VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Výstraha Windows Defendeer

https://forum.viry.cz:443/viewtopic.php?t=128074

Stránka 1 z 2

Výstraha Windows Defendeer

Napsal: 13 úno 2013 17:34
od zetfly
Zdravím
o včera mi Windows Defender vyhadzuje hlášku o potenciálne škodlivom softvéri, po jeho odstránení vyskočí hláška, že problém je odstránený a je potrebný reštart a v zápäti na spodnej lište pribudne nová hláška o potenciálne škodlivom softvéri.

Ďakujem
Tu je log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Zdeno at 17:15:54 on 2013-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.7884.6074 [GMT 1:00]
.
AV: Panda Internet Security 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\totalcmd\TOTALCMD64.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mrk.cz/
uSearch Bar = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uSearch Page = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mStart Page = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
mSearch Bar = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mSearch Page = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uURLSearchHooks: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
mURLSearchHooks: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
mWinlogon: Userinit = userinit.exe
BHO: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll
BHO: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ashampoo US Toolbar: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - C:\Program Files (x86)\Ashampoo_US\prxtbAsha.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {a9ff5a45-b433-4940-9299-de737a9c11f6} - {0de094f5-e894-48c7-b16f-338d64674721}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
TCP: NameServer = 195.68.234.1 195.68.234.10
TCP: Interfaces\{C1160917-EB48-4951-B02D-3EF8BAE57715} : DHCPNameServer = 195.68.234.1 195.68.234.10
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.oracle.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Notify: avldr - avldr64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-08 22:16; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF - ExtSQL: 2013-02-03 16:12; 50dc36f17f225@50dc36f17f25e.com; C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\50dc36f17f225@50dc36f17f25e.com
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-7 16152]
R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2012-12-23 30792]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2012-12-23 48136]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2012-12-23 65608]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2012-12-23 129096]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-8 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-11-8 149120]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2012-12-23 82952]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2012-12-23 31752]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2012-12-23 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2012-12-23 170504]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrlS.exe [2012-12-23 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-12-23 202016]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2012-12-23 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2012-12-23 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\psksvc.exe [2012-12-23 28992]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-19 3467768]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2012-12-23 74760]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-7 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-7 786200]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\System32\drivers\n64i1644.sys [2012-12-23 216648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-7 646248]
S1 zcgmrgvp;zcgmrgvp;C:\Windows\System32\drivers\zcgmrgvp.sys [2013-2-13 49872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-11-8 24368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-7 30208]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-7 1255736]
SUnknown xmomqbdt;xmomqbdt; [x]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .vbs: VBSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .js: JSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .jse: JSEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .wsf: WSFFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-02-13 15:40:54 49872 ----a-w- C:\Windows\System32\drivers\zcgmrgvp.sys
2013-02-13 15:17:41 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\offreg.dll
2013-02-12 16:21:00 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\mpengine.dll
2013-02-03 16:32:50 -------- d-----w- C:\Users\Zdeno\AppData\Local\Microsoft Games
2013-01-31 16:00:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 16:50:32 -------- d-----w- C:\ProgramData\NFS Underground
2013-01-26 08:05:34 -------- d-----w- C:\Users\Zdeno\.jfreereport
.
==================== Find3M ====================
.
2013-02-08 16:47:30 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:47:30 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-23 09:58:08 15928 ----a-w- C:\Windows\System32\drivers\COMFiltr.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 10:20:53 545056 ----a-w- C:\Windows\SysWow64\PavSHookWow.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-16 10:08:27 837920 ----a-w- C:\Windows\System32\PavSHook64.dll
.
============= FINISH: 17:16:52,57 ===============

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 20:33
od Rudy
Zdravím!
Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 20:50
od zetfly
Zdravím
po spustení adwcleaneru sa otvorí okno:

Po kliknutí na OK otvorí:
http://general-changelog-team.fr/fr/dow ... adwcleaner
a tu akosi nevím kudy kam :o

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 20:52
od Rudy
Klikněte na >Zrušiť< a ADW by se měl rozběhnout.

