("CT2481032.cbfirsttime", "Thu Nov 08 2012 11:07:29 GMT+0100");
Found : user_pref("CT2481032.defaultSearch", "true");
Found : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2481032.enableAlerts", "false");
Found : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Found : user_pref("CT2481032.firstTimeDialogOpened", "true");
Found : user_pref("CT2481032.fixPageNotFoundError", "true");
Found : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2481032.fixUrls", true);
Found : user_pref("CT2481032.installId", "conduitnsisintegration");
Found : user_pref("CT2481032.installType", "conduitnsisintegration");
Found : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.isNewTabEnabled", true);
Found : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2481032.keyword", true);
Found : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Found : user_pref("CT2481032.openThankYouPage", "false");
Found : user_pref("CT2481032.openUninstallPage", "false");
Found : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Found : user_pref("CT2481032.search.searchCount", "0");
Found : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1352369249107");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1352369249149");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13523692491[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1352369249441"[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1352369249124");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1352369249083")[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1352369249209"[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1352369249484");
Found : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352369246381");
Found : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1352369246138");
Found : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352369247192");
Found : user_pref("CT2481032.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352369247596");
Found : user_pref("CT2481032.serviceLayer_services_optimizer_lastUpdate", "1352369246389");
Found : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352369247384");
Found : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1352369245775");
Found : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1352369245503");
Found : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352369246297");
Found : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1352369245819");
Found : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1352369246143");
Found : user_pref("CT2481032.settingsINI", true);
Found : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Found : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Found : user_pref("CT2481032.smartbar.Uninstall", "0");
Found : user_pref("CT2481032.smartbar.homepage", true);
Found : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Found : user_pref("CT2481032.toolbarBornServerTime", "8-11-2012");
Found : user_pref("CT2481032.toolbarCurrentServerTime", "8-11-2012");
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=1[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("browser.search.selectedEngine", "Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=33953&home=true&tid=29[...]
Found : user_pref("extensions.50dc36f17f2d2.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Found : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=");
*************************
AdwCleaner[R1].txt - [18185 octets] - [13/02/2013 20:52:59]
########## EOF - C:\AdwCleaner[R1].txt - [18246 octets] ##########
tu je ten log:
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 20:52:59
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeno - ZDENO-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeno\Downloads\AdwCleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\END
File Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Conduit.xml
File Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Web Search.xml
Folder Found : C:\Program Files (x86)\Ashampoo_US
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\CertifiedToolbar
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Protected Search
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Folder Found : C:\ProgramData\SaveByclick
Folder Found : C:\Users\Zdeno\AppData\Local\Conduit
Folder Found : C:\Users\Zdeno\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\Zdeno\AppData\LocalLow\Ashampoo_US
Folder Found : C:\Users\Zdeno\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Zdeno\AppData\LocalLow\CertifiedToolbar
Folder Found : C:\Users\Zdeno\AppData\LocalLow\Conduit
Folder Found : C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar
Folder Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\toolbar@ask.com
Folder Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\Smartbar
Folder Found : C:\Users\Zdeno\AppData\Roaming\pdfforge
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\Ashampoo_US
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\Ashampoo_US
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\wtb.Band
Key Found : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFBAECC-7E9B-4097-903D-E90E47330A53}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FB1C02-8750-45AF-B948-F7A38EC19D35}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_US Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-1178636279-3580483858-1665276810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
-\\ Mozilla Firefox v16.0.2 (sk)
File : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\prefs.js
Found : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Found : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Found : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2481032.FirstTime", "true");
Found : user_pref("CT2481032.FirstTimeFF3", "true");
Found : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Found : user_pref("CT2481032.UserID", "UN83050124433052774");
Found : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2481032.autoDisableScopes", -1);
Found : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2481032.cbcountry_001", "SK");
Found : user_pref("CT2481032.cbfirsttime", "Thu Nov 08 2012 11:07:29 GMT+0100");
Found : user_pref("CT2481032.defaultSearch", "true");
Found : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2481032.enableAlerts", "false");
Found : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Found : user_pref("CT2481032.firstTimeDialogOpened", "true");
Found : user_pref("CT2481032.fixPageNotFoundError", "true");
Found : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2481032.fixUrls", true);
