Prosím o kontrolu logu. Avast mi našel Dropper gen a nevím jestli ho zcela odstranil. Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by toshiba at 2014-04-18 11:20:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (10%) free of 610 GB
Total RAM: 6126 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:48, on 18.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\GIGABYTE\U7300 Utilities\CONRCtl.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\toshiba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A& ... 65-115&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Remote Control.lnk = C:\Program Files (x86)\GIGABYTE\U7300 Utilities\CONRCtl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: XoftSpy AntiVirus Pro (SBAMSvc) - Unknown owner - C:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\SBAMSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9725 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"taskhost.exe"
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe"
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 488
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\GIGABYTE\U7300 Utilities\CONRCtl.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
"C:\Stahování\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
=========Mozilla firefox=========
ProfilePath - C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\extensions\
{0AF2132C-D508-1D6C-F240-7AAAB6C9E66D}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\searchplugins\
Ask.xml
askcom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-01 724512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-01 597816]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-02-14 1564992]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT]
C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2011-05-09 2750376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-01 3854640]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-02-14 311616]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Remote Control.lnk - C:\Program Files (x86)\GIGABYTE\U7300 Utilities\CONRCtl.exe
C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-18 11:20:41 ----D---- C:\rsit
2014-04-18 11:20:41 ----D---- C:\Program Files\trend micro
2014-04-18 10:14:36 ----A---- C:\Windows\system32\drivers\SbFwIm.sys
2014-04-18 10:14:21 ----D---- C:\ProgramData\ParetoLogic
2014-04-18 09:33:25 ----A---- C:\autoexec.bat
2014-04-18 09:32:47 ----D---- C:\Program Files\Enigma Software Group
2014-04-18 09:31:42 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-18 06:54:49 ----D---- C:\Users\toshiba\AppData\Roaming\Samsung
2014-04-18 06:53:26 ----D---- C:\Program Files (x86)\MyFree Codec
2014-04-18 06:52:30 ----A---- C:\Windows\SYSWOW64\secman.dll
2014-04-18 06:52:28 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2014-04-18 06:51:44 ----D---- C:\ProgramData\Samsung
2014-04-18 06:51:44 ----D---- C:\Program Files (x86)\Samsung
2014-04-09 19:34:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-09 19:34:03 ----A---- C:\Windows\system32\mshtml.dll
2014-04-09 19:32:21 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 19:32:21 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 19:32:21 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 19:32:20 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 19:32:20 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 19:32:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 19:32:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 19:32:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 19:32:16 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 19:32:16 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 19:32:16 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 19:32:16 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 19:32:16 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 19:32:14 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 19:32:14 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 19:32:14 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 19:32:13 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-01 08:47:11 ----A---- C:\Windows\avastSS.scr
2014-03-30 21:11:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-04-18 11:20:43 ----D---- C:\Windows\Temp
2014-04-18 11:20:41 ----RD---- C:\Program Files
2014-04-18 11:19:47 ----D---- C:\Stahování
2014-04-18 11:10:56 ----D---- C:\ProgramData\Datamngr
2014-04-18 11:07:07 ----D---- C:\Windows\system32\config
2014-04-18 10:56:04 ----D---- C:\Windows\Minidump
2014-04-18 10:55:35 ----D---- C:\Windows
2014-04-18 10:55:30 ----SHD---- C:\Config.Msi
2014-04-18 10:39:23 ----D---- C:\Windows\Tasks
2014-04-18 10:39:23 ----D---- C:\Windows\system32\Tasks
2014-04-18 10:39:23 ----D---- C:\Program Files (x86)\Common Files
2014-04-18 10:39:20 ----RD---- C:\Program Files (x86)
2014-04-18 10:39:17 ----SHD---- C:\Windows\Installer
2014-04-18 10:39:16 ----D---- C:\Windows\SysWOW64
2014-04-18 10:39:16 ----D---- C:\Windows\system32\drivers
2014-04-18 10:19:46 ----SD---- C:\Users\toshiba\AppData\Roaming\Microsoft
2014-04-18 10:18:44 ----SHD---- C:\System Volume Information
2014-04-18 10:14:42 ----D---- C:\Windows\inf
2014-04-18 10:14:41 ----D---- C:\Windows\system32\DriverStore
2014-04-18 10:14:41 ----D---- C:\Windows\system32\catroot
2014-04-18 10:14:21 ----HD---- C:\ProgramData
2014-04-18 09:16:44 ----D---- C:\Windows\System32
2014-04-18 09:16:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-18 08:39:02 ----D---- C:\Install
2014-04-18 07:11:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-18 06:54:24 ----D---- C:\Windows\Microsoft.NET
2014-04-18 06:52:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-17 12:02:31 ----D---- C:\Windows\Prefetch
2014-04-16 22:17:24 ----D---- C:\Hry inst
2014-04-16 21:58:32 ----D---- C:\Filmy
2014-04-15 16:00:41 ----D---- C:\Windows\system32\NDF
2014-04-10 14:41:43 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-04-10 11:13:27 ----D---- C:\Windows\rescache