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 20:53
od zetfly
Zdravím
tu je ten log:
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 20:52:59
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeno - ZDENO-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeno\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Conduit.xml
File Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Web Search.xml
Folder Found : C:\Program Files (x86)\Ashampoo_US
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\CertifiedToolbar
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Protected Search
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Folder Found : C:\ProgramData\SaveByclick
Folder Found : C:\Users\Zdeno\AppData\Local\Conduit
Folder Found : C:\Users\Zdeno\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\Zdeno\AppData\LocalLow\Ashampoo_US
Folder Found : C:\Users\Zdeno\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Zdeno\AppData\LocalLow\CertifiedToolbar
Folder Found : C:\Users\Zdeno\AppData\LocalLow\Conduit
Folder Found : C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar
Folder Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\toolbar@ask.com
Folder Found : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\Smartbar
Folder Found : C:\Users\Zdeno\AppData\Roaming\pdfforge
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\Ashampoo_US
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\Ashampoo_US
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\wtb.Band
Key Found : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Found : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Found : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFBAECC-7E9B-4097-903D-E90E47330A53}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FB1C02-8750-45AF-B948-F7A38EC19D35}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_US Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-1178636279-3580483858-1665276810-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=

-\\ Mozilla Firefox v16.0.2 (sk)

File : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\prefs.js

Found : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Found : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Found : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2481032.FirstTime", "true");
Found : user_pref("CT2481032.FirstTimeFF3", "true");
Found : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Found : user_pref("CT2481032.UserID", "UN83050124433052774");
Found : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2481032.autoDisableScopes", -1);
Found : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Found : user_pref("CT2481032.cbcountry_001", "SK");
Found : user_pref("CT2481032.cbfirsttime", "Thu Nov 08 2012 11:07:29 GMT+0100");
Found : user_pref("CT2481032.defaultSearch", "true");
Found : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2481032.enableAlerts", "false");
Found : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Found : user_pref("CT2481032.firstTimeDialogOpened", "true");
Found : user_pref("CT2481032.fixPageNotFoundError", "true");
Found : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2481032.fixUrls", true);
Found : user_pref("CT2481032.installId", "conduitnsisintegration");
Found : user_pref("CT2481032.installType", "conduitnsisintegration");
Found : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.isNewTabEnabled", true);
Found : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2481032.keyword", true);
Found : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Found : user_pref("CT2481032.openThankYouPage", "false");
Found : user_pref("CT2481032.openUninstallPage", "false");
Found : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Found : user_pref("CT2481032.search.searchCount", "0");
Found : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1352369249107");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1352369249149");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13523692491[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1352369249441"[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1352369249124");
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1352369249083")[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1352369249209"[...]
Found : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1352369249484");
Found : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352369246381");
Found : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1352369246138");
Found : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352369247192");
Found : user_pref("CT2481032.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352369247596");
Found : user_pref("CT2481032.serviceLayer_services_optimizer_lastUpdate", "1352369246389");
Found : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352369247384");
Found : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1352369245775");
Found : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1352369245503");
Found : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352369246297");
Found : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1352369245819");
Found : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1352369246143");
Found : user_pref("CT2481032.settingsINI", true);
Found : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Found : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Found : user_pref("CT2481032.smartbar.Uninstall", "0");
Found : user_pref("CT2481032.smartbar.homepage", true);
Found : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Found : user_pref("CT2481032.toolbarBornServerTime", "8-11-2012");
Found : user_pref("CT2481032.toolbarCurrentServerTime", "8-11-2012");
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=1[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("browser.search.selectedEngine", "Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=33953&home=true&tid=29[...]
Found : user_pref("extensions.50dc36f17f2d2.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Found : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=");

*************************

AdwCleaner[R1].txt - [18185 octets] - [13/02/2013 20:52:59]