Found : user_pref("CT2481032.installId", "conduitnsisintegration");
Found : user_pref("CT2481032.installType", "conduitnsisintegration");
Found : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.isNewTabEnabled", true);
Found : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2481032.keyword", true);
Found : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Found : user_pref("CT2481032.openThankYouPage", "false");
Found : user_pref("CT2481032.openUninstallPage", "false");
Found : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Found : user_pref("CT2481032.search.searchCount", "0");
Found : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1352369249107");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1352369249149");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13523692491[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1352369249441"[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1352369249124");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1352369249083")[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1352369249209"[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1352369249484");
Found : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352369246381");
Found : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1352369246138");
Found : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352369247192");
Found : user_pref("CT2481032.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352369247596");
Found : user_pref("CT2481032.serviceLayer_services_optimizer_lastUpdate", "1352369246389");
Found : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352369247384");
Found : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1352369245775");
Found : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1352369245503");
Found : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352369246297");
Found : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1352369245819");
Found : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1352369246143");
Found : user_pref("CT2481032.settingsINI", true);
Found : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Found : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Found : user_pref("CT2481032.smartbar.Uninstall", "0");
Found : user_pref("CT2481032.smartbar.homepage", true);
Found : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Found : user_pref("CT2481032.toolbarBornServerTime", "8-11-2012");
Found : user_pref("CT2481032.toolbarCurrentServerTime", "8-11-2012");
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=1[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("browser.search.selectedEngine", "Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=33953&home=true&tid=29[...]
Found : user_pref("extensions.50dc36f17f2d2.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Found : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=");
*************************
AdwCleaner[R1].txt - [18185 octets] - [13/02/2013 20:52:59]
########## EOF - C:\AdwCleaner[R1].txt - [18246 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Tu je (po reštarte PC):
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 21:34:02
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeno - ZDENO-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeno\Downloads\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\END
File Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files (x86)\Ashampoo_US
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\CertifiedToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Folder Deleted : C:\ProgramData\SaveByclick
Folder Deleted : C:\Users\Zdeno\AppData\Local\Conduit
Folder Deleted : C:\Users\Zdeno\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\Ashampoo_US
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\CertifiedToolbar
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\Smartbar
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\pdfforge
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\Ashampoo_US
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Ashampoo_US
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFBAECC-7E9B-4097-903D-E90E47330A53}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FB1C02-8750-45AF-B948-F7A38EC19D35}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_US Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.2 (sk)
File : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\prefs.js
Deleted : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2481032.FirstTime", "true");
Deleted : user_pref("CT2481032.FirstTimeFF3", "true");
Deleted : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Deleted : user_pref("CT2481032.UserID", "UN83050124433052774");
Deleted : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2481032.autoDisableScopes", -1);
Deleted : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2481032.cbcountry_001", "SK");
Deleted : user_pref("CT2481032.cbfirsttime", "Thu Nov 08 2012 11:07:29 GMT+0100");
Deleted : user_pref("CT2481032.defaultSearch", "true");
Deleted : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2481032.enableAlerts", "false");
Deleted : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2481032.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2481032.fixPageNotFoundError", "true");
Deleted : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2481032.fixUrls", true);
Deleted : user_pref("CT2481032.installId", "conduitnsisintegration");
Deleted : user_pref("CT2481032.installType", "conduitnsisintegration");
Deleted : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.isNewTabEnabled", true);
Deleted : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2481032.keyword", true);
Deleted : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Deleted : user_pref("CT2481032.openThankYouPage", "false");
Deleted : user_pref("CT2481032.openUninstallPage", "false");
Deleted : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Deleted : user_pref("CT2481032.search.searchCount", "0");
Deleted : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1352369249107");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1352369249149");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13523692491[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1352369249441"[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1352369249124");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1352369249083")[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1352369249209"[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1352369249484");