2014-04-10 09:02:06 ----D---- C:\Windows\winsxs
2014-04-10 08:59:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-10 08:59:53 ----D---- C:\Windows\system32\cs-CZ
2014-04-10 08:59:45 ----D---- C:\Windows\AppPatch
2014-04-09 23:20:36 ----D---- C:\Windows\system32\MRT
2014-04-09 23:19:17 ----A---- C:\Windows\system32\MRT.exe
2014-04-09 19:31:22 ----D---- C:\Windows\system32\catroot2
2014-04-01 08:47:14 ----A---- C:\Windows\system32\aswBoot.exe
2014-03-31 23:24:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-22 08:35:03 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-07-11 35936]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-01 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-01 208928]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2009-07-08 30008]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-11-26 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-11-26 28216]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-12-06 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-01 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-01 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-01 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-02 283200]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg [2014-04-09 36216]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-01 79184]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-01 84816]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-07-11 3802112]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2013-02-21 1576576]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2013-02-21 15416]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-11 118352]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-11-26 115272]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-07-11 194848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-07-11 262872]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-07-11 33008]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-09 868848]
S1 prodrv03;Star Force copy protection driver v3; C:\Windows\System32\drivers\prodrv03.sys []
S3 Accelerometer;HP Accelerometer; C:\Windows\system32\drivers\Accelerometer.sys [2009-07-08 41272]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-08-05 716800]
S3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 rimmptsk;rimmptsk; C:\Windows\system32\drivers\rimmpx64.sys [2009-06-25 67584]
S3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [2012-02-24 22800]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-01 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2014-04-09 3545088]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 877856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-29 76888]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-10-02 2324216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-27 116648]
S2 SBAMSvc;XoftSpy AntiVirus Pro; C:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\SBAMSvc.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-18 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-27 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Dropper gen
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119537
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dropper gen
Zdravím!
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dropper gen
posílám ten log. Nejdou mi nainstalovat 2 aktualizace
<?xml version="1.0" encoding="UTF-16"?>
-<mbam-log>
-<header>
<date>2014/04/18 20:05:07 +0200</date>
<log>mbam-log-2014-04-18 (19-50-19).xml</log>
<isadmin>yes</isadmin>
</header>
-<engine>
<version>2.00.1.1004</version>
<rules-database>v2014.04.18.07</rules-database>
<swissarmy-database>v2014.03.27.01</swissarmy-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
-<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>toshiba</username>
<filesys>NTFS</filesys>
</system>
-<summary>
<type>threat</type>
<result>completed</result>
<objects>260017</objects>
<time>887</time>
<processes>3</processes>
<modules>11</modules>
<keys>20</keys>
<values>2</values>
<datas>0</datas>
<folders>6</folders>
<files>40</files>
<sectors>0</sectors>
</summary>
-<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<shuriken>enabled</shuriken>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
-<items>
-<process>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<pid>2064</pid>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</process>
-<process>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<pid>2368</pid>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</process>
-<process>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<pid>2408</pid>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</process>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<key>
<path>HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\DATAMNGR</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>587789a22952bf776a17a5dcec16a759</hash>
</key>
-<key>
<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</key>
-<key>
<path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr</path>
<vendor>PUP.Optional.DataMngr.A</vendor>
<action/>
<hash>fcd3de4d651680b6c1faa2f2f40f5aa6</hash>
</key>
-<key>
<path>HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr</path>
<vendor>PUP.Optional.DataMngr.A</vendor>
<action/>
<hash>943b64c7c4b76dc99922672d14ef42be</hash>
</key>
-<key>
<path>HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbardla</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>08c78e9dbcbfd363c9b4384731d14ab6</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ilividmoviestoolbardlaFF</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</key>
-<key>
<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</key>
-<value>
<path>HKLM\SOFTWARE\WOW6432NODE\DATAMNGR</path>
<valuename>uninstallstring</valuename>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<valuedata>C:\Program Files (x86)\Movies Toolbar\Datamngr\uninstall.exe</valuedata>
<hash>587789a22952bf776a17a5dcec16a759</hash>
</value>
-<value>
<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR</path>
<valuename>ImagePath</valuename>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<valuedata>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</valuedata>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</value>
-<folder>
<path>C:\ProgramData\Datamngr</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</folder>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</file>
-<file>
<path>C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc (1).exe</path>
<vendor>PUP.Optional.iMeshMusicBoxTB.A</vendor>
<action/>
<hash>24ab0823b7c41e185d1c4ad0976a9e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc.exe</path>
<vendor>PUP.Optional.iMeshMusicBoxTB.A</vendor>
<action/>
<hash>6966ee3d0d6ecb6b1861d149c33ee41c</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe</path>
<vendor>PUP.Optional.Somoto.A</vendor>
<action/>
<hash>def10823c4b750e6d1d247cb6b9612ee</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win32cert.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>38974fdcf7842a0c8fe7bfd9d0335da3</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win64cert.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>c30c67c4295295a1d2a4fb9dfb080cf4</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win32prop.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>1cb3ae7ddd9e58de492e2a6e32d14bb5</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win64prop.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>359a26056219ad89265143553ac92fd1</hash>
</file>
-<file>
<path>C:\ProgramData\Datamngr\coordinator.cfg</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</file>
-<file>
<path>C:\ProgramData\Datamngr\general.cfg</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</file>
-<file>
<path>C:\ProgramData\Datamngr\S-1-5-21-1884100225-418767542-1396444259-1000.cfg</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsv2CF0.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\install.ico</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsv2CF0.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\apnuserid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\appid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\geodata.xml</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\guid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\setupCfg.xml</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\sysid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\trackid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences</path>
<vendor>PUP.Optional.ASK.A</vendor>
<action/>
<baddata> "startup_urls": [ "http://www.search.ask.com/?o=APN10645A& ... 96-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 81-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 65-115&t=4" ],</baddata>
<gooddata/>
<hash>fcd36ebd76050d29ea34f262699be21e</hash>
</file>
</items>
</mbam-log>
<?xml version="1.0" encoding="UTF-16"?>
-<mbam-log>
-<header>
<date>2014/04/18 20:05:07 +0200</date>
<log>mbam-log-2014-04-18 (19-50-19).xml</log>
<isadmin>yes</isadmin>
</header>
-<engine>
<version>2.00.1.1004</version>
<rules-database>v2014.04.18.07</rules-database>
<swissarmy-database>v2014.03.27.01</swissarmy-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
-<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>toshiba</username>
<filesys>NTFS</filesys>
</system>
-<summary>
<type>threat</type>
<result>completed</result>
<objects>260017</objects>
<time>887</time>
<processes>3</processes>
<modules>11</modules>
<keys>20</keys>
<values>2</values>
<datas>0</datas>
<folders>6</folders>
<files>40</files>
<sectors>0</sectors>
</summary>
-<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<shuriken>enabled</shuriken>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
-<items>
-<process>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<pid>2064</pid>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</process>
-<process>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<pid>2368</pid>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</process>
-<process>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<pid>2408</pid>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</process>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<module>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</module>
-<key>
<path>HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\DATAMNGR</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>587789a22952bf776a17a5dcec16a759</hash>
</key>
-<key>
<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</key>
-<key>
<path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr</path>
<vendor>PUP.Optional.DataMngr.A</vendor>
<action/>
<hash>fcd3de4d651680b6c1faa2f2f40f5aa6</hash>
</key>
-<key>
<path>HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr</path>
<vendor>PUP.Optional.DataMngr.A</vendor>
<action/>
<hash>943b64c7c4b76dc99922672d14ef42be</hash>
</key>
-<key>
<path>HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbardla</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>08c78e9dbcbfd363c9b4384731d14ab6</hash>
</key>
-<key>
<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ilividmoviestoolbardlaFF</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</key>
-<key>
<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</key>
-<value>
<path>HKLM\SOFTWARE\WOW6432NODE\DATAMNGR</path>
<valuename>uninstallstring</valuename>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<valuedata>C:\Program Files (x86)\Movies Toolbar\Datamngr\uninstall.exe</valuedata>
<hash>587789a22952bf776a17a5dcec16a759</hash>
</value>
-<value>
<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR</path>
<valuename>ImagePath</valuename>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<valuedata>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</valuedata>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</value>
-<folder>
<path>C:\ProgramData\Datamngr</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</folder>
-<folder>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</folder>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>418e5bd0b0cbfd39523653f935cd649c</hash>
</file>
-<file>
<path>C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc (1).exe</path>
<vendor>PUP.Optional.iMeshMusicBoxTB.A</vendor>
<action/>
<hash>24ab0823b7c41e185d1c4ad0976a9e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc.exe</path>
<vendor>PUP.Optional.iMeshMusicBoxTB.A</vendor>
<action/>
<hash>6966ee3d0d6ecb6b1861d149c33ee41c</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe</path>
<vendor>PUP.Optional.Somoto.A</vendor>
<action/>
<hash>def10823c4b750e6d1d247cb6b9612ee</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win32cert.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>38974fdcf7842a0c8fe7bfd9d0335da3</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win64cert.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>c30c67c4295295a1d2a4fb9dfb080cf4</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win32prop.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>1cb3ae7ddd9e58de492e2a6e32d14bb5</hash>
</file>
-<file>
<path>C:\ProgramData\Wincert\win64prop.dll</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>359a26056219ad89265143553ac92fd1</hash>
</file>
-<file>
<path>C:\ProgramData\Datamngr\coordinator.cfg</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</file>
-<file>
<path>C:\ProgramData\Datamngr\general.cfg</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</file>
-<file>
<path>C:\ProgramData\Datamngr\S-1-5-21-1884100225-418767542-1396444259-1000.cfg</path>
<vendor>PUP.Optional.Datamngr.A</vendor>
<action/>
<hash>6768d15a0e6d241226e3247620e3f907</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>2da21f0ca2d9a88efa881d644db53ec2</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsv2CF0.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\install.ico</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsv2CF0.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg</path>
<vendor>PUP.Optional.MoviesToolbar.A</vendor>
<action/>
<hash>efe04eddf487b6801ea32d31778b748c</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\apnuserid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\appid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\geodata.xml</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\guid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\setupCfg.xml</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\sysid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\trackid.dat</path>
<vendor>PUP.Optional.MoviesToolBar.A</vendor>
<action/>
<hash>ce01c4673b4035012559fd675ea49e62</hash>
</file>
-<file>
<path>C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences</path>
<vendor>PUP.Optional.ASK.A</vendor>
<action/>
<baddata> "startup_urls": [ "http://www.search.ask.com/?o=APN10645A& ... 96-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 81-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 65-115&t=4" ],</baddata>
<gooddata/>
<hash>fcd36ebd76050d29ea34f262699be21e</hash>
</file>
</items>
</mbam-log>
-
Rudy
- Site Admin
- Příspěvky: 119537
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dropper gen
Co to je? Log z MBAM vypadá např. takto: http://forum.viry.cz/viewtopic.php?f=13 ... m#p1313333 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dropper gen
Po skenu je tam tlačítko "Export log". Po rozkliknutí se nabídne Text file nebo XML file. Poslal jsem Vám ten XML. Tak nevím kde dělám chybu. Ještě Vám posílám ten Text file. Když to nebude ono budu potřebovat poradit. Omlouvám se a děkuji
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 18.4.2014
Scan Time: 20:05:07
Logfile: Log.xml 1.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.18.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: toshiba
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 260017
Time Elapsed: 14 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 2064, , [2da21f0ca2d9a88efa881d644db53ec2]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 2368, , [2da21f0ca2d9a88efa881d644db53ec2]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, 2408, , [efe04eddf487b6801ea32d31778b748c]
Modules: 11
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
Registry Keys: 20
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR, , [587789a22952bf776a17a5dcec16a759],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR, , [2da21f0ca2d9a88efa881d644db53ec2],
PUP.Optional.DataMngr.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [fcd3de4d651680b6c1faa2f2f40f5aa6],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [943b64c7c4b76dc99922672d14ef42be],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbardla, , [08c78e9dbcbfd363c9b4384731d14ab6],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ilividmoviestoolbardlaFF, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622, , [efe04eddf487b6801ea32d31778b748c],
Registry Values: 2
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR|uninstallstring, C:\Program Files (x86)\Movies Toolbar\Datamngr\uninstall.exe, , [587789a22952bf776a17a5dcec16a759]
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR|ImagePath, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [2da21f0ca2d9a88efa881d644db53ec2]
Registry Data: 0
(No malicious items detected)
Folders: 6
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla, , [ce01c4673b4035012559fd675ea49e62],
Files: 40
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.iMeshMusicBoxTB.A, C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc (1).exe, , [24ab0823b7c41e185d1c4ad0976a9e62],
PUP.Optional.iMeshMusicBoxTB.A, C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc.exe, , [6966ee3d0d6ecb6b1861d149c33ee41c],
PUP.Optional.Somoto.A, C:\Users\toshiba\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe, , [def10823c4b750e6d1d247cb6b9612ee],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32cert.dll, , [38974fdcf7842a0c8fe7bfd9d0335da3],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64cert.dll, , [c30c67c4295295a1d2a4fb9dfb080cf4],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32prop.dll, , [1cb3ae7ddd9e58de492e2a6e32d14bb5],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64prop.dll, , [359a26056219ad89265143553ac92fd1],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-1884100225-418767542-1396444259-1000.cfg, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [2da21f0ca2d9a88efa881d644db53ec2],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsv2CF0.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\install.ico, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsv2CF0.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\apnuserid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\appid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\geodata.xml, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\guid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\setupCfg.xml, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\sysid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\trackid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.ASK.A, C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.search.ask.com/?o=APN10645A& ... 96-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 81-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 65-115&t=4" ],), ,[fcd36ebd76050d29ea34f262699be21e]
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 18.4.2014
Scan Time: 20:05:07
Logfile: Log.xml 1.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.18.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: toshiba
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 260017
Time Elapsed: 14 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 3
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 2064, , [2da21f0ca2d9a88efa881d644db53ec2]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 2368, , [2da21f0ca2d9a88efa881d644db53ec2]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, 2408, , [efe04eddf487b6801ea32d31778b748c]
Modules: 11
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
Registry Keys: 20
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR, , [587789a22952bf776a17a5dcec16a759],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR, , [2da21f0ca2d9a88efa881d644db53ec2],
PUP.Optional.DataMngr.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [fcd3de4d651680b6c1faa2f2f40f5aa6],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [943b64c7c4b76dc99922672d14ef42be],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-1884100225-418767542-1396444259-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbardla, , [08c78e9dbcbfd363c9b4384731d14ab6],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ilividmoviestoolbardlaFF, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622, , [efe04eddf487b6801ea32d31778b748c],
Registry Values: 2
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR|uninstallstring, C:\Program Files (x86)\Movies Toolbar\Datamngr\uninstall.exe, , [587789a22952bf776a17a5dcec16a759]
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR|ImagePath, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [2da21f0ca2d9a88efa881d644db53ec2]
Registry Data: 0
(No malicious items detected)
Folders: 6
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla, , [ce01c4673b4035012559fd675ea49e62],
Files: 40
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll, , [418e5bd0b0cbfd39523653f935cd649c],
PUP.Optional.iMeshMusicBoxTB.A, C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc (1).exe, , [24ab0823b7c41e185d1c4ad0976a9e62],
PUP.Optional.iMeshMusicBoxTB.A, C:\Users\toshiba\Downloads\iMeshSetup-r1444-n-bc.exe, , [6966ee3d0d6ecb6b1861d149c33ee41c],
PUP.Optional.Somoto.A, C:\Users\toshiba\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe, , [def10823c4b750e6d1d247cb6b9612ee],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32cert.dll, , [38974fdcf7842a0c8fe7bfd9d0335da3],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64cert.dll, , [c30c67c4295295a1d2a4fb9dfb080cf4],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32prop.dll, , [1cb3ae7ddd9e58de492e2a6e32d14bb5],
PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64prop.dll, , [359a26056219ad89265143553ac92fd1],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-1884100225-418767542-1396444259-1000.cfg, , [6768d15a0e6d241226e3247620e3f907],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [2da21f0ca2d9a88efa881d644db53ec2],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsv2CF0.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\install.ico, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsv2CF0.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg, , [efe04eddf487b6801ea32d31778b748c],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\apnuserid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\appid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\geodata.xml, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\guid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\setupCfg.xml, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\sysid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.MoviesToolBar.A, C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\r54meh6m.default\ilividmoviestoolbardla\trackid.dat, , [ce01c4673b4035012559fd675ea49e62],
PUP.Optional.ASK.A, C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.search.ask.com/?o=APN10645A& ... 96-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 81-115&t=4", "http://www.search.ask.com/?o=APN10645A& ... 65-115&t=4" ],), ,[fcd36ebd76050d29ea34f262699be21e]
Physical Sectors: 0
(No malicious items detected)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119537
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dropper gen
Toto je ono. Vše smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?