########## EOF - C:\AdwCleaner[R1].txt - [18246 octets] ##########

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 21:28
od Rudy
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 21:37
od zetfly
Tu je (po reštarte PC):
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 21:34:02
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Zdeno - ZDENO-PC
# Boot Mode : Normal
# Running from : C:\Users\Zdeno\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\searchplugins\Web Search.xml
Folder Deleted : C:\Program Files (x86)\Ashampoo_US
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\CertifiedToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Folder Deleted : C:\ProgramData\SaveByclick
Folder Deleted : C:\Users\Zdeno\AppData\Local\Conduit
Folder Deleted : C:\Users\Zdeno\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\Ashampoo_US
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\CertifiedToolbar
Folder Deleted : C:\Users\Zdeno\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\Smartbar
Folder Deleted : C:\Users\Zdeno\AppData\Roaming\pdfforge
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\Ashampoo_US
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Ashampoo_US
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CertifiedToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6568F275-5827-43C5-9778-A8A037FF06B8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFBAECC-7E9B-4097-903D-E90E47330A53}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FB1C02-8750-45AF-B948-F7A38EC19D35}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_US Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{124D001A-BDCB-472F-AA59-BBE7E4BC3204}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q= --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (sk)

File : C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\prefs.js

Deleted : user_pref("CT2481032.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT2481032.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT2481032.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2481032.FirstTime", "true");
Deleted : user_pref("CT2481032.FirstTimeFF3", "true");
Deleted : user_pref("CT2481032.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Deleted : user_pref("CT2481032.UserID", "UN83050124433052774");
Deleted : user_pref("CT2481032.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2481032.autoDisableScopes", -1);
Deleted : user_pref("CT2481032.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT2481032.cbcountry_001", "SK");
Deleted : user_pref("CT2481032.cbfirsttime", "Thu Nov 08 2012 11:07:29 GMT+0100");
Deleted : user_pref("CT2481032.defaultSearch", "true");
Deleted : user_pref("CT2481032.embeddedsData", "[{\"appId\":\"129058858240125318\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2481032.enableAlerts", "false");
Deleted : user_pref("CT2481032.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2481032.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2481032.fixPageNotFoundError", "true");
Deleted : user_pref("CT2481032.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2481032.fixUrls", true);
Deleted : user_pref("CT2481032.installId", "conduitnsisintegration");
Deleted : user_pref("CT2481032.installType", "conduitnsisintegration");
Deleted : user_pref("CT2481032.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.isNewTabEnabled", true);
Deleted : user_pref("CT2481032.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2481032.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2481032.keyword", true);
Deleted : user_pref("CT2481032.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...]
Deleted : user_pref("CT2481032.openThankYouPage", "false");
Deleted : user_pref("CT2481032.openUninstallPage", "false");
Deleted : user_pref("CT2481032.search.searchAppId", "129058858240125318");
Deleted : user_pref("CT2481032.search.searchCount", "0");
Deleted : user_pref("CT2481032.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2481032.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2481032.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2481032.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2481032.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2481032.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1352369249107");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1352369249149");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "13523692491[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1352369249441"[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-google_lastUpdate", "1352369249124");
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1352369249083")[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-thesun_news_lastUpdate", "1352369249209"[...]
Deleted : user_pref("CT2481032.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1352369249484");
Deleted : user_pref("CT2481032.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352369246381");
Deleted : user_pref("CT2481032.serviceLayer_services_appsMetadata_lastUpdate", "1352369246138");
Deleted : user_pref("CT2481032.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352369247192");
Deleted : user_pref("CT2481032.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352369247596");
Deleted : user_pref("CT2481032.serviceLayer_services_optimizer_lastUpdate", "1352369246389");
Deleted : user_pref("CT2481032.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352369247384");
Deleted : user_pref("CT2481032.serviceLayer_services_searchAPI_lastUpdate", "1352369245775");
Deleted : user_pref("CT2481032.serviceLayer_services_serviceMap_lastUpdate", "1352369245503");
Deleted : user_pref("CT2481032.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352369246297");
Deleted : user_pref("CT2481032.serviceLayer_services_toolbarSettings_lastUpdate", "1352369245819");
Deleted : user_pref("CT2481032.serviceLayer_services_translation_lastUpdate", "1352369246143");
Deleted : user_pref("CT2481032.settingsINI", true);
Deleted : user_pref("CT2481032.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2481032.smartbar.CTID", "CT2481032");
Deleted : user_pref("CT2481032.smartbar.Uninstall", "0");
Deleted : user_pref("CT2481032.smartbar.homepage", true);
Deleted : user_pref("CT2481032.smartbar.toolbarName", "Ashampoo US ");
Deleted : user_pref("CT2481032.toolbarBornServerTime", "8-11-2012");
Deleted : user_pref("CT2481032.toolbarCurrentServerTime", "8-11-2012");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=33953&home=true&tid=29[...]
Deleted : user_pref("extensions.50dc36f17f2d2.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=");