Deleted : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352369246381");
Deleted : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1352369246138");
Deleted : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352369247192");
Deleted : user_pref("CT2481032.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352369247596");
Deleted : user_pref("CT2481032.serviceLayer_services_optimizer_lastUpdate", "1352369246389");
Deleted : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352369247384");
Deleted : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1352369245775");
Deleted : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1352369245503");
Deleted : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352369246297");
Deleted : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1352369245819");
Deleted : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1352369246143");
Deleted : user_pref("CT2481032.settingsINI", true);
Deleted : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Deleted : user_pref("CT2481032.smartbar.Uninstall", "0");
Deleted : user_pref("CT2481032.smartbar.homepage", true);
Deleted : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Deleted : user_pref("CT2481032.toolbarBornServerTime", "8-11-2012");
Deleted : user_pref("CT2481032.toolbarCurrentServerTime", "8-11-2012");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=33953&home=true&tid=29[...]
Deleted : user_pref("extensions.50dc36f17f2d2.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=");
*************************
AdwCleaner[R1].txt - [18296 octets] - [13/02/2013 20:52:59]
AdwCleaner[S1].txt - [19152 octets] - [13/02/2013 21:34:02]
########## EOF - C:\AdwCleaner[S1].txt - [19213 octets] ##########
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 21:34:02
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeno - ZDENO-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeno\Downloads\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\END
File Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files (x86)\Ashampoo_US
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\CertifiedToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Folder Deleted : C:\ProgramData\SaveByclick
Folder Deleted : C:\Users\Zdeno\AppData\Local\Conduit
Folder Deleted : C:\Users\Zdeno\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\Ashampoo_US
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\CertifiedToolbar
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\Smartbar
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\pdfforge
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\Ashampoo_US
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Ashampoo_US
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFBAECC-7E9B-4097-903D-E90E47330A53}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FB1C02-8750-45AF-B948-F7A38EC19D35}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_US Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.2 (sk)
File : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\prefs.js
Deleted : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2481032.FirstTime", "true");
Deleted : user_pref("CT2481032.FirstTimeFF3", "true");
Deleted : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Deleted : user_pref("CT2481032.UserID", "UN83050124433052774");
Deleted : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2481032.autoDisableScopes", -1);
Deleted : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2481032.cbcountry_001", "SK");
Deleted : user_pref("CT2481032.cbfirsttime", "Thu Nov 08 2012 11:07:29 GMT+0100");
Deleted : user_pref("CT2481032.defaultSearch", "true");
Deleted : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2481032.enableAlerts", "false");
Deleted : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2481032.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2481032.fixPageNotFoundError", "true");
Deleted : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2481032.fixUrls", true);
Deleted : user_pref("CT2481032.installId", "conduitnsisintegration");
Deleted : user_pref("CT2481032.installType", "conduitnsisintegration");
Deleted : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.isNewTabEnabled", true);
Deleted : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2481032.keyword", true);
Deleted : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Deleted : user_pref("CT2481032.openThankYouPage", "false");
Deleted : user_pref("CT2481032.openUninstallPage", "false");
Deleted : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Deleted : user_pref("CT2481032.search.searchCount", "0");
Deleted : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1352369249107");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1352369249149");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13523692491[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1352369249441"[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1352369249124");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1352369249083")[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1352369249209"[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1352369249484");
Deleted : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352369246381");
Deleted : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1352369246138");
Deleted : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352369247192");
Deleted : user_pref("CT2481032.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352369247596");
Deleted : user_pref("CT2481032.serviceLayer_services_optimizer_lastUpdate", "1352369246389");
Deleted : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352369247384");
Deleted : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1352369245775");
Deleted : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1352369245503");
Deleted : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352369246297");
Deleted : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1352369245819");
Deleted : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1352369246143");
Deleted : user_pref("CT2481032.settingsINI", true);
Deleted : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Deleted : user_pref("CT2481032.smartbar.Uninstall", "0");
Deleted : user_pref("CT2481032.smartbar.homepage", true);
Deleted : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Deleted : user_pref("CT2481032.toolbarBornServerTime", "8-11-2012");
Deleted : user_pref("CT2481032.toolbarCurrentServerTime", "8-11-2012");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=33953&home=true&tid=29[...]