*************************

AdwCleaner[R1].txt - [18296 octets] - [13/02/2013 20:52:59]
AdwCleaner[S1].txt - [19152 octets] - [13/02/2013 21:34:02]

########## EOF - C:\AdwCleaner[S1].txt - [19213 octets] ##########

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 21:39
od Rudy
Dejte nový log RSIT.

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 21:43
od zetfly
Tu je:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Zdeno at 21:42:22 on 2013-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.7884.6040 [GMT 1:00]
.
AV: Panda Internet Security 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\totalcmd\TOTALCMD64.EXE
C:\Windows\system32\wbem\wmiprvse.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mrk.cz/
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} -
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {a9ff5a45-b433-4940-9299-de737a9c11f6} - {0de094f5-e894-48c7-b16f-338d64674721}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
TCP: NameServer = 195.68.234.1 195.68.234.10
TCP: Interfaces\{C1160917-EB48-4951-B02D-3EF8BAE57715} : DHCPNameServer = 195.68.234.1 195.68.234.10
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.oracle.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Notify: avldr - avldr64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-08 22:16; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF - ExtSQL: 2013-02-03 16:12; 50dc36f17f225@50dc36f17f25e.com; C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\50dc36f17f225@50dc36f17f25e.com
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-7 16152]
R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2012-12-23 30792]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2012-12-23 48136]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2012-12-23 65608]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2012-12-23 129096]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-8 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-8 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-11-8 149120]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2012-12-23 82952]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2012-12-23 31752]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2012-12-23 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2012-12-23 170504]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrlS.exe [2012-12-23 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-12-23 202016]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2012-12-23 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2012-12-23 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\psksvc.exe [2012-12-23 28992]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-19 3467768]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2012-12-23 74760]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-11-7 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-7 786200]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\System32\drivers\n64i1644.sys [2012-12-23 216648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-7 646248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-11-8 24368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-7 30208]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-7 1255736]
SUnknown zcgmrgvp;zcgmrgvp; [x]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .vbs: VBSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .js: JSFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .jse: JSEFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
FileExt: .wsf: WSFFile=C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-02-13 20:38:28 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\offreg.dll
2013-02-12 16:21:00 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97CC84C-1804-46C0-8EF5-C905CCD273B1}\mpengine.dll
2013-02-03 16:32:50 -------- d-----w- C:\Users\Zdeno\AppData\Local\Microsoft Games
2013-01-31 16:00:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 16:50:32 -------- d-----w- C:\ProgramData\NFS Underground
2013-01-26 08:05:34 -------- d-----w- C:\Users\Zdeno\.jfreereport
.
==================== Find3M ====================
.
2013-02-08 16:47:30 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:47:30 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-23 09:58:08 15928 ----a-w- C:\Windows\System32\drivers\COMFiltr.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 10:20:53 545056 ----a-w- C:\Windows\SysWow64\PavSHookWow.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-16 10:08:27 837920 ----a-w- C:\Windows\System32\PavSHook64.dll
.
============= FINISH: 21:42:46,06 ===============

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 21:45
od Rudy
Potřebuji log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 , nikoli DDS.

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 21:47
od zetfly
Logfile of random's system information tool 1.09 (written by random/random)
Run by Zdeno at 2013-02-13 21:46:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 908 GB (95%) free of 955 GB
Total RAM: 7884 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:34, on 13. 2. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe
C:\Program Files\trend micro\Zdeno.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mrk.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {a9ff5a45-b433-4940-9299-de737a9c11f6} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9592 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2012\WebProxy.exe" oso_XGCGLR
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"taskhost.exe"
taskeng.exe {51E3EE04-4876-4751-BB12-3EB2E5D8681D}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe"
"C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\AVENGINE.EXE"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[S1].txt
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\ApVxdWin.exe" /s
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:4856 CREDAT:145409
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\SRVLOAD.EXE"
"C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavBckPT.exe" C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\totalcmd\TOTALCMD64.EXE"
C:\Windows\System32\svchost.exe -k swprv
taskeng.exe {541628CA-D409-4C09-9BFE-2BE20F4262E6}
"D:\Install\viry_cz\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default

prefs.js - "browser.search.useDBForOrder" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
Web Search.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Zdeno\AppData\Roaming\Mozilla\Firefox\Profiles\ennyvv5r.default\extensions\
50dc36f17f225@50dc36f17f25e.com
{624ad42d-e714-46b4-843e-c7094f740b0f}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0de094f5-e894-48c7-b16f-338d64674721}]
Certified Toolbar - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22 91784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0de094f5-e894-48c7-b16f-338d64674721} - Certified Toolbar - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll []
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2012-11-22 731784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-22 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-22 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-22 441888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-09-25 724576]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\qttask.exe [2012-12-01 421888]
"APVXDWIN"=C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\APVXDWIN.EXE [2011-04-13 1000768]
"SCANINICIO"=C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\Inicio.exe [2011-02-02 70464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
C:\Windows\system32\avldr64.dll [2010-03-24 64768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-22 441344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.vbs - open - C:\PROGRA~2\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-13 21:46:22 ----D---- C:\rsit
2013-02-13 21:46:22 ----D---- C:\Program Files\trend micro
2013-02-13 21:34:02 ----A---- C:\AdwCleaner[S1].txt
2013-02-13 20:52:59 ----A---- C:\AdwCleaner[R1].txt
2013-01-31 17:00:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-01-31 17:00:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-01-31 17:00:50 ----A---- C:\Windows\SYSWOW64\java.exe
2013-01-26 17:50:32 ----D---- C:\ProgramData\NFS Underground
2013-01-26 17:49:11 ----A---- C:\Windows\EAConfigInfo.txt
2013-01-16 17:56:52 ----D---- C:\Windows\Sun