Deleted : user_pref("extensions.50dc36f17f2d2.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=");
*************************
AdwCleaner[R1].txt - [18296 octets] - [13/02/2013 20:52:59]
AdwCleaner[S1].txt - [19152 octets] - [13/02/2013 21:34:02]
########## EOF - C:\AdwCleaner[S1].txt - [19213 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Tu je:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Zdeno at 21:42:22 on 2013-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.7884.6040 [GMT 1:00]
.
AV: Panda Internet Security 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\totalcmd\TOTALCMD64.EXE
C:\Windows\system32\wbem\wmiprvse.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mrk.cz/
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} -
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {a9ff5a45-b433-4940-9299-de737a9c11f6} - {0de094f5-e894-48c7-b16f-338d64674721}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
TCP: NameServer = 195.68.234.1 195.68.234.10
TCP: Interfaces\{C1160917-EB48-4951-B02D-3EF8BAE57715} : DHCPNameServer = 195.68.234.1 195.68.234.10
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.oracle.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Notify: avldr - avldr64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-08 22:16; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF - ExtSQL: 2013-02-03 16:12; 50dc36f17f225@50dc36f17f25e.com; C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\50dc36f17f225@50dc36f17f25e.com
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-7 16152]
R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2012-12-23 30792]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2012-12-23 48136]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2012-12-23 65608]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2012-12-23 129096]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-8 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-11-8 149120]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2012-12-23 82952]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2012-12-23 31752]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2012-12-23 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2012-12-23 170504]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrlS.exe [2012-12-23 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-12-23 202016]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2012-12-23 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2012-12-23 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\psksvc.exe [2012-12-23 28992]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-19 3467768]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2012-12-23 74760]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-7 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-7 786200]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\System32\drivers\n64i1644.sys [2012-12-23 216648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-7 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-11-8 24368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-7 30208]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-7 1255736]
SUnknown zcgmrgvp;zcgmrgvp; [x]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .vbs: VBSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .js: JSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .jse: JSEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .wsf: WSFFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-02-13 20:38:28 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\offreg.dll
2013-02-12 16:21:00 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\mpengine.dll
2013-02-03 16:32:50 -------- d-----w- C:\Users\Zdeno\AppData\Local\Microsoft Games
2013-01-31 16:00:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 16:50:32 -------- d-----w- C:\ProgramData\NFS Underground
2013-01-26 08:05:34 -------- d-----w- C:\Users\Zdeno\.jfreereport
.
==================== Find3M ====================
.
2013-02-08 16:47:30 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:47:30 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-23 09:58:08 15928 ----a-w- C:\Windows\System32\drivers\COMFiltr.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 10:20:53 545056 ----a-w- C:\Windows\SysWow64\PavSHookWow.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-16 10:08:27 837920 ----a-w- C:\Windows\System32\PavSHook64.dll
.
============= FINISH: 21:42:46,06 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Zdeno at 21:42:22 on 2013-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.7884.6040 [GMT 1:00]
.
AV: Panda Internet Security 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\totalcmd\TOTALCMD64.EXE
C:\Windows\system32\wbem\wmiprvse.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mrk.cz/
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} -
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {a9ff5a45-b433-4940-9299-de737a9c11f6} - {0de094f5-e894-48c7-b16f-338d64674721}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
TCP: NameServer = 195.68.234.1 195.68.234.10
TCP: Interfaces\{C1160917-EB48-4951-B02D-3EF8BAE57715} : DHCPNameServer = 195.68.234.1 195.68.234.10
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.oracle.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Notify: avldr - avldr64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-08 22:16; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF - ExtSQL: 2013-02-03 16:12; 50dc36f17f225@50dc36f17f25e.com; C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\50dc36f17f225@50dc36f17f25e.com
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-7 16152]
R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2012-12-23 30792]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2012-12-23 48136]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2012-12-23 65608]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2012-12-23 129096]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-8 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-11-8 149120]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2012-12-23 82952]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2012-12-23 31752]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2012-12-23 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2012-12-23 170504]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrlS.exe [2012-12-23 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-12-23 202016]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2012-12-23 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2012-12-23 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\psksvc.exe [2012-12-23 28992]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-19 3467768]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2012-12-23 74760]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-7 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-7 786200]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\System32\drivers\n64i1644.sys [2012-12-23 216648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-7 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-11-8 24368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-7 30208]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-7 1255736]
SUnknown zcgmrgvp;zcgmrgvp; [x]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .vbs: VBSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .js: JSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .jse: JSEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .wsf: WSFFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-02-13 20:38:28 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\offreg.dll
2013-02-12 16:21:00 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\mpengine.dll
2013-02-03 16:32:50 -------- d-----w- C:\Users\Zdeno\AppData\Local\Microsoft Games
2013-01-31 16:00:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 16:50:32 -------- d-----w- C:\ProgramData\NFS Underground
2013-01-26 08:05:34 -------- d-----w- C:\Users\Zdeno\.jfreereport
.
==================== Find3M ====================
.
2013-02-08 16:47:30 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:47:30 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-23 09:58:08 15928 ----a-w- C:\Windows\System32\drivers\COMFiltr.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 10:20:53 545056 ----a-w- C:\Windows\SysWow64\PavSHookWow.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-16 10:08:27 837920 ----a-w- C:\Windows\System32\PavSHook64.dll
.
============= FINISH: 21:42:46,06 ===============
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Potřebuji log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 , nikoli DDS.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Logfile of random's system information tool 1.09 (written by random/random)
Run by Zdeno at 2013-02-13 21:46:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 908 GB (95%) free of 955 GB
Total RAM: 7884 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:34, on 13. 2. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Program Files\trend micro\Zdeno.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mrk.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {a9ff5a45-b433-4940-9299-de737a9c11f6} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9592 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe" oso_XGCGLR
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"taskhost.exe"
taskeng.exe {51E3EE04-4876-4751-BB12-3EB2E5D8681D}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe"
"C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[S1].txt
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe" /s
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:4856 CREDAT:145409
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe" C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\totalcmd\TOTALCMD64.EXE"
C:\Windows\System32\svchost.exe -k swprv
taskeng.exe {541628CA-D409-4C09-9BFE-2BE20F4262E6}
"D:\Install\viry_cz\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default
prefs.js - "browser.search.useDBForOrder" - false
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
Web Search.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\
50dc36f17f225@50dc36f17f25e.com
{624ad42d-e714-46b4-843e-c7094f740b0f}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0de094f5-e894-48c7-b16f-338d64674721}]
Certified Toolbar - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22 91784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-12 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0de094f5-e894-48c7-b16f-338d64674721} - Certified Toolbar - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2012-11-22 731784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-22 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-22 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-22 441888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-09-25 724576]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\qttask.exe [2012-12-01 421888]
"APVXDWIN"=C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE [2011-04-13 1000768]
"SCANINICIO"=C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe [2011-02-02 70464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\Windows\system32\avldr64.dll [2010-03-24 64768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-22 441344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.vbs - open - C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-02-13 21:46:22 ----D---- C:\rsit
2013-02-13 21:46:22 ----D---- C:\Program Files\trend micro
2013-02-13 21:34:02 ----A---- C:\AdwCleaner[S1].txt
2013-02-13 20:52:59 ----A---- C:\AdwCleaner[R1].txt
2013-01-31 17:00:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-01-31 17:00:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-01-31 17:00:50 ----A---- C:\Windows\SYSWOW64\java.exe
2013-01-26 17:50:32 ----D---- C:\ProgramData\NFS Underground
2013-01-26 17:49:11 ----A---- C:\Windows\EAConfigInfo.txt
2013-01-16 17:56:52 ----D---- C:\Windows\Sun
======List of files/folders modified in the last 1 month======
2013-02-13 21:46:34 ----D---- C:\Windows\Prefetch
2013-02-13 21:46:29 ----D---- C:\Windows\Temp
2013-02-13 21:46:23 ----D---- C:\Windows\system32\drivers
2013-02-13 21:46:22 ----RD---- C:\Program Files
2013-02-13 21:44:48 ----D---- C:\Windows\system32\catroot2
2013-02-13 21:44:48 ----D---- C:\Windows\system32\catroot
2013-02-13 21:42:11 ----D---- C:\Windows\System32
2013-02-13 21:42:11 ----D---- C:\Windows\inf
2013-02-13 21:42:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-13 21:38:52 ----D---- C:\Windows\system32\config
2013-02-13 21:36:22 ----D---- C:\Windows\system32\drivers\etc
2013-02-13 21:34:09 ----SHD---- C:\Windows\Installer
2013-02-13 21:34:09 ----RD---- C:\Program Files (x86)
2013-02-13 21:34:09 ----HD---- C:\ProgramData
2013-02-13 20:41:12 ----D---- C:\Users\Zdeno\AppData\Roaming\gtk-2.0
2013-02-13 17:07:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-12 20:09:55 ----SHD---- C:\System Volume Information
2013-02-09 09:16:29 ----A---- C:\Windows\win.ini
2013-02-08 17:48:06 ----D---- C:\Windows\SysWOW64
2013-02-08 17:47:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-02 17:04:50 ----D---- C:\Windows\Downloaded Program Files
2013-01-31 17:00:50 ----D---- C:\Program Files (x86)\Java
2013-01-26 17:49:11 ----D---- C:\Windows
2013-01-21 18:25:40 ----SHD---- C:\$Recycle.Bin
2013-01-19 09:12:59 ----D---- C:\Windows\system32\Tasks
2013-01-19 09:12:35 ----RSD---- C:\Windows\Fonts
2013-01-19 09:12:29 ----D---- C:\Program Files (x86)\TeamViewer
2013-01-17 22:08:29 ----SD---- C:\Users\Zdeno\AppData\Roaming\Microsoft
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 pavboot;Panda boot driver; C:\Windows\system32\Drivers\pavboot64.sys [2010-06-22 30792]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 ShldFlt;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShldFlt.sys [2009-10-27 48136]
R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm6460.sys [2010-05-21 65608]
R2 APPFLT;App Filter Plugin; \??\C:\Windows\system32\Drivers\APPFLT64.SYS [2011-01-31 129096]
R2 ComFiltr;Panda Anti-Dialer; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin; \??\C:\Windows\system32\Drivers\DSAFLT64.SYS [2009-09-25 82952]
R2 FNETMON;NetMon Filter Plugin; \??\C:\Windows\system32\Drivers\fnetm64.SYS [2009-09-25 31752]
R2 IDSFLT;Ids Filter Plugin; \??\C:\Windows\system32\Drivers\IDSFLT64.SYS [2010-09-09 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\Windows\system32\Drivers\NETTDI64.SYS [2009-09-25 170504]
R2 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\Windows\system32\Drivers\WNMFLT64.SYS [2009-09-25 74760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-22 5332896]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44; C:\Windows\system32\DRIVERS\n64i1644.sys [2010-09-01 216648]
R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\syswow64\PavTPK.sys []
R3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe [2009-08-10 173312]
R2 PAVFNSVR;Panda Function Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-10-17 202016]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2010-06-04 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-09-25 474208]
R2 PSHost;Panda Host Service; c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE [2009-11-26 226560]
R2 PSIMSVC;Panda IManager Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe [2010-08-16 28992]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 TPSrv;Panda TPSrv; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe [2012-11-16 173344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-22 277024]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-07 1255736]
-----------------EOF-----------------
Run by Zdeno at 2013-02-13 21:46:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 908 GB (95%) free of 955 GB
Total RAM: 7884 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:34, on 13. 2. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Program Files\trend micro\Zdeno.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mrk.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {a9ff5a45-b433-4940-9299-de737a9c11f6} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9592 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe" oso_XGCGLR
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"taskhost.exe"
taskeng.exe {51E3EE04-4876-4751-BB12-3EB2E5D8681D}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe"
"C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[S1].txt
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe" /s
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:4856 CREDAT:145409
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe" C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\totalcmd\TOTALCMD64.EXE"
C:\Windows\System32\svchost.exe -k swprv
taskeng.exe {541628CA-D409-4C09-9BFE-2BE20F4262E6}
"D:\Install\viry_cz\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default
prefs.js - "browser.search.useDBForOrder" - false
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
Web Search.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\
50dc36f17f225@50dc36f17f25e.com
{624ad42d-e714-46b4-843e-c7094f740b0f}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0de094f5-e894-48c7-b16f-338d64674721}]
Certified Toolbar - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22 91784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-12 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0de094f5-e894-48c7-b16f-338d64674721} - Certified Toolbar - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2012-11-22 731784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-22 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-22 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-22 441888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-09-25 724576]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\qttask.exe [2012-12-01 421888]
"APVXDWIN"=C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE [2011-04-13 1000768]
"SCANINICIO"=C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe [2011-02-02 70464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\Windows\system32\avldr64.dll [2010-03-24 64768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-22 441344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.vbs - open - C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-02-13 21:46:22 ----D---- C:\rsit
2013-02-13 21:46:22 ----D---- C:\Program Files\trend micro
2013-02-13 21:34:02 ----A---- C:\AdwCleaner[S1].txt
2013-02-13 20:52:59 ----A---- C:\AdwCleaner[R1].txt
2013-01-31 17:00:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-01-31 17:00:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-01-31 17:00:50 ----A---- C:\Windows\SYSWOW64\java.exe
2013-01-26 17:50:32 ----D---- C:\ProgramData\NFS Underground
2013-01-26 17:49:11 ----A---- C:\Windows\EAConfigInfo.txt
2013-01-16 17:56:52 ----D---- C:\Windows\Sun
======List of files/folders modified in the last 1 month======
2013-02-13 21:46:34 ----D---- C:\Windows\Prefetch
2013-02-13 21:46:29 ----D---- C:\Windows\Temp
2013-02-13 21:46:23 ----D---- C:\Windows\system32\drivers
2013-02-13 21:46:22 ----RD---- C:\Program Files
2013-02-13 21:44:48 ----D---- C:\Windows\system32\catroot2
2013-02-13 21:44:48 ----D---- C:\Windows\system32\catroot
2013-02-13 21:42:11 ----D---- C:\Windows\System32
2013-02-13 21:42:11 ----D---- C:\Windows\inf
2013-02-13 21:42:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-13 21:38:52 ----D---- C:\Windows\system32\config
2013-02-13 21:36:22 ----D---- C:\Windows\system32\drivers\etc
2013-02-13 21:34:09 ----SHD---- C:\Windows\Installer
2013-02-13 21:34:09 ----RD---- C:\Program Files (x86)
2013-02-13 21:34:09 ----HD---- C:\ProgramData
2013-02-13 20:41:12 ----D---- C:\Users\Zdeno\AppData\Roaming\gtk-2.0
2013-02-13 17:07:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-12 20:09:55 ----SHD---- C:\System Volume Information
2013-02-09 09:16:29 ----A---- C:\Windows\win.ini
2013-02-08 17:48:06 ----D---- C:\Windows\SysWOW64
2013-02-08 17:47:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-02 17:04:50 ----D---- C:\Windows\Downloaded Program Files
2013-01-31 17:00:50 ----D---- C:\Program Files (x86)\Java
2013-01-26 17:49:11 ----D---- C:\Windows
2013-01-21 18:25:40 ----SHD---- C:\$Recycle.Bin
2013-01-19 09:12:59 ----D---- C:\Windows\system32\Tasks
2013-01-19 09:12:35 ----RSD---- C:\Windows\Fonts
2013-01-19 09:12:29 ----D---- C:\Program Files (x86)\TeamViewer
2013-01-17 22:08:29 ----SD---- C:\Users\Zdeno\AppData\Roaming\Microsoft
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 pavboot;Panda boot driver; C:\Windows\system32\Drivers\pavboot64.sys [2010-06-22 30792]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 ShldFlt;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShldFlt.sys [2009-10-27 48136]
R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm6460.sys [2010-05-21 65608]
R2 APPFLT;App Filter Plugin; \??\C:\Windows\system32\Drivers\APPFLT64.SYS [2011-01-31 129096]
R2 ComFiltr;Panda Anti-Dialer; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin; \??\C:\Windows\system32\Drivers\DSAFLT64.SYS [2009-09-25 82952]
R2 FNETMON;NetMon Filter Plugin; \??\C:\Windows\system32\Drivers\fnetm64.SYS [2009-09-25 31752]
R2 IDSFLT;Ids Filter Plugin; \??\C:\Windows\system32\Drivers\IDSFLT64.SYS [2010-09-09 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\Windows\system32\Drivers\NETTDI64.SYS [2009-09-25 170504]
R2 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\Windows\system32\Drivers\WNMFLT64.SYS [2009-09-25 74760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-22 5332896]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44; C:\Windows\system32\DRIVERS\n64i1644.sys [2010-09-01 216648]
R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\syswow64\PavTPK.sys []
R3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe [2009-08-10 173312]
R2 PAVFNSVR;Panda Function Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-10-17 202016]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2010-06-04 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-09-25 474208]
R2 PSHost;Panda Host Service; c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE [2009-11-26 226560]
R2 PSIMSVC;Panda IManager Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe [2010-08-16 28992]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 TPSrv;Panda TPSrv; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe [2012-11-16 173344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-22 277024]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-07 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Dvouklikem na soubor C:\Program Files\trend micro\Zdeno.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O2 - BHO: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O3 - Toolbar: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Zdravím
no som opäť pri stroji. Medzi tým však bol stroj vypnutý a pred vypnutím sa aktualizoval windows. Z toho posledného pokynu mi nieje jasné čo to je OTM?
no som opäť pri stroji. Medzi tým však bol stroj vypnutý a pred vypnutím sa aktualizoval windows. Z toho posledného pokynu mi nieje jasné čo to je OTM?
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Výstraha Windows Defendeer
Pardon, chyba kopírování. Proveďte pouze toto:
Klikněte na >FixChecked< a restartujte PC. OTM je mazací utilita, kterou jsme nepoužili. Omlouvám se.
Klikněte na >FixChecked< a restartujte PC. OTM je mazací utilita, kterou jsme nepoužili. Omlouvám se.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Výstraha Windows Defendeer
Zdravím
takže som to spravil tak ako je popísané v predchádzajúcom príspevku.
takže som to spravil tak ako je popísané v predchádzajúcom príspevku.
Přispějete na provoz fóra?