======List of files/folders modified in the last 1 month======

2013-02-13 21:46:34 ----D---- C:\Windows\Prefetch
2013-02-13 21:46:29 ----D---- C:\Windows\Temp
2013-02-13 21:46:23 ----D---- C:\Windows\system32\drivers
2013-02-13 21:46:22 ----RD---- C:\Program Files
2013-02-13 21:44:48 ----D---- C:\Windows\system32\catroot2
2013-02-13 21:44:48 ----D---- C:\Windows\system32\catroot
2013-02-13 21:42:11 ----D---- C:\Windows\System32
2013-02-13 21:42:11 ----D---- C:\Windows\inf
2013-02-13 21:42:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-13 21:38:52 ----D---- C:\Windows\system32\config
2013-02-13 21:36:22 ----D---- C:\Windows\system32\drivers\etc
2013-02-13 21:34:09 ----SHD---- C:\Windows\Installer
2013-02-13 21:34:09 ----RD---- C:\Program Files (x86)
2013-02-13 21:34:09 ----HD---- C:\ProgramData
2013-02-13 20:41:12 ----D---- C:\Users\Zdeno\AppData\Roaming\gtk-2.0
2013-02-13 17:07:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-12 20:09:55 ----SHD---- C:\System Volume Information
2013-02-09 09:16:29 ----A---- C:\Windows\win.ini
2013-02-08 17:48:06 ----D---- C:\Windows\SysWOW64
2013-02-08 17:47:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-02 17:04:50 ----D---- C:\Windows\Downloaded Program Files
2013-01-31 17:00:50 ----D---- C:\Program Files (x86)\Java
2013-01-26 17:49:11 ----D---- C:\Windows
2013-01-21 18:25:40 ----SHD---- C:\$Recycle.Bin
2013-01-19 09:12:59 ----D---- C:\Windows\system32\Tasks
2013-01-19 09:12:35 ----RSD---- C:\Windows\Fonts
2013-01-19 09:12:29 ----D---- C:\Program Files (x86)\TeamViewer
2013-01-17 22:08:29 ----SD---- C:\Users\Zdeno\AppData\Roaming\Microsoft
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 pavboot;Panda boot driver; C:\Windows\system32\Drivers\pavboot64.sys [2010-06-22 30792]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 ShldFlt;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShldFlt.sys [2009-10-27 48136]
R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm6460.sys [2010-05-21 65608]
R2 APPFLT;App Filter Plugin; \??\C:\Windows\system32\Drivers\APPFLT64.SYS [2011-01-31 129096]
R2 ComFiltr;Panda Anti-Dialer; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [2012-12-23 15928]
R2 DSAFLT;DSA Filter Plugin; \??\C:\Windows\system32\Drivers\DSAFLT64.SYS [2009-09-25 82952]
R2 FNETMON;NetMon Filter Plugin; \??\C:\Windows\system32\Drivers\fnetm64.SYS [2009-09-25 31752]
R2 IDSFLT;Ids Filter Plugin; \??\C:\Windows\system32\Drivers\IDSFLT64.SYS [2010-09-09 78920]
R2 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\Windows\system32\Drivers\NETTDI64.SYS [2009-09-25 170504]
R2 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\Windows\system32\Drivers\WNMFLT64.SYS [2009-09-25 74760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-22 5332896]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44; C:\Windows\system32\DRIVERS\n64i1644.sys [2010-09-01 216648]
R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\syswow64\PavTPK.sys []
R3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsCtrls.exe [2009-08-10 173312]
R2 PAVFNSVR;Panda Function Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PavFnSvr.exe [2012-10-17 202016]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\pavsrvx86.exe [2010-06-04 314176]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-09-25 474208]
R2 PSHost;Panda Host Service; c:\program files (x86)\panda security\panda internet security 2012\firewall\PSHOST.EXE [2009-11-26 226560]
R2 PSIMSVC;Panda IManager Service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\PskSvc.exe [2010-08-16 28992]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 TPSrv;Panda TPSrv; C:\Program Files (x86)\Panda Security\Panda Internet Security 2012\TPSrvWow.exe [2012-11-16 173344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-22 277024]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-07 1255736]

-----------------EOF-----------------

Re: Výstraha Windows Defendeer

Napsal: 13 úno 2013 22:14
od Rudy
Dvouklikem na soubor C:\Program Files\trend micro\Zdeno.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O2 - BHO: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O3 - Toolbar: Certified Toolbar - {0de094f5-e894-48c7-b16f-338d64674721} - C:\Users\Zdeno\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: Výstraha Windows Defendeer

Napsal: 14 úno 2013 16:11
od zetfly
Zdravím
no som opäť pri stroji. Medzi tým však bol stroj vypnutý a pred vypnutím sa aktualizoval windows. Z toho posledného pokynu mi nieje jasné čo to je OTM?

Re: Výstraha Windows Defendeer

Napsal: 14 úno 2013 20:30
od Rudy
Pardon, chyba kopírování. Proveďte pouze toto:

Klikněte na >FixChecked< a restartujte PC. OTM je mazací utilita, kterou jsme nepoužili. Omlouvám se. :oops:

Re: Výstraha Windows Defendeer

Napsal: 14 úno 2013 21:01
od zetfly
Zdravím
takže som to spravil tak ako je popísané v predchádzajúcom príspevku.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz