HijackThis - Certified Toolbar search Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

HijackThis - Certified Toolbar search

Příspěvekod Stene » 16 led 2013 13:21

Ahoj, po brouzdání na netu se mi do počítače dostal nějakej šmejd a pořád mi otevírá jako úvodní stránku v prohlížečích takovýho šmejda http://search.certified-toolbar.com/?si ... e&tid=3206

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:20:58, on 16.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Users\Stene\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: NDAS Device Management.lnk = C:\Program Files\NDAS\System\ndasmgmt.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9921 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: HijackThis - Certified Toolbar search

Příspěvekod memphisto » 16 led 2013 13:48

v logu fixni:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 16 led 2013 22:56

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.16.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Stene :: STENE-PC [administrátor]

16.1.2013 22:51:11
MBAM-log-2013-01-16 (22-55-52).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216658
Uplynulý čas: 3 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 4
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://search.certified-toolbar.com?si= ... e&tid=3206) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Špatný: (http://search.certified-toolbar.com?si= ... bs=true&q=) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\$RECYCLE.BIN\S-1-5-21-1679234959-3771141595-1235745478-1001\$RZ77ZSP\Patch.exe (PUP.Hacktool.Patcher) -> Nebyla provedena žádná instrukce.

(konec)

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 16 led 2013 22:57

# AdwCleaner v2.105 - Logfile created 01/16/2013 at 22:56:33
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Stene - STENE-PC
# Boot Mode : Normal
# Running from : C:\Users\Stene\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Found : C:\user.js
File Found : C:\Users\Stene\AppData\Local\Temp\Searchqu.ini
File Found : C:\Users\Stene\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Found : C:\Users\Stene\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
File Found : C:\Users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\searchplugins\daemon-search.xml
File Found : C:\Users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\searchplugins\qip-search.xml
File Found : C:\Users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\searchplugins\Search_Results.xml
File Found : C:\Users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\searchplugins\Web Search.xml
File Found : C:\Users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\searchplugins\yahoo-zugo.xml
Folder Found : C:\Program Files (x86)\AskTBar
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\Users\Stene\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Stene\AppData\LocalLow\searchquband
Folder Found : C:\Users\Stene\AppData\Roaming\Babylon
Folder Found : C:\Users\Stene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eType

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DSNR Labs
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Found : HKU\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Found : HKU\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKU\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie ... 6&new=true
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3206
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si= ... bs=true&q=

-\\ Mozilla Firefox v18.0 (cs)

File : C:\Users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\prefs.js

Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=32[...]
Found : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=3206&bs=true&q=");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Stene\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.1] : urls_to_restore_on_startup ={"plugins":{"enabled_nacl":true, "last_internal_directory":"C:\\Users\\Stene\\AppData\\Local\\Google\\Chrome\\Application\\21.0.1180.89", "plugins_list":[{"name":"Shockwave Flash", "version":"11.3.31.232", "path":"C:\\Users\\Stene\\AppData\\Local\\Google\\Chrome\\Application\\21.0.1180.89\\PepperFlash\\pepflashplayer.dll", "enabled":true}, {"name":"Shockwave Flash", "version":"11,4,402,265", "path":"C:\\Users\\Stene\\AppData\\Local\\Google\\Chrome\\Application\\21.0.1180.89\\gcswf32.dll", "enabled":true}, {"name":"Shockwave Flash", "version":"11,5,502,135", "path":"C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_5_502_135.dll", "enabled":true}, {"name":"Flash", "enabled":true}, {"name":"Remoting Viewer", "version":"", "path":"internal-remoting-viewer", "enabled":true}, {"name":"Remoting Viewer", "enabled":true}, {"name":"Native Client", "version":"", "path":"C:\\Users\\Stene\\AppData\\Local\\Google\\Chrome\\Application\\21.0.1180.89\\ppGoogleNaClPluginChrome.dll", "enabled":true}, {"name":"Native Client", "enabled":true}, {"name":"Chrome PDF Viewer", "version":"", "path":"C:\\Users\\Stene\\AppData\\Local\\Google\\Chrome\\Application\\21.0.1180.89\\pdf.dll", "enabled":true}, {"name":"Chrome PDF Viewer", "enabled":true}, {"name":"Adobe Acrobat", "version":"10.1.4.38", "path":"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll", "enabled":true}, {"name":"Adobe Acrobat", "enabled":false}, {"name":"Microsoft\u00ae Windows Media Player Firefox Plugin", "version":"1.0.0.8", "path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\np-mswmp.dll", "enabled":true}, {"name":"Windows Media Player", "enabled":true}, {"name":"Microsoft Office 2010", "version":"14.0.4730.1010", "path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPAUTHZ.DLL", "enabled":true}, {"name":"Microsoft Office 2010", "version":"14.0.4761.1000", "path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL", "enabled":true}, {"name":"Microsoft Office", "enabled":true}, {"name":"Google Earth Plugin", "version":"6.1.0.5001", "path":"C:\\Program Files (x86)\\Google\\Google Earth\\plugin\\npgeplugin.dll", "enabled":true}, {"name":"Google Earth Plugin", "enabled":true}, {"name":"Java(TM) Platform SE 6 U35", "version":"6.0.350.10", "path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\plugin2\\npjp2.dll", "enabled":true}, {"name":"Java Deployment Toolkit 6.0.350.10", "version":"6.0.350.10", "path":"C:\\Windows\\SysWOW64\\npdeployJava1.dll", "enabled":true}, {"name":"Java", "enabled":true}], "enabled_internal_pdf3":true}, "tabs":{"use_vertical_tabs":false}, "default_apps_install_state":2, "ntp":{"promo_group_timeslice":0, "promo_closed":false, "promo_resource_cache_update":"1358246070.789278", "promo_views_max":15, "promo_group_max":1, "promo_num_groups":1, "promo_end":1357685940, "promo_increment":1, "promo_initial_segment":1, "promo_start":1356303600, "promo_line":"M\u00e1te chytr\u00fd telefon nebo tablet? <a href=\"hxxps://www.google.com/chrome/mobile/?utm_source=chrome&utm_medium=ntp&utm_campaign=ntp-promo\"> Po\u0159i\u010fte si Chrome pro mobiln\u00ed za\u0159\u00edzen\u00ed</a>", "gplus_required":false, "promo_views":0, "promo_group":0}, "session":{["hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3206"], "restore_on_startup_migrated":true, "restore_on_startup":4}, "countryid_at_install":17242, "google":{"services":{"username":""}}, "homepage_is_newtabpage":"true", "extensions":{"autoupdate":{"last_check":"13002493728411074", "next_check":"13002727400994210"}, "settings":{"bndahdijlcnncjbpammoedeapmlobllc":{"blacklist":true}, "lndempehphjoeimfchjflohpmhamiamf":{"blacklist":true}, "mfncimdpmknolnnnccdmkpnpkaofonkc":{"blacklist":true}, "boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true}, "gpgehbjbkfhngdlfpfeokjgbkmmokjhe":{"blacklist":true}, "ggkpicnfnljflddbdoeeaajjgepapcbf":{"blacklist":true}, "pfaooklcbjnkgconjjepimkohgcjmdji":{"blacklist":true}, "ojglppmhgfohhfeinlhklglifnbfebak":{"blacklist":true}, "fpbkafpphnhlpakobppekmkebmbhkoco":{"blacklist":true}, "ghgphbmpcfgkfneodjpbdanmdoemklio":{"blacklist":true}, "dmabikjmolgegjajdhmgpmgffajlmmkb":{"blacklist":true}, "ehgoiaffgjoinpkllmmnikghgpghnabc":{"blacklist":true}, "efbeabpbbkahnnjalakldjfhljboclkf":{"blacklist":true}, "cmjphjljejnfgdbkdgdlclaabimpknna":{"blacklist":true}, "pndadpldhngimdmhnajebjldbmcbpjol":{"blacklist":true}, "loldehkdjdncebfnncknlkdchjclifbn":{"blacklist":true}, "nibohffepnilngkecenfdgnokfhmnkod":{"blacklist":true}, "jafnimahlamccccjbkhjjpeiipiedpik":{"blacklist":true}, "indfhnliadamglhalanplbajgenpjdml":{"blacklist":true}, "goedioiidkokkbobdnopnlnaaalniegm":{"blacklist":true}, "noefghcilkpcabnhhilojimkkjplhcnd":{"blacklist":true}, "lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true}, "iljfgjkppapinhcgonhjnipfppfmfedh":{"blacklist":true}, "ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true}, "nepfiodmbijheamafkiglonfkjebdjmf":{"blacklist":true}, "pobponmhkpmphbnfhpjdagklbkmjhked":{"blacklist":true}, "nckmikohoilfkcoahbjpbgbpegcjgngm":{"blacklist":true}, "dkhkecikbdfpoiopnnpoeglbdphgflmf":{"blacklist":true}, "jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true}, "amoobcjlpgloocplpikcldcpjjdnoeii":{"blacklist":true}, "jkmhalpofmlfeglboejbchpoijnkmcgh":{"blacklist":true}, "hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true}, "mgdgiplcofghdmpekdeeceolepakodcb":{"blacklist":true}, "lkhcbijhgfchgdmklonlobkfbcadbokg":{"blacklist":true}, "kljhmdlkclaglodecegamnpioaflmage":{"blacklist":true}, "nloaaepkhcnmoakooihnefhhggbmemed":{"blacklist":true}, "cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true}, "gchbiabnbdikkgfhnkclecjncojnkmhb":{"blacklist":true}, "jpeijjbllejgmokmahkeommcodahoobm":{"blacklist":true}, "bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true}, "lcmpleboacinanffcdgenhhbkboclkjb":{"blacklist":true}, "kkhomejdleoonmbdhcigkhkjcghngncf":{"blacklist":true}, "jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true}, "fbjjhbijaiopkcdolheliknnjlkaekeb":{"blacklist":true}, "pkhidkonipdjidjglnkfcfhnkfnlefbk":{"blacklist":true}, "pgelifedkjaohmjehecojkfldinjlamn":{"blacklist":true}, "hjnigaibahdeadcdnpnommdehajodlhc":{"blacklist":true}, "lookpbabilcplifjdeifacodednpacmk":{"blacklist":true}, "gkjmgdpdndoaiholejnmdbbpdaafahmm":{"blacklist":true}, "ogjbodghhojomghbdfnlkppdagkfjede":{"blacklist":true}, "hecijapnccjhonbmacmkmffooodfokoo":{"blacklist":true}, "lnjgjionmhobdfdegbciceafphgemjnc":{"blacklist":true}, "kcfnnanmpghdnoompcfclakpacapnfbn":{"blacklist":true}, "fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true}, "eijbdinddjecmebnlienfoijpjjobkjh":{"blacklist":true}, "jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true}, "mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true}, "nmmnodocfckpoddcgihiihcdinaonckb":{"blacklist":true}, "odeckaficnaplobiiaomegfbokokehhb":{"blacklist":true}, "jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true}, "hmmoglffhpmacaacfbbmbbkcbdkjphnc":{"blacklist":true}, "gandihaiobadcggbfkhpbkocmiemjlnf":{"blacklist":true}, "cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true}, "ahfgeienlihckogmohjhadlkjgocpleb":{"page_ordinal":"n", "app_launcher_ordinal":"n", "active_permissions":{"api":["appNotifications", "management", "webstorePrivate"]}}, "dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true}, "clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true}, "gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true}, "bnffnggkphadlnoopcoakdnkellnifjp":{"blacklist":true}, "acomnmbomlajgjbcijkflekoojdfcldj":{"blacklist":true}, "boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true}, "pjloefkigphblpjminnlpbhjchjafcfc":{"blacklist":true}, "hnkcpoijaeegompjgbjjhkdmljldaccg":{"blacklist":true}, "amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true}, "jljfnkmkkdkppfndippkedacgfkafped":{"blacklist":true}, "kelljdoinjlkmkncffgadbebgpmlcang":{"blacklist":true}, "bhdkpmneahdelgdgfhddianklldfoell":{"blacklist":true}, "gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true}, "hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true}, "lambangeielkjcnmioccboaphdfcffib":{"blacklist":true}, "jiofcofpcbijcnlpekdkpmgjdppajbjb":{"blacklist":true}, "pfhlnanelpgjbhndafjamnpfhkjadoip":{"blacklist":true}, "omnicnmbagoinlpamknknbcgopadcoci":{"blacklist":true}, "mknjbohhleiicbpagpgmhoaigbblmnic":{"blacklist":true}, "hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true}, "oidjdpbndkjhmhmgdoggibcjnippkcgo":{"blacklist":true}, "aldalonecchncedclgcndcndgilaclnk":{"blacklist":true}, "ijenlpgidnapbndonoinbkhekgjonojg":{"blacklist":true}, "eofejpelggimkodeojpeojnbijgiglgh":{"blacklist":true}, "kelcbonmemlciepjdmfcifnhloeammhj":{"blacklist":true}, "iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true}, "fhlkffpjoajppmhcakbkjndbjfljccpi":{"blacklist":true}, "hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true}, "kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true}, "hfpfbhnmbbigpmoodjemilggabklpopj":{"blacklist":true}, "bioeopenmokdgbekbgpgnacecjmpckbb":{"blacklist":true}, "jdiakcmbpmcnniggjcmcjknnklpdlogc":{"blacklist":true}, "hnonhhpgjnjcjfbkjdpfbkfpaodcmncb":{"blacklist":true}, "igkdgkdiiolilocklmiolkpoohacojop":{"blacklist":true}, "doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true}, "dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true}, "bokkificjhapflinbdejegngffgkcgfe":{"blacklist":true}, "liomofjeffddiiccaolcnllbhnipbkhe":{"blacklist":true}, "kdfahjokahcbmecgaandpobmgiiknagf":{"blacklist":true}, "aofechiiopolnegcjcddgedjabmkemhf":{"blacklist":true}, "gekkhpjigmckhgmgngadbeknekgpgolb":{"blacklist":true}, "ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true}, "eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true}, "jabpdgllijbnknhkgjideeajfofafckp":{"blacklist":true}, "maakimnachffhlgdhfomaejeeaikgjap":{"blacklist":true}, "ejijgghlncnaphklndknkbkclebfboca":{"blacklist":true}, "cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":true}, "mkobblpffgbncfhijabakfafmkjdmmnm":{"blacklist":true}, "fclheclkknbgfndeahkfdomollhmfkcn":{"blacklist":true}, "danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true}, "dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true}, "ojmdhklabgbnnkkilmkcfcemdhognifc":{"blacklist":true}, "kojkdbedffnppdoalcfkkeelbhbklhgp":{"blacklist":true}, "nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":true}, "aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true}, "lodollblmkailkkdiijmoccefdfjohgk":{"blacklist":true}, "hhjmkijkgojfifipdgmiemghfikbohcm":{"blacklist":true}, "oghphhcagopecifjblgdcfihjnlcbcfc":{"blacklist":true}, "jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true}, "fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true}, "onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true}, "elcaigjcaijbfpjngaekbblphmfjdhfo":{"blacklist":true}, "diinokaoicgobepmadnmedlhdfnpehcj":{"blacklist":true}, "jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklist":true}, "mjalegijammcloleihdmooifidcjggjp":{"blacklist":true}, "bkkchglolnigbfncnbnnbhhempjkdpkf":{"blacklist":true}, "echngajnlpjeacbanjejlhcajjfoedcc":{"blacklist":true}, "aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true}, "bilgncckogfgfipdlejkffnbkgjkmflh":{"blacklist":true}, "jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true}, "ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true}, "hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true}, "pkbkgagehkkoajkpgnmjegibihpalfdk":{"blacklist":true}, "lnlaeblencbjjjeaanegaldcjfekeled":{"blacklist":true}, "dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true}, "eiflkkehgogioennialfbilppmegcpoa":{"blacklist":true}, "fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true}, "kcgplbmkmfcpngilmhjmebdgkkpbdemp":{"blacklist":true}, "fnoadkjdjfgafomgmablhmffooijcfbn":{"blacklist":true}, "gplgjmecjpbfcdikpbicknafcnfcidek":{"blacklist":true}, "gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true}, "kincjchfokkeneeofpeefomkikfkiedl":{"blacklist":true}, "bhmahaiplmeodpakkcchmolaihbhkpdl":{"blacklist":true}, "mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true}, "fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true}, "benclngoadbppljglhphhnfknoppmjoa":{"blacklist":true}, "gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklist":true}, "iggjepemmdkieakihpomccndhdfcljdp":{"blacklist":true}, "npadaghbcdejfngcjpbnoikajdnongca":{"blacklist":true}, "ljeihpebkahejeacdalhkhmckmggppif":{"blacklist":true}, "hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true}, "mfooalpniplhaaealemjpchkchmmgdko":{"blacklist":true}, "pkbkkendemaimikinaefldfljliecapm":{"blacklist":true}, "nhboiakpmibkbkbeehchlfkggmhphpnk":{"blacklist":true}, "hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true}, "jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true}, "odnamglmogfldajnhkfodmloofeokcmm":{"blacklist":true}, "emcdpbapjmnjgoannclkongdfboaabho":{"blacklist":true}, "lplmcpcnhpbffpcfiaddbeaplhhbengd":{"blacklist":true}, "hjkhligcnpfjhjlapmejaiaiigibofif":{"blacklist":true}, "echjhfifjidfhoappglfmoffcpmpkigb":{"blacklist":true}, "leccghfplhenabeogpibljliijgapfgb":{"blacklist":true}, "pcaedgdgamlfffkfblocmakhgieggoak":{"blacklist":true}, "mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true}, "cfnfobbpdaccoljfahpmfjdmbfmmkeof":{"blacklist":true}, "cfogpbanfnocakdckmgafapdlmclpiln":{"blacklist":true}, "kmlebjoghkhpapfhbdikannggmmffnco":{"blacklist":true}, "nfecfkjnlkbphobjbcnphimihniieehc":{"blacklist":true}, "fpokembamndopkflopmplkklbdngnknd":{"blacklist":true}, "negkalblfongjbphdcbbhddlickhlamd":{"blacklist":true}, "iemfpgbdjfoihicbocpbjppipdbfimeh":{"blacklist":true}, "mplhbhmkccidaokcelbcbcmhhedebcng":{"blacklist":true}, "cbjlfaogacjpkplebfbijaakaifoflno":{"blacklist":true}, "pbdgmppmccanplobanhfkjndjkmmabgk":{"blacklist":true}, "ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true}, "jbfebbkjjmkcoldeaeelhpconkmgjhbg":{"blacklist":true}, "icmlaeflemplmjndnaapfdbbnpncnbda":{"from_bookmark":false, "active_permissions":{"scriptable_host":["hxxp://*/*", "hxxps://*/*"], "api":["tabs"], "explicit_host":["hxxp://*/*", "hxxps://*/*"]}, "location":3, "ack_external":true, "events":["runtime.onInstalled"], "install_time":"13001022254169865", "lastpingday":"13002451194752074", "state":1, "from_webstore":false, "manifest":{"name":"avast! WebRep", "key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfBBgbBomL+8Ze0I3H5diuRW5XcxzEGzMgmCWRwf/XB4gdxIKK880IIDrKW13wW/RjlB5M6CipuiERx/91yBYP6Oz+56h22Chwgn0zIiGq35MJpP1cfYbnp4bzl1odIIX/d8j8LZ+Ur22y76sZP+WtoFphr+7axJRXC8IrXhAEcQIDAQAB", "default_locale":"en", "background_page":"background.html", "current_locale":"cs", "icons":{"256":"skin/images/icons/green3-24.png", "128":"skin/images/icons/green3-24.png", "64":"skin/images/icons/green3-24.png", "48":"skin/images/icons/green3-24.png"}, "version":"7.0.1426", "content_scripts":[{"css":["skin/css/anchor.css"], "matches":["hxxp://*/*", "hxxps://*/*"]}], "permissions":["hxxp://*/*", "hxxps://*/*", "tabs"], "description":"Web Reputation Plugin", "browser_action":{"default_title":"avast! WebRep", "default_icon":"skin/images/icons/grey0-16.png", "popup":"popup.html"}}, "path":"icmlaeflemplmjndnaapfdbbnpncnbda\\7.0.1426_0"}, "lgalokbapphhklmilicdefmgbjkcmldf":{"blacklist":true}, "mlnoedbhndgbjcbeadjfnmjloejlgojk":{"blacklist":true}, "imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true}, "fpbippbofbmgmbojjmgfcifpmdaelcmd":{"blacklist":true}, "dpaphgcjeeochbiafgbochohgmpcmlbj":{"blacklist":true}, "kdjhalklkkcmodeicjiaekcgifkcepaf":{"blacklist":true}, "ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true}, "egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true}, "gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":true}, "ehmjnpjodmgeocfphkjjnheiheehcoid":{"blacklist":true}, "gkhbgnodbilglgholifcjdblbgdaieah":{"blacklist":true}, "hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"blacklist":true}, "agmhonoepgcnakccfpidhjehlocaeaaj":{"blacklist":true}, "lhajoamjgchgljkdjigcgmmcehjkagan":{"blacklist":true}, "onjaecbdddgibdijafoemfiachlbcgkj":{"blacklist":true}, "cbhhdkemlehgodemcigfabmcdnohhhef":{"blacklist":true}, "kdcnnmifdmlmjffdgeieikcokcogpbej":{"blacklist":true}, "bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true}, "glhhlafadlhkgbklgbjnmblfhnkfknbm":{"blacklist":true}, "megkcfpbmemnpkgadkoompnoajcolpni":{"blacklist":true}, "hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true}, "oilfokmpgejhjhecdjjpikloibggpenf":{"blacklist":true}, "mplpabdbfbloeiboikmdbnggfnjbjmlh":{"blacklist":true}, "hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true}, "likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true}, "fjjeecfjmgfnleghoellhldedkaocjfc":{"blacklist":true}, "pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true}, "loggadfheaoeabmkgolecncpfdfioefa":{"blacklist":true}, "nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true}, "kgdmldjagfciieddcnlhampgkajkpanc":{"blacklist":true}, "iomejadoamfilglofmeaffghddcgapmf":{"blacklist":true}, "foenbafkkmajnmfnlcmejonkfaipdmme":{"blacklist":true}, "djnahdkbfgnhgpakidinfonfcjbagkgp":{"blacklist":true}, "cepfogmgfkddnllaopgknbdfkceejmhk":{"blacklist":true}, "lojppnndedobolgfepahepphhloediji":{"blacklist":true}, "ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true}, "aojicjocmihiopalnhjikigammkhgckb":{"blacklist":true}, "gaicmfjflflabagobdiodejfpjikheeo":{"blacklist":true}, "pkdlpbfmpolnhligegklimbccminkioc":{"blacklist":true}, "pjdhkkcnlbfebiokpeghfffajaabahfo":{"blacklist":true}, "dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true}, "peahabnpipmmfiajjjhgfggbeigbmbgp":{"blacklist":true}, "bdgijcibmhjjccgbdohofncdjcophknj":{"blacklist":true}, "igaajdmlejbjcbmpmnigopikfdaccdcm":{"blacklist":true}, "bmapjpndbiamjgnblnlpghpbjccijkbc":{"state":1, "location":4, "path":"C:\\Program Files (x86)\\Searchqu Toolbar\\Datamngr\\ChromeExtension", "allowFileAccess":true, "incognito":true, "install_time":"13001022249234586"}, "dpmloehicimdjkibmobhmpgdndgbcced":{"blacklist":true}, "fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true}, "gjmhdmobkhfhkpfmfegnkkimlamjdldi":{"blacklist":true}, "dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true}, "pfonklmafadkmcedjlodommcoipgbcde":{"blacklist":true}, "bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true}, "fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true}, "hhbihfbjoifhhebcnchglobmkmapgjkm":{"blacklist":true}, "cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true}, "naopgnjebjeeedbbhcadkhkmeefmloho":{"blacklist":true}, "aakhlmakppmkkmfkoibponkmmpgpmjgl":{"blacklist":true}, "oanjogmonneelfpnfmdlalfddkeckdej":{"blacklist":true}, "kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true}, "obfnipbbnnhkbafmdbbfpgfgbjmmkgpm":{"blacklist":true}, "fommcgokigkhmnhlhlkckfjhefnmfohd":{"blacklist":true}, "kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true}, "aandpgohbohmlknpjbblpmoladhoochg":{"blacklist":true}, "pnpfkfanlgljpkpilhgiimfadggfmhcd":{"blacklist":true}, "pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true}, "abfclfmhaemoockhhinpplncjehfpdbd":{"blacklist":true}, "kiipngoehgkgkackngaidmhmnchfbmio":{"blacklist":true}, "ckckpgefkpjfopjppjfcikppehdhceah":{"blacklist":true}, "pajgiddgjidlcajihkjoacjbplimkgfe":{"blacklist":true}, "hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true}, "bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true}, "oocfbmollajebjjpkahmlnclfhkjijea":{"blacklist":true}, "dhclobcklknojliojkkclgjndemadnig":{"blacklist":true}, "jfhmafmjfdblceidmfdmoihamolaaeco":{"blacklist":true}, "ihnembcpodnfgkafmiojebccomjekopm":{"blacklist":true}, "hkjcejgfmaanpncnpoidgbhoikcaeepd":{"blacklist":true}, "aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true}, "idbdlnkdnaodonmgnimcfelpngbmcpjk":{"blacklist":true}, "nmgpbidjnaebdlbdbpjggenmbaolmfoi":{"blacklist":true}, "nhkmojkfnknbbmhbnacjdlodokeophkl":{"blacklist":true}, "kibgmcdcfmcglajcfbecilngejnfppjp":{"blacklist":true}, "ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true}, "kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true}, "cjohbbapkbkkhpohinffggbphnhoblea":{"blacklist":true}, "ejakhnjbomgngodiidgbkapjgbdckhnh":{"blacklist":true}, "jgoljhcbgajhbhnchplgjdkknendhjnn":{"blacklist":true}, "mfffdpnblflpobcnekhekiahepofaane":{"blacklist":true}, "mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true}, "acmpfcamncegnhjdeiodgilikjafcamg":{"blacklist":true}, "fiiblakkkkgeljngobmpeljjapemenhi":{"blacklist":true}, "phkpgooenaonkpnabopdbjjfmphclela":{"blacklist":true}, "fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true}, "mpgehpkneknbopplhmmkfijfiniddipf":{"blacklist":true}, "clfhanhcjmgjnbpjfopldmnabimhmcmp":{"blacklist":true}, "edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true}, "mcbkimglepddodbiongpohpeidioafgk":{"blacklist":true}, "hbmlheccjkodhfejcmblndjodllmnlnl":{"blacklist":true}, "epbmnbdplhcomkedpjfceakddnbgfjmf":{"blacklist":true}, "iablioliielnhdianpbiijaoncbmfend":{"blacklist":true}, "ijjmbbddenkbenbcfldgghhjgjmcnioo":{"blacklist":true}, "lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true}, "dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true}, "fleljamdchegbjeiipbnmiebnhgheeld":{"blacklist":true}, "afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true}, "efhjelcghjkfigiagdfbfilndaffpmdj":{"blacklist":true}, "ecinfbhalenfhdhnljmkglajfjjfehoj":{"blacklist":true}, "mjgobkikdipfikmaoakdcdbicpioljgg":{"blacklist":true}, "fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true}, "cgnegjfmdfenjojhjffejinpnpoglmlh":{"blacklist":true}, "fomljmklmcefndkgpakgifbiiidgbjej":{"blacklist":true}, "hhfffemhgkginfafaoapljdllodppana":{"blacklist":true}, "jgmpapdckakiohhebmeoemejibommimi":{"blacklist":true}, "lpgiafapdmlapiokjnmpbbfkomiceoml":{"blacklist":true}, "jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":true}, "dgcfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true}, "kdchmeaiapjkejkcbeclgjklemecieeg":{"blacklist":true}, "kffhenjbibjnbnjhlkcdlmpeccpaohio":{"blacklist":true}, "gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true}, "ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true}, "cdogaeccgljmkecjmoedambgiekkllij":{"blacklist":true}, "hefmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true}, "dlobhinihbmedmheccecfnkcadpehmbf":{"blacklist":true}, "fpjdackpllilinpkgmhkpidkanmccblc":{"blacklist":true}, "copjbedljgpkaakkmbhgkpoaadeahido":{"blacklist":true}, "fngolbdmkneakeaoiieafkilnogbocda":{"blacklist":true}, "jmeanodbelbflfmnkfdjgpikmldgjjko":{"blacklist":true}, "gfjfhihpkmehdmblhfaikkipeplpdcla":{"blacklist":true}, "pgldfhecfiofkhnbgcncepnkjkeoahlk":{"blacklist":true}, "hdijkiondgomjpehfhopomicjbiodmcm":{"blacklist":true}, "dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true}, "eopmhecjnginkckggjmhombbopmkjpam":{"blacklist":true}, "kgdkcodealpfjolmiagcogfbgmaamegh":{"blacklist":true}, "jmbkhogpjgjpfjhpdikloblkbkljkgao":{"blacklist":true}, "kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true}, "fjhfnfakmfcejgmfkmnapemgblmehppf":{"blacklist":true}, "ldgfapfmnplpaohbbadnecegcpfkfall":{"blacklist":true}, "omceiakkomngangmllpgbjcoeloglald":{"blacklist":true}, "hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true}, "aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":true}, "hfjpjodbolkmheaehcnmfhjakjileoof":{"blacklist":true}, "ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true}, "hgjgaeknhmidehalnmokomhpfhbfmpcm":{"blacklist":true}, "ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true}, "jeehjhnmgohgpfpjneglogiholalkeip":{"blacklist":true}, "gfmmoiakbmdohkgeoekiokjgljcminig":{"blacklist":true}, "ilhjicgcglhjigdehkcehjdokmkahbjl":{"blacklist":true}, "kbmjeinfampkeiaikafmegpjccmmnanj":{"ack_external":true}, "iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true}, "pjgbfgdpkbfimabdalhjmmeeelbmkcac":{"blacklist":true}, "iccblehkchfmjgfafjcpjlkjcponhdhl":{"blacklist":true}, "jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true}, "lcfkojlnjnedeoepfemhdgkhiabkeadc":{"blacklist":true}, "pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true}, "hilncbjbdpnfepdidfchmdclhpnlegpj":{"blacklist":true}, "dbiblcmlcgdjjbdpbmbcpineegngkiip":{"blacklist":true}, "ncpdanjmicnihdlijomcggnnekloephc":{"blacklist":true}, "nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true}, "gjkbghdignnlcknknflbigpammebiolo":{"blacklist":true}, "fopgndklnkecillfbdmfknhmadmenikm":{"blacklist":true}, "obgljnmbldahelaakfdbjkplokjoneip":{"blacklist":true}, "jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true}, "mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true}, "onfbaaifbbahonepmednhkjbhdgogkbl":{"blacklist":true}, "ljmjoloiepllcndinchenhomcdcgbgef":{"blacklist":true}, "pfgmgcnbngcnhjddppmnloflcidemopc":{"blacklist":true}, "pnnbdjcjeiobikdfikegpclkcimgafpp":{"blacklist":true}, "hfcgbiofoebieldldghfocjfnnajmpej":{"blacklist":true}, "ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true}, "oomelpjfeldbopnleifpjibbpekflhlg":{"blacklist":true}, "ldmoahefokhfelhpbgfjpelcdbahdofk":{"blacklist":true}, "igghanohiioehififjoalfkdoicafjof":{"blacklist":true}, "jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true}, "jddbdddmbfencninofcgnodekclofpaj":{"blacklist":true}, "dbanhghadfmjndnjmmejdgfdmgidlbpm":{"blacklist":true}, "opnnngnphijodjhemhdafpnnpdjggofe":{"blacklist":true}, "nhbfbnmmdjkjahhfdeklgphihfodfgnb":{"blacklist":true}, "fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true}, "aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true}, "igbaoknfddliiaoimhehfbkfekpmmfll":{"blacklist":true}, "nifbebeekindefklojhchehidpikbjfc":{"blacklist":true}, "lkfdchejjogilmloogbbjlnlpbhgjfab":{"blacklist":true}, "ilmknaabackgdbnkgbihgpgiopnlkjek":{"blacklist":true}, "nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true}, "mdngbiejioalifclonjepjjfppmbgned":{"blacklist":true}, "magllcifjcllaafcdplnajmobccbcdlo":{"blacklist":true}, "abciiempgohamehppammbkhkicmkgkob":{"blacklist":true}, "gdggdkkjecogagaffaemnbfmllcoihjp":{"blacklist":true}, "gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true}, "mhbffdldpckobeihgebaamjalehefnia":{"blacklist":true}, "cnimdnlablahacgompaahbgohcokcclp":{"blacklist":true}, "oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true}, "fnnmbghphdnmmjdapccfobgjemjadeli":{"blacklist":true}, "deonbedlmakdddidplniclflladdjoep":{"blacklist":true}, "npolaghondefgiomhkbiiompikfjneep":{"blacklist":true}, "caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true}, "ajlkjjdbgcjdiklbcomhnfghjigfccoh":{"blacklist":true}, "mdiehnlecbjlppbpaaipmlnhhjgepfcg":{"blacklist":true}, "jbmbiepnidbnhbbfdbgioomdkgnbcacj":{"blacklist":true}, "lgcnahanhlfpceencjmlehpfklokhojk":{"blacklist":true}, "ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true}, "mjolnadmlahbpepjaemohnkhpjkbhmef":{"blacklist":true}, "deocpjmfifplhepinpkmpinpnbiemfje":{"blacklist":true}, "efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true}, "cbbbpmlnlpnjojeplppgeilanlihoojg":{"blacklist":true}, "lbficnmfealeidppcbgdcbemgfjodbkg":{"blacklist":true}, "mndoohjdoechinpkfbkolflbonciahfo":{"blacklist":true}, "fiapkdjniadkodmdibdnchoifkpfoiid":{"blacklist":true}, "cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true}, "hkjfdgjkgpbbdmadbglcgljjjddkcdha":{"blacklist":true}, "aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true}, "lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true}, "fcfepemfihgibdacjlnlecebknaaepmj":{"blacklist":true}, "cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true}, "hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true}, "bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true}, "mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true}, "coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true}, "pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":true}, "pfoiaildicnbcjojocjlpcibenphhbln":{"blacklist":true}, "imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":true}, "hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true}, "lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true}, "hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true}, "mamfageekafifnickhgkibkofcclfefe":{"blacklist":true}, "apdmgffkfhjfeejmbjidennfjdkmmmbl":{"blacklist":true}, "mandondadnlimicalgkbkaohmeopdojj":{"blacklist":true}, "nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true}, "mcknnlhkkdbcppajgefagceglahcafjd":{"blacklist":true}, "flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":true}, "hpcdoodjfcmpcpkeendjnjkeinimhkih":{"blacklist":true}, "ocmhjnhildbnglmlfimkjnnfgddelacb":{"blacklist":true}, "pkcbihpffghlanbclfmkegjmbijcpobj":{"blacklist":true}, "fpoajjnnpmledpmohlgpgbmlhbgkgahg":{"blacklist":true}, "pgjpnfpidejcmjibaaohcmehfohacckf":{"blacklist":true}, "jfalnphfjdoalcdhlnhdpekbmmopkgkj":{"blacklist":true}, "peiijdmlgbelnnmnkighhkpeihmmamio":{"blacklist":true}, "lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true}, "gmghjgfdialcnhadahmjefeflgnhcjeb":{"blacklist":true}, "ckphhghhpjbfddcgkpfbelfeojcciglo":{"blacklist":true}, "jpehgolpfgnknboibogccapmdcadjkbd":{"blacklist":true}, "nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true}, "pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true}, "anmjpohfnlopdfaojooicpemopnliimn":{"blacklist":true}, "mnhcgaghminpdabllkbkecahjfkdiabk":{"blacklist":true}, "nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true}, "dmhgenmamfphbclmhdgmffajkfommkom":{"blacklist":true}, "dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true}, "ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true}, "pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true}, "alfahpoknocfdebmiclonikapcnljlob":{"blacklist":true}, "aconhjfogglfnkjhkjipaifepjklolog":{"blacklist":true}, "ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true}, "plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true}, "lnahlgmhpghkhmafjppdidhcoaomipfg":{"blacklist":true}, "nidmbljkkcbdfklgdkklgjgmhejmbojn":{"blacklist":true}, "dnemhlkdpajbbniphgkgceplmnkfnhfo":{"blacklist":true}, "aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist":true}, "mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true}, "cpiiakoibaohkfoaijaigdnocfolnmll":{"blacklist":true}, "kgdhnhadbnpeibkghaebmhmngobdafag":{"blacklist":true}, "lbaddolhebpnhdcdkicpcflhnfamcemn":{"blacklist":true}, "cmlokmkdolieoaoddlfhaidnlmiadhik":{"blacklist":true}, "aieihijcjcccdiepockaiekhpflicdii":{"blacklist":true}, "lfggokjjaanlfikbbapgnfemifmddalf":{"blacklist":true}, "alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true}, "akbdojiajlefghcdclgkgmbbljamgehd":{"blacklist":true}, "ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true}, "kolbbghckjilleabphhgeggcgpfidofi":{"blacklist":true}, "janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true}, "dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true}, "icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true}, "mnllienogacopjnkmhgnniopjpgjpopp":{"blacklist":true}, "pihcfdffalbcnmbghijdfcaanagapelf":{"blacklist":true}, "dfafokiagoiocidlpglcanjkcdbdnioi":{"blacklist":true}}, "toolbarsize":-1, "chrome_url_overrides":{"newtab":["chrome-extension://bmapjpndbiamjgnblnlpghpbjccijkbc/config/skin/new-tab.html"], "bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]}, "alerts":{"initialized":true}, "blacklistupdate":{"lastpingday":"13002451194656074", "version":"0.0.0.138"}, "toolbar":["icmlaeflemplmjndnaapfdbbnpncnbda"]}, "distribution":{"make_chrome_default_for_user":true}, "net":{"hxxp_server_properties":{"clients2.google.com:443":{"settings":[{"value":100, "id":4}, {"value":32, "id":5}, {"value":0, "id":6}], "supports_spdy":true}}}, "profile":{"avatar_index":0, "per_host_zoom_levels":{"velkyberanov-fotbal.cz":0.522758722305298}, "content_settings":{"clear_on_exit_migrated":true, "pref_version":1}, "exited_cleanly":true, "name":"Prvn\u00ed u\u017eivatel"}, "dns_prefetching":{"startup_list":[1, "hxxp://ap.ff.avast.com/", "hxxp://api.webrep.avast.com/", "hxxp://localhost:18821/", "hxxp://localhost:27275/", "hxxp://localhost:7754/", "hxxp://nabytek-elias.cz/", "hxxp://www.google-analytics.com/", "hxxp://www.searchnu.com/"], "host_referral_list":[2, ["hxxp://david.velkyberanov-fotbal.cz/", ["hxxp://ajax.googleapis.com/", 2.0253353191915, "hxxp://david.velkyberanov-fotbal.cz/", 4.96813022741846, "hxxp://upload.wikimedia.org/", 17.9164278236171]], ["hxxp://googleads.g.doubleclick.net/", ["hxxp://googleads.g.doubleclick.net/", 3.171405017424, "hxxp://pagead2.googlesyndication.com/", 3.49232100133, "hxxp://www.google.com/", 3.171405017424, "hxxps://googleads.g.doubleclick.net/", 3.171405017424]], ["hxxp://nabytek-elias.cz/", ["hxxp://nabytek-elias.cz/", 7.39448271551313, "hxxp://www.google-analytics.com/", 2.6037004, "hxxp://www.kasvo.cz/", 1.41621255536993]], ["hxxp://search.seznam.cz/", ["hxxp://fimg.seznam.cz/", 5.09690092086, "hxxp://h.imedia.cz/", 3.813236985236, "hxxp://i.imedia.cz/", 2.850489033518, "hxxp://s.imedia.cz/", 2.208657065706, "hxxp://search.seznam.cz/", 7.343312808202, "hxxp://seznam.hit.gemius.pl/", 2.208657065706]], ["hxxp://seznam.cz/", ["hxxp://www.seznam.cz/", 2.529573049612]], ["hxxp://velkyberanov-fotbal.cz/", ["hxxp://velkyberanov-fotbal.cz/", 9.85334340623845]], ["hxxp://www.abcgames.cz/", ["hxxp://pagead2.googlesyndication.com/", 2.208657065706, "hxxp://toplist.cz/", 2.208657065706, "hxxp://www.abcgames.cz/", 8.947892727732, "hxxp://www.google-analytics.com/", 2.208657065706]], ["hxxp://www.searchnu.com/", ["hxxp://www.google-analytics.com/", 1.02631692907722, "hxxp://www.searchnu.com/", 1.2898418833186]], ["hxxp://www.seznam.cz/", ["hxxp://1.im.cz/", 2.208657065706, "hxxp://10.im.cz/", 2.208657065706, "hxxp://h.imedia.cz/", 3.171405017424, "hxxp://i.imedia.cz/", 4.134152969142, "hxxp://s.imedia.cz/", 2.208657065706, "hxxp://seznam.hit.gemius.pl/", 2.529573049612, "hxxp://www.seznam.cz/", 16.649876341476]]]}, "browser":{"window_placement":{"work_area_top":0, "work_area_right":1920, "top":0, "left":61, "bottom":964, "maximized":true, "right":1111, "work_area_left":0, "work_area_bottom":1040}, "last_prompted_google_url":"hxxp://www.google.cz/", "last_known_google_url":"hxxp://www.google.cz/", "show_home_button":true, "check_default_browser":false}, "homepage":"hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3206", "download":{"directory_upgrade":true}}

*************************

AdwCleaner[R1].txt - [43433 octets] - [16/01/2013 22:56:33]

########## EOF - C:\AdwCleaner[R1].txt - [43494 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: HijackThis - Certified Toolbar search

Příspěvekod memphisto » 16 led 2013 23:18

V AdwCleaner a Mbam nech vše smazat

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 17 led 2013 10:16

10:14:24.0082 4860 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:14:24.0410 4860 ============================================================
10:14:24.0410 4860 Current date / time: 2013/01/17 10:14:24.0410
10:14:24.0410 4860 SystemInfo:
10:14:24.0410 4860
10:14:24.0410 4860 OS Version: 6.1.7601 ServicePack: 1.0
10:14:24.0410 4860 Product type: Workstation
10:14:24.0410 4860 ComputerName: STENE-PC
10:14:24.0410 4860 UserName: Stene
10:14:24.0410 4860 Windows directory: C:\Windows
10:14:24.0410 4860 System windows directory: C:\Windows
10:14:24.0410 4860 Running under WOW64
10:14:24.0410 4860 Processor architecture: Intel x64
10:14:24.0410 4860 Number of processors: 4
10:14:24.0410 4860 Page size: 0x1000
10:14:24.0410 4860 Boot type: Normal boot
10:14:24.0410 4860 ============================================================
10:14:26.0048 4860 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
10:14:26.0064 4860 ============================================================
10:14:26.0064 4860 \Device\Harddisk0\DR0:
10:14:26.0064 4860 MBR partitions:
10:14:26.0064 4860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:14:26.0064 4860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3D210000
10:14:26.0064 4860 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3D242800, BlocksNum 0x18893800
10:14:26.0064 4860 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x55AD6000, BlocksNum 0x1EC30000
10:14:26.0064 4860 ============================================================
10:14:26.0079 4860 C: <-> \Device\Harddisk0\DR0\Partition2
10:14:26.0110 4860 D: <-> \Device\Harddisk0\DR0\Partition1
10:14:26.0157 4860 E: <-> \Device\Harddisk0\DR0\Partition4
10:14:26.0220 4860 G: <-> \Device\Harddisk0\DR0\Partition3
10:14:26.0220 4860 ============================================================
10:14:26.0220 4860 Initialize success
10:14:26.0220 4860 ============================================================
10:14:28.0185 4904 ============================================================
10:14:28.0185 4904 Scan started
10:14:28.0185 4904 Mode: Manual;
10:14:28.0185 4904 ============================================================
10:14:29.0761 4904 ================ Scan system memory ========================
10:14:29.0761 4904 System memory - ok
10:14:29.0761 4904 ================ Scan services =============================
10:14:29.0917 4904 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:14:29.0917 4904 1394ohci - ok
10:14:29.0964 4904 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:14:29.0964 4904 ACPI - ok
10:14:29.0979 4904 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:14:29.0979 4904 AcpiPmi - ok
10:14:30.0135 4904 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
10:14:30.0135 4904 Adobe Version Cue CS3 - ok
10:14:30.0198 4904 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:14:30.0198 4904 AdobeARMservice - ok
10:14:30.0322 4904 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:14:30.0322 4904 AdobeFlashPlayerUpdateSvc - ok
10:14:30.0354 4904 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:14:30.0354 4904 adp94xx - ok
10:14:30.0385 4904 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:14:30.0385 4904 adpahci - ok
10:14:30.0400 4904 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:14:30.0400 4904 adpu320 - ok
10:14:30.0432 4904 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:14:30.0432 4904 AeLookupSvc - ok
10:14:30.0463 4904 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:14:30.0478 4904 AFD - ok
10:14:30.0494 4904 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:14:30.0494 4904 agp440 - ok
10:14:30.0510 4904 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:14:30.0510 4904 ALG - ok
10:14:30.0525 4904 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:14:30.0525 4904 aliide - ok
10:14:30.0572 4904 [ 0642A7B1C4B119AE2AAF1AA61CF69668 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:14:30.0572 4904 AMD External Events Utility - ok
10:14:30.0588 4904 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:14:30.0588 4904 amdide - ok
10:14:30.0603 4904 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:14:30.0603 4904 AmdK8 - ok
10:14:30.0728 4904 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:14:30.0790 4904 amdkmdag - ok
10:14:30.0806 4904 [ 4647D713CFF04FAE4F862B3144725BC1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:14:30.0822 4904 amdkmdap - ok
10:14:30.0837 4904 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:14:30.0837 4904 AmdPPM - ok
10:14:30.0884 4904 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:14:30.0884 4904 amdsata - ok
10:14:30.0915 4904 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:14:30.0915 4904 amdsbs - ok
10:14:30.0931 4904 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:14:30.0931 4904 amdxata - ok
10:14:30.0978 4904 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:14:30.0978 4904 AppID - ok
10:14:31.0024 4904 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:14:31.0040 4904 AppIDSvc - ok
10:14:31.0071 4904 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:14:31.0071 4904 Appinfo - ok
10:14:31.0118 4904 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:14:31.0118 4904 arc - ok
10:14:31.0134 4904 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:14:31.0134 4904 arcsas - ok
10:14:31.0180 4904 [ B9DA213B5271DB5FCE962D827E6D620D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
10:14:31.0180 4904 aswFsBlk - ok
10:14:31.0212 4904 [ 21C9835D0E5AD2FF0F16134BCB32CC71 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:14:31.0212 4904 aswMonFlt - ok
10:14:31.0274 4904 [ 1B96A5867ABD4FA6135D8298FCCCF9C6 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
10:14:31.0274 4904 aswRdr - ok
10:14:31.0352 4904 [ 6E98BB288696777A3A8A07A52B0EAEE9 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:14:31.0368 4904 aswSnx - ok
10:14:31.0368 4904 [ D9FB49F16E4EB02EFECAE8CBFE4BCB4C ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:14:31.0368 4904 aswSP - ok
10:14:31.0383 4904 [ 7352BB9A564B94BBD7C9CBF165F55006 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:14:31.0383 4904 aswTdi - ok
10:14:31.0430 4904 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:14:31.0430 4904 AsyncMac - ok
10:14:31.0446 4904 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:14:31.0461 4904 atapi - ok
10:14:31.0492 4904 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
10:14:31.0508 4904 AtiHdmiService - ok
10:14:31.0555 4904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:14:31.0570 4904 AudioEndpointBuilder - ok
10:14:31.0586 4904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:14:31.0602 4904 AudioSrv - ok
10:14:31.0664 4904 [ 4041D31508A2A084DFB42C595854090F ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
10:14:31.0664 4904 avast! Antivirus - ok
10:14:31.0695 4904 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:14:31.0695 4904 AxInstSV - ok
10:14:31.0742 4904 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:14:31.0758 4904 b06bdrv - ok
10:14:31.0789 4904 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:14:31.0789 4904 b57nd60a - ok
10:14:31.0804 4904 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:14:31.0804 4904 BDESVC - ok
10:14:31.0804 4904 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:14:31.0804 4904 Beep - ok
10:14:31.0867 4904 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:14:31.0898 4904 BFE - ok
10:14:31.0929 4904 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:14:31.0960 4904 BITS - ok
10:14:31.0992 4904 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:14:31.0992 4904 blbdrive - ok
10:14:32.0023 4904 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:14:32.0023 4904 Bonjour Service - ok
10:14:32.0070 4904 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:14:32.0070 4904 bowser - ok
10:14:32.0101 4904 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:14:32.0101 4904 BrFiltLo - ok
10:14:32.0116 4904 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:14:32.0132 4904 BrFiltUp - ok
10:14:32.0163 4904 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:14:32.0163 4904 BridgeMP - ok
10:14:32.0226 4904 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:14:32.0226 4904 Browser - ok
10:14:32.0257 4904 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:14:32.0257 4904 Brserid - ok
10:14:32.0272 4904 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:14:32.0272 4904 BrSerWdm - ok
10:14:32.0288 4904 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:14:32.0288 4904 BrUsbMdm - ok
10:14:32.0304 4904 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:14:32.0304 4904 BrUsbSer - ok
10:14:32.0319 4904 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:14:32.0319 4904 BTHMODEM - ok
10:14:32.0350 4904 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:14:32.0350 4904 bthserv - ok
10:14:32.0366 4904 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:14:32.0366 4904 cdfs - ok
10:14:32.0397 4904 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:14:32.0397 4904 cdrom - ok
10:14:32.0444 4904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:14:32.0444 4904 CertPropSvc - ok
10:14:32.0460 4904 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:14:32.0475 4904 circlass - ok
10:14:32.0522 4904 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:14:32.0522 4904 CLFS - ok
10:14:32.0600 4904 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:14:32.0600 4904 clr_optimization_v2.0.50727_32 - ok
10:14:32.0647 4904 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:14:32.0662 4904 clr_optimization_v2.0.50727_64 - ok
10:14:32.0740 4904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:14:32.0772 4904 clr_optimization_v4.0.30319_32 - ok
10:14:32.0803 4904 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:14:32.0803 4904 clr_optimization_v4.0.30319_64 - ok
10:14:32.0834 4904 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:14:32.0834 4904 CmBatt - ok
10:14:32.0865 4904 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:14:32.0881 4904 cmdide - ok
10:14:32.0928 4904 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:14:32.0943 4904 CNG - ok
10:14:32.0943 4904 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:14:32.0959 4904 Compbatt - ok
10:14:32.0974 4904 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:14:32.0974 4904 CompositeBus - ok
10:14:32.0990 4904 COMSysApp - ok
10:14:33.0037 4904 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
10:14:33.0052 4904 cpuz132 - ok
10:14:33.0099 4904 [ 17719A7F571D4CD08223F0B30F71B8B8 ] cpuz134 C:\Windows\system32\drivers\cpuz134_x64.sys
10:14:33.0099 4904 cpuz134 - ok
10:14:33.0115 4904 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:14:33.0130 4904 crcdisk - ok
10:14:33.0162 4904 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:14:33.0162 4904 CryptSvc - ok
10:14:33.0224 4904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:14:33.0240 4904 DcomLaunch - ok
10:14:33.0271 4904 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:14:33.0271 4904 defragsvc - ok
10:14:33.0318 4904 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:14:33.0318 4904 DfsC - ok
10:14:33.0364 4904 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:14:33.0380 4904 Dhcp - ok
10:14:33.0396 4904 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:14:33.0396 4904 discache - ok
10:14:33.0427 4904 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:14:33.0427 4904 Disk - ok
10:14:33.0505 4904 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:14:33.0520 4904 Dnscache - ok
10:14:33.0583 4904 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:14:33.0598 4904 dot3svc - ok
10:14:33.0661 4904 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:14:33.0661 4904 DPS - ok
10:14:33.0708 4904 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:14:33.0723 4904 drmkaud - ok
10:14:33.0786 4904 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:14:33.0786 4904 dtsoftbus01 - ok
10:14:33.0895 4904 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:14:33.0910 4904 DXGKrnl - ok
10:14:33.0942 4904 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:14:33.0957 4904 EapHost - ok
10:14:34.0113 4904 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:14:34.0144 4904 ebdrv - ok
10:14:34.0176 4904 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:14:34.0176 4904 EFS - ok
10:14:34.0222 4904 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:14:34.0238 4904 ehRecvr - ok
10:14:34.0269 4904 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:14:34.0269 4904 ehSched - ok
10:14:34.0316 4904 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:14:34.0332 4904 elxstor - ok
10:14:34.0363 4904 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:14:34.0363 4904 ErrDev - ok
10:14:34.0410 4904 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:14:34.0425 4904 EventSystem - ok
10:14:34.0472 4904 EverestDriver - ok
10:14:34.0519 4904 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:14:34.0519 4904 exfat - ok
10:14:34.0550 4904 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:14:34.0550 4904 fastfat - ok
10:14:34.0612 4904 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:14:34.0628 4904 Fax - ok
10:14:34.0644 4904 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:14:34.0644 4904 fdc - ok
10:14:34.0659 4904 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:14:34.0659 4904 fdPHost - ok
10:14:34.0675 4904 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:14:34.0675 4904 FDResPub - ok
10:14:34.0690 4904 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:14:34.0690 4904 FileInfo - ok
10:14:34.0690 4904 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:14:34.0690 4904 Filetrace - ok
10:14:34.0784 4904 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:14:34.0800 4904 FLEXnet Licensing Service - ok
10:14:34.0815 4904 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:14:34.0815 4904 flpydisk - ok
10:14:34.0862 4904 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:14:34.0862 4904 FltMgr - ok
10:14:34.0940 4904 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:14:34.0956 4904 FontCache - ok
10:14:35.0018 4904 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:14:35.0018 4904 FontCache3.0.0.0 - ok
10:14:35.0018 4904 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:14:35.0018 4904 FsDepends - ok
10:14:35.0049 4904 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:14:35.0049 4904 Fs_Rec - ok
10:14:35.0096 4904 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:14:35.0096 4904 fvevol - ok
10:14:35.0112 4904 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:14:35.0127 4904 gagp30kx - ok
10:14:35.0174 4904 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:14:35.0190 4904 gpsvc - ok
10:14:35.0236 4904 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:14:35.0236 4904 hamachi - ok
10:14:35.0330 4904 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
10:14:35.0346 4904 Hamachi2Svc - ok
10:14:35.0361 4904 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:14:35.0377 4904 hcw85cir - ok
10:14:35.0424 4904 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:14:35.0424 4904 HdAudAddService - ok
10:14:35.0455 4904 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:14:35.0455 4904 HDAudBus - ok
10:14:35.0486 4904 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:14:35.0486 4904 HidBatt - ok
10:14:35.0502 4904 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:14:35.0502 4904 HidBth - ok
10:14:35.0517 4904 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:14:35.0533 4904 HidIr - ok
10:14:35.0564 4904 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:14:35.0564 4904 hidserv - ok
10:14:35.0595 4904 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:14:35.0595 4904 HidUsb - ok
10:14:35.0626 4904 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:14:35.0642 4904 hkmsvc - ok
10:14:35.0673 4904 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:14:35.0689 4904 HomeGroupListener - ok
10:14:35.0720 4904 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:14:35.0736 4904 HomeGroupProvider - ok
10:14:35.0767 4904 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:14:35.0767 4904 HpSAMD - ok
10:14:35.0814 4904 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:14:35.0829 4904 HTTP - ok
10:14:35.0860 4904 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:14:35.0860 4904 hwpolicy - ok
10:14:35.0907 4904 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:14:35.0907 4904 i8042prt - ok
10:14:35.0970 4904 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:14:35.0970 4904 iaStorV - ok
10:14:36.0016 4904 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:14:36.0032 4904 idsvc - ok
10:14:36.0048 4904 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:14:36.0048 4904 iirsp - ok
10:14:36.0079 4904 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:14:36.0079 4904 IKEEXT - ok
10:14:36.0188 4904 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:14:36.0204 4904 IntcAzAudAddService - ok
10:14:36.0219 4904 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:14:36.0219 4904 intelide - ok
10:14:36.0219 4904 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:14:36.0235 4904 intelppm - ok
10:14:36.0250 4904 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:14:36.0250 4904 IPBusEnum - ok
10:14:36.0282 4904 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:14:36.0282 4904 IpFilterDriver - ok
10:14:36.0344 4904 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:14:36.0360 4904 iphlpsvc - ok
10:14:36.0391 4904 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:14:36.0391 4904 IPMIDRV - ok
10:14:36.0406 4904 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:14:36.0422 4904 IPNAT - ok
10:14:36.0438 4904 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:14:36.0453 4904 IRENUM - ok
10:14:36.0469 4904 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:14:36.0469 4904 isapnp - ok
10:14:36.0500 4904 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:14:36.0500 4904 iScsiPrt - ok
10:14:36.0516 4904 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:14:36.0516 4904 kbdclass - ok
10:14:36.0531 4904 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:14:36.0531 4904 kbdhid - ok
10:14:36.0547 4904 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:14:36.0547 4904 KeyIso - ok
10:14:36.0578 4904 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:14:36.0578 4904 KSecDD - ok
10:14:36.0609 4904 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:14:36.0609 4904 KSecPkg - ok
10:14:36.0625 4904 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:14:36.0625 4904 ksthunk - ok
10:14:36.0656 4904 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:14:36.0656 4904 KtmRm - ok
10:14:36.0703 4904 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:14:36.0718 4904 LanmanServer - ok
10:14:36.0750 4904 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:14:36.0750 4904 LanmanWorkstation - ok
10:14:36.0796 4904 [ 3B3029EE01EFE3D064FAC9855FD08312 ] lfsfilt C:\Windows\system32\DRIVERS\lfsfilt.sys
10:14:36.0812 4904 lfsfilt - ok
10:14:36.0890 4904 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:14:36.0890 4904 LightScribeService - ok
10:14:36.0921 4904 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:14:36.0921 4904 lltdio - ok
10:14:36.0968 4904 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:14:36.0984 4904 lltdsvc - ok
10:14:37.0015 4904 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:14:37.0015 4904 lmhosts - ok
10:14:37.0046 4904 [ 98E1CB1FFC2B84F06DEB20BBAF5D3C6D ] lpx C:\Windows\system32\DRIVERS\lpx.sys
10:14:37.0046 4904 lpx - ok
10:14:37.0093 4904 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:14:37.0093 4904 LSI_FC - ok
10:14:37.0124 4904 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:14:37.0140 4904 LSI_SAS - ok
10:14:37.0155 4904 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:14:37.0155 4904 LSI_SAS2 - ok
10:14:37.0186 4904 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:14:37.0186 4904 LSI_SCSI - ok
10:14:37.0218 4904 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:14:37.0218 4904 luafv - ok
10:14:37.0249 4904 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:14:37.0249 4904 MBAMProtector - ok
10:14:37.0296 4904 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:14:37.0311 4904 MBAMScheduler - ok
10:14:37.0342 4904 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:14:37.0342 4904 MBAMService - ok
10:14:37.0389 4904 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:14:37.0405 4904 Mcx2Svc - ok
10:14:37.0420 4904 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:14:37.0420 4904 megasas - ok
10:14:37.0452 4904 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:14:37.0452 4904 MegaSR - ok
10:14:37.0514 4904 Microsoft SharePoint Workspace Audit Service - ok
10:14:37.0545 4904 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:14:37.0561 4904 MMCSS - ok
10:14:37.0561 4904 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:14:37.0576 4904 Modem - ok
10:14:37.0592 4904 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:14:37.0592 4904 monitor - ok
10:14:37.0608 4904 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:14:37.0608 4904 mouclass - ok
10:14:37.0623 4904 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:14:37.0623 4904 mouhid - ok
10:14:37.0654 4904 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:14:37.0670 4904 mountmgr - ok
10:14:37.0764 4904 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:14:37.0764 4904 MozillaMaintenance - ok
10:14:37.0795 4904 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:14:37.0795 4904 mpio - ok
10:14:37.0826 4904 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:14:37.0826 4904 mpsdrv - ok
10:14:37.0873 4904 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:14:37.0904 4904 MpsSvc - ok
10:14:37.0920 4904 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:14:37.0935 4904 MRxDAV - ok
10:14:37.0966 4904 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:14:37.0966 4904 mrxsmb - ok
10:14:38.0013 4904 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:14:38.0013 4904 mrxsmb10 - ok
10:14:38.0029 4904 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:14:38.0044 4904 mrxsmb20 - ok
10:14:38.0060 4904 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:14:38.0060 4904 msahci - ok
10:14:38.0076 4904 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:14:38.0076 4904 msdsm - ok
10:14:38.0107 4904 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:14:38.0107 4904 MSDTC - ok
10:14:38.0122 4904 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:14:38.0122 4904 Msfs - ok
10:14:38.0138 4904 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:14:38.0138 4904 mshidkmdf - ok
10:14:38.0154 4904 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:14:38.0154 4904 msisadrv - ok
10:14:38.0185 4904 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:14:38.0185 4904 MSiSCSI - ok
10:14:38.0185 4904 msiserver - ok
10:14:38.0216 4904 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:14:38.0216 4904 MSKSSRV - ok
10:14:38.0232 4904 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:14:38.0247 4904 MSPCLOCK - ok
10:14:38.0263 4904 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:14:38.0263 4904 MSPQM - ok
10:14:38.0294 4904 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:14:38.0294 4904 MsRPC - ok
10:14:38.0310 4904 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:14:38.0310 4904 mssmbios - ok
10:14:38.0325 4904 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:14:38.0325 4904 MSTEE - ok
10:14:38.0341 4904 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:14:38.0341 4904 MTConfig - ok
10:14:38.0372 4904 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:14:38.0372 4904 Mup - ok
10:14:38.0403 4904 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:14:38.0419 4904 napagent - ok
10:14:38.0450 4904 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:14:38.0466 4904 NativeWifiP - ok
10:14:38.0497 4904 [ 5F970BB4AD0B39D2400A7AF2CA8424FC ] ndasbus C:\Windows\system32\DRIVERS\ndasbus.sys
10:14:38.0497 4904 ndasbus - ok
10:14:38.0528 4904 [ 52AC76F2EF766C2EE5D7774D53677547 ] ndasfat C:\Windows\system32\DRIVERS\ndasfat.sys
10:14:38.0528 4904 ndasfat - ok
10:14:38.0606 4904 [ 447B2A2BD035A49384008679EE058FFC ] ndassvc C:\Program Files\NDAS\System\ndassvc.exe
10:14:38.0606 4904 ndassvc - ok
10:14:38.0668 4904 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:14:38.0684 4904 NDIS - ok
10:14:38.0700 4904 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:14:38.0700 4904 NdisCap - ok
10:14:38.0715 4904 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:14:38.0715 4904 NdisTapi - ok
10:14:38.0762 4904 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:14:38.0762 4904 Ndisuio - ok
10:14:38.0809 4904 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:14:38.0809 4904 NdisWan - ok
10:14:38.0840 4904 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:14:38.0840 4904 NDProxy - ok
10:14:38.0871 4904 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:14:38.0871 4904 NetBIOS - ok
10:14:38.0902 4904 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:14:38.0902 4904 NetBT - ok
10:14:38.0918 4904 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:14:38.0918 4904 Netlogon - ok
10:14:38.0965 4904 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:14:38.0965 4904 Netman - ok
10:14:38.0980 4904 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:14:38.0996 4904 netprofm - ok
10:14:39.0012 4904 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:14:39.0027 4904 NetTcpPortSharing - ok
10:14:39.0027 4904 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:14:39.0043 4904 nfrd960 - ok
10:14:39.0074 4904 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:14:39.0074 4904 NlaSvc - ok
10:14:39.0136 4904 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
10:14:39.0136 4904 nmwcd - ok
10:14:39.0183 4904 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
10:14:39.0199 4904 nmwcdc - ok
10:14:39.0230 4904 [ 697CA586209E022D15DD0C838B235D6A ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
10:14:39.0230 4904 nmwcdnsucx64 - ok
10:14:39.0277 4904 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
10:14:39.0292 4904 nmwcdnsux64 - ok
10:14:39.0308 4904 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:14:39.0308 4904 Npfs - ok
10:14:39.0339 4904 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:14:39.0355 4904 nsi - ok

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 17 led 2013 10:17

10:14:39.0355 4904 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:14:39.0370 4904 nsiproxy - ok
10:14:39.0433 4904 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:14:39.0464 4904 Ntfs - ok
10:14:39.0480 4904 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:14:39.0480 4904 Null - ok
10:14:39.0495 4904 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:14:39.0495 4904 nvraid - ok
10:14:39.0526 4904 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:14:39.0526 4904 nvstor - ok
10:14:39.0573 4904 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:14:39.0573 4904 nv_agp - ok
10:14:39.0620 4904 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:14:39.0620 4904 ohci1394 - ok
10:14:39.0682 4904 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:14:39.0682 4904 ose - ok
10:14:39.0823 4904 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:14:39.0885 4904 osppsvc - ok
10:14:39.0916 4904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:14:39.0916 4904 p2pimsvc - ok
10:14:39.0932 4904 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:14:39.0932 4904 p2psvc - ok
10:14:39.0963 4904 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:14:39.0963 4904 Parport - ok
10:14:39.0994 4904 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:14:39.0994 4904 partmgr - ok
10:14:40.0010 4904 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:14:40.0026 4904 PcaSvc - ok
10:14:40.0057 4904 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
10:14:40.0072 4904 pccsmcfd - ok
10:14:40.0088 4904 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:14:40.0088 4904 pci - ok
10:14:40.0104 4904 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:14:40.0104 4904 pciide - ok
10:14:40.0135 4904 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:14:40.0135 4904 pcmcia - ok
10:14:40.0166 4904 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:14:40.0166 4904 pcw - ok
10:14:40.0182 4904 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:14:40.0197 4904 PEAUTH - ok
10:14:40.0275 4904 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:14:40.0275 4904 PerfHost - ok
10:14:40.0353 4904 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:14:40.0369 4904 pla - ok
10:14:40.0416 4904 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:14:40.0431 4904 PlugPlay - ok
10:14:40.0447 4904 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:14:40.0447 4904 PNRPAutoReg - ok
10:14:40.0462 4904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:14:40.0462 4904 PNRPsvc - ok
10:14:40.0509 4904 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:14:40.0525 4904 PolicyAgent - ok
10:14:40.0556 4904 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:14:40.0556 4904 Power - ok
10:14:40.0603 4904 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:14:40.0603 4904 PptpMiniport - ok
10:14:40.0618 4904 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:14:40.0634 4904 Processor - ok
10:14:40.0681 4904 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:14:40.0696 4904 ProfSvc - ok
10:14:40.0712 4904 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:14:40.0712 4904 ProtectedStorage - ok
10:14:40.0743 4904 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:14:40.0759 4904 Psched - ok
10:14:40.0790 4904 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
10:14:40.0806 4904 PSI_SVC_2 - ok
10:14:40.0868 4904 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:14:40.0868 4904 PxHlpa64 - ok
10:14:40.0915 4904 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:14:40.0946 4904 ql2300 - ok
10:14:40.0962 4904 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:14:40.0977 4904 ql40xx - ok
10:14:41.0008 4904 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:14:41.0008 4904 QWAVE - ok
10:14:41.0024 4904 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:14:41.0024 4904 QWAVEdrv - ok
10:14:41.0040 4904 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:14:41.0040 4904 RasAcd - ok
10:14:41.0055 4904 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:14:41.0055 4904 RasAgileVpn - ok
10:14:41.0071 4904 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:14:41.0071 4904 RasAuto - ok
10:14:41.0118 4904 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:14:41.0118 4904 Rasl2tp - ok
10:14:41.0164 4904 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:14:41.0180 4904 RasMan - ok
10:14:41.0196 4904 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:14:41.0196 4904 RasPppoe - ok
10:14:41.0211 4904 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:14:41.0211 4904 RasSstp - ok
10:14:41.0258 4904 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:14:41.0258 4904 rdbss - ok
10:14:41.0289 4904 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:14:41.0289 4904 rdpbus - ok
10:14:41.0305 4904 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:14:41.0320 4904 RDPCDD - ok
10:14:41.0336 4904 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:14:41.0336 4904 RDPENCDD - ok
10:14:41.0352 4904 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:14:41.0352 4904 RDPREFMP - ok
10:14:41.0383 4904 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:14:41.0398 4904 RDPWD - ok
10:14:41.0430 4904 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:14:41.0430 4904 rdyboost - ok
10:14:41.0461 4904 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:14:41.0476 4904 RemoteAccess - ok
10:14:41.0492 4904 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:14:41.0508 4904 RemoteRegistry - ok
10:14:41.0508 4904 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:14:41.0523 4904 RpcEptMapper - ok
10:14:41.0523 4904 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:14:41.0539 4904 RpcLocator - ok
10:14:41.0570 4904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
10:14:41.0586 4904 RpcSs - ok
10:14:41.0601 4904 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:14:41.0601 4904 rspndr - ok
10:14:41.0679 4904 [ 2E7D1CA91D62501713C9D6E6704395C6 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:14:41.0679 4904 RTHDMIAzAudService - ok
10:14:41.0726 4904 [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:14:41.0742 4904 RTL8167 - ok
10:14:41.0757 4904 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:14:41.0773 4904 SamSs - ok
10:14:41.0804 4904 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:14:41.0804 4904 sbp2port - ok
10:14:41.0851 4904 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:14:41.0866 4904 SCardSvr - ok
10:14:41.0898 4904 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:14:41.0913 4904 scfilter - ok
10:14:41.0960 4904 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:14:41.0976 4904 Schedule - ok
10:14:42.0022 4904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:14:42.0022 4904 SCPolicySvc - ok
10:14:42.0054 4904 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:14:42.0054 4904 SDRSVC - ok
10:14:42.0069 4904 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:14:42.0069 4904 secdrv - ok
10:14:42.0100 4904 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:14:42.0100 4904 seclogon - ok
10:14:42.0116 4904 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:14:42.0116 4904 SENS - ok
10:14:42.0132 4904 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:14:42.0132 4904 SensrSvc - ok
10:14:42.0147 4904 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:14:42.0147 4904 Serenum - ok
10:14:42.0178 4904 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:14:42.0178 4904 Serial - ok
10:14:42.0194 4904 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:14:42.0194 4904 sermouse - ok
10:14:42.0256 4904 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
10:14:42.0272 4904 ServiceLayer - ok
10:14:42.0303 4904 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:14:42.0303 4904 SessionEnv - ok
10:14:42.0319 4904 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:14:42.0319 4904 sffdisk - ok
10:14:42.0319 4904 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:14:42.0319 4904 sffp_mmc - ok
10:14:42.0334 4904 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:14:42.0334 4904 sffp_sd - ok
10:14:42.0350 4904 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:14:42.0350 4904 sfloppy - ok
10:14:42.0397 4904 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:14:42.0412 4904 SharedAccess - ok
10:14:42.0459 4904 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:14:42.0475 4904 ShellHWDetection - ok
10:14:42.0506 4904 [ 720088AAD691FF1D90BE8EC28727F6CA ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
10:14:42.0506 4904 silabenm - ok
10:14:42.0522 4904 [ 245889E622FEC92C989787A9801F6896 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
10:14:42.0522 4904 silabser - ok
10:14:42.0537 4904 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:14:42.0537 4904 SiSRaid2 - ok
10:14:42.0553 4904 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:14:42.0553 4904 SiSRaid4 - ok
10:14:42.0568 4904 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:14:42.0568 4904 Smb - ok
10:14:42.0584 4904 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:14:42.0600 4904 SNMPTRAP - ok
10:14:42.0600 4904 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:14:42.0615 4904 spldr - ok
10:14:42.0646 4904 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:14:42.0662 4904 Spooler - ok
10:14:42.0756 4904 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:14:42.0802 4904 sppsvc - ok
10:14:42.0834 4904 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:14:42.0834 4904 sppuinotify - ok
10:14:42.0880 4904 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
10:14:42.0880 4904 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
10:14:42.0880 4904 sptd ( LockedFile.Multi.Generic ) - warning
10:14:42.0880 4904 sptd - detected LockedFile.Multi.Generic (1)
10:14:42.0927 4904 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:14:42.0943 4904 srv - ok
10:14:42.0958 4904 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:14:42.0958 4904 srv2 - ok
10:14:42.0974 4904 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:14:42.0974 4904 srvnet - ok
10:14:43.0005 4904 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:14:43.0021 4904 SSDPSRV - ok
10:14:43.0036 4904 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:14:43.0036 4904 SstpSvc - ok
10:14:43.0052 4904 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:14:43.0052 4904 stexstor - ok
10:14:43.0099 4904 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:14:43.0114 4904 stisvc - ok
10:14:43.0146 4904 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:14:43.0146 4904 swenum - ok
10:14:43.0270 4904 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:14:43.0286 4904 SwitchBoard - ok
10:14:43.0317 4904 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:14:43.0333 4904 swprv - ok
10:14:43.0411 4904 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:14:43.0426 4904 SysMain - ok
10:14:43.0473 4904 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:14:43.0473 4904 TabletInputService - ok
10:14:43.0504 4904 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:14:43.0504 4904 TapiSrv - ok
10:14:43.0520 4904 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:14:43.0536 4904 TBS - ok
10:14:43.0614 4904 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:14:43.0629 4904 Tcpip - ok
10:14:43.0660 4904 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:14:43.0676 4904 TCPIP6 - ok
10:14:43.0692 4904 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:14:43.0692 4904 tcpipreg - ok
10:14:43.0707 4904 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:14:43.0707 4904 TDPIPE - ok
10:14:43.0738 4904 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:14:43.0738 4904 TDTCP - ok
10:14:43.0785 4904 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:14:43.0785 4904 tdx - ok
10:14:43.0801 4904 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:14:43.0801 4904 TermDD - ok
10:14:43.0832 4904 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:14:43.0848 4904 TermService - ok
10:14:43.0863 4904 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:14:43.0863 4904 Themes - ok
10:14:43.0879 4904 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:14:43.0879 4904 THREADORDER - ok
10:14:43.0894 4904 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:14:43.0894 4904 TrkWks - ok
10:14:43.0941 4904 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:14:43.0941 4904 TrustedInstaller - ok
10:14:43.0972 4904 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:14:43.0988 4904 tssecsrv - ok
10:14:44.0004 4904 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:14:44.0004 4904 TsUsbFlt - ok
10:14:44.0050 4904 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:14:44.0066 4904 tunnel - ok
10:14:44.0082 4904 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:14:44.0097 4904 uagp35 - ok
10:14:44.0128 4904 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:14:44.0128 4904 udfs - ok
10:14:44.0160 4904 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:14:44.0175 4904 UI0Detect - ok
10:14:44.0191 4904 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:14:44.0191 4904 uliagpkx - ok
10:14:44.0222 4904 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:14:44.0222 4904 umbus - ok
10:14:44.0253 4904 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:14:44.0253 4904 UmPass - ok
10:14:44.0284 4904 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:14:44.0284 4904 upnphost - ok
10:14:44.0331 4904 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
10:14:44.0331 4904 upperdev - ok
10:14:44.0362 4904 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
10:14:44.0378 4904 usbccgp - ok
10:14:44.0394 4904 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:14:44.0409 4904 usbcir - ok
10:14:44.0425 4904 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:14:44.0425 4904 usbehci - ok
10:14:44.0440 4904 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:14:44.0440 4904 usbhub - ok
10:14:44.0456 4904 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:14:44.0456 4904 usbohci - ok
10:14:44.0472 4904 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:14:44.0472 4904 usbprint - ok
10:14:44.0503 4904 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
10:14:44.0503 4904 usbser - ok
10:14:44.0534 4904 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
10:14:44.0534 4904 UsbserFilt - ok
10:14:44.0550 4904 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:14:44.0550 4904 USBSTOR - ok
10:14:44.0565 4904 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:14:44.0565 4904 usbuhci - ok
10:14:44.0565 4904 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:14:44.0581 4904 UxSms - ok
10:14:44.0596 4904 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:14:44.0596 4904 VaultSvc - ok
10:14:44.0612 4904 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:14:44.0612 4904 vdrvroot - ok
10:14:44.0643 4904 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:14:44.0659 4904 vds - ok
10:14:44.0674 4904 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:14:44.0674 4904 vga - ok
10:14:44.0690 4904 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:14:44.0690 4904 VgaSave - ok
10:14:44.0706 4904 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:14:44.0706 4904 vhdmp - ok
10:14:44.0737 4904 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:14:44.0737 4904 viaide - ok
10:14:44.0752 4904 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:14:44.0768 4904 volmgr - ok
10:14:44.0799 4904 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:14:44.0799 4904 volmgrx - ok
10:14:44.0815 4904 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:14:44.0815 4904 volsnap - ok
10:14:44.0830 4904 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:14:44.0846 4904 vsmraid - ok
10:14:44.0908 4904 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:14:44.0940 4904 VSS - ok
10:14:44.0955 4904 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:14:44.0955 4904 vwifibus - ok
10:14:44.0971 4904 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:14:44.0986 4904 W32Time - ok
10:14:45.0002 4904 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:14:45.0002 4904 WacomPen - ok
10:14:45.0033 4904 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:14:45.0033 4904 WANARP - ok
10:14:45.0033 4904 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:14:45.0033 4904 Wanarpv6 - ok
10:14:45.0096 4904 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:14:45.0127 4904 WatAdminSvc - ok
10:14:45.0189 4904 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:14:45.0220 4904 wbengine - ok
10:14:45.0252 4904 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:14:45.0252 4904 WbioSrvc - ok
10:14:45.0283 4904 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:14:45.0298 4904 wcncsvc - ok
10:14:45.0314 4904 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:14:45.0314 4904 WcsPlugInService - ok
10:14:45.0345 4904 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:14:45.0345 4904 Wd - ok
10:14:45.0392 4904 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:14:45.0392 4904 Wdf01000 - ok
10:14:45.0423 4904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:14:45.0423 4904 WdiServiceHost - ok
10:14:45.0423 4904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:14:45.0439 4904 WdiSystemHost - ok
10:14:45.0486 4904 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:14:45.0501 4904 WebClient - ok
10:14:45.0532 4904 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:14:45.0532 4904 Wecsvc - ok
10:14:45.0548 4904 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:14:45.0564 4904 wercplsupport - ok
10:14:45.0579 4904 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:14:45.0595 4904 WerSvc - ok
10:14:45.0595 4904 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:14:45.0595 4904 WfpLwf - ok
10:14:45.0626 4904 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:14:45.0626 4904 WIMMount - ok
10:14:45.0626 4904 WinDefend - ok
10:14:45.0642 4904 WinHttpAutoProxySvc - ok
10:14:45.0673 4904 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:14:45.0688 4904 Winmgmt - ok
10:14:45.0735 4904 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:14:45.0766 4904 WinRM - ok
10:14:45.0798 4904 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:14:45.0798 4904 WinUsb - ok
10:14:45.0860 4904 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:14:45.0891 4904 Wlansvc - ok
10:14:45.0922 4904 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:14:45.0922 4904 WmiAcpi - ok
10:14:45.0954 4904 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:14:45.0954 4904 wmiApSrv - ok
10:14:45.0969 4904 WMPNetworkSvc - ok
10:14:45.0969 4904 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:14:45.0985 4904 WPCSvc - ok
10:14:46.0016 4904 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:14:46.0032 4904 WPDBusEnum - ok
10:14:46.0032 4904 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:14:46.0032 4904 ws2ifsl - ok
10:14:46.0047 4904 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:14:46.0063 4904 wscsvc - ok
10:14:46.0063 4904 WSearch - ok
10:14:46.0141 4904 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:14:46.0172 4904 wuauserv - ok
10:14:46.0219 4904 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:14:46.0219 4904 WudfPf - ok
10:14:46.0250 4904 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:14:46.0250 4904 WUDFRd - ok
10:14:46.0281 4904 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:14:46.0281 4904 wudfsvc - ok
10:14:46.0297 4904 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:14:46.0312 4904 WwanSvc - ok
10:14:46.0344 4904 ================ Scan global ===============================
10:14:46.0359 4904 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:14:46.0390 4904 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:14:46.0406 4904 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:14:46.0437 4904 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:14:46.0468 4904 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:14:46.0484 4904 [Global] - ok
10:14:46.0484 4904 ================ Scan MBR ==================================
10:14:46.0500 4904 [ AA79D5FAB81000CC97E001E990D7BF74 ] \Device\Harddisk0\DR0
10:14:46.0687 4904 \Device\Harddisk0\DR0 - ok
10:14:46.0687 4904 ================ Scan VBR ==================================
10:14:46.0702 4904 [ BF587EA44867624A626FC1A5BE5DD11C ] \Device\Harddisk0\DR0\Partition1
10:14:46.0702 4904 \Device\Harddisk0\DR0\Partition1 - ok
10:14:46.0718 4904 [ E43AE6DA540B370E40D4905F1873451A ] \Device\Harddisk0\DR0\Partition2
10:14:46.0718 4904 \Device\Harddisk0\DR0\Partition2 - ok
10:14:46.0718 4904 [ 6880D95DD715D2653C0AAC9F126D0559 ] \Device\Harddisk0\DR0\Partition3
10:14:46.0734 4904 \Device\Harddisk0\DR0\Partition3 - ok
10:14:46.0749 4904 [ D14F91CF7EB02676042A4A2B98E194DD ] \Device\Harddisk0\DR0\Partition4
10:14:46.0749 4904 \Device\Harddisk0\DR0\Partition4 - ok
10:14:46.0749 4904 ============================================================
10:14:46.0749 4904 Scan finished
10:14:46.0749 4904 ============================================================
10:14:46.0765 4896 Detected object count: 1
10:14:46.0765 4896 Actual detected object count: 1
10:14:56.0874 4896 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:14:56.0874 4896 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:15:32.0583 4852 Deinitialize success

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 17 led 2013 10:48

ComboFix 13-01-17.01 - Stene 17.01.2013 10:22:01.11.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2653 [GMT 1:00]
Spuštěný z: c:\users\Stene\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB2758694-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-17 do 2013-01-17 )))))))))))))))))))))))))))))))
.
.
2013-01-17 09:33 . 2013-01-17 09:33 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{51933466-767F-4782-850A-993668E09CCD}\offreg.dll
2013-01-17 09:32 . 2013-01-17 09:32 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-17 09:32 . 2013-01-17 09:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-16 21:50 . 2013-01-16 21:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-16 21:50 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 21:50 . 2013-01-16 21:50 -------- d-----w- c:\users\Stene\AppData\Local\Programs
2013-01-16 12:08 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe
2013-01-16 08:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{51933466-767F-4782-850A-993668E09CCD}\mpengine.dll
2013-01-14 21:29 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
2013-01-09 13:38 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 13:38 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-08 16:43 . 2012-03-27 09:50 6426672 ----a-w- c:\program files\Alwil So
2013-01-07 18:44 . 2013-01-07 19:41 -------- d-----w- c:\users\Stene\AppData\Roaming\Hamachi
2013-01-07 18:44 . 2013-01-07 18:44 -------- d-----w- c:\program files (x86)\Hamachi
2013-01-07 18:44 . 2013-01-07 18:44 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2013-01-07 18:42 . 2013-01-17 09:33 -------- d-----w- c:\users\Stene\AppData\Local\LogMeIn Hamachi
2013-01-07 18:42 . 2013-01-07 18:42 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-12-24 17:59 . 2012-12-24 17:59 -------- d-----w- c:\programdata\YTD Video Downloader
2012-12-24 17:59 . 2012-12-24 17:59 -------- d-----w- c:\program files (x86)\GreenTree Applications
2012-12-21 13:02 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 13:02 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 13:02 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 13:02 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 16:04 . 2007-06-29 16:33 537064 ----a-w- c:\windows\system32\drivers\ndasfat.sys
2012-12-20 16:04 . 2007-06-29 16:33 339944 ----a-w- c:\windows\system32\drivers\lfsfilt.sys
2012-12-20 16:04 . 2012-12-20 16:04 -------- d-----w- c:\program files\NDAS
2012-12-18 18:38 . 2012-12-18 18:38 -------- d-----w- c:\program files (x86)\DLLSuite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-15 10:56 . 2011-10-15 18:05 5294 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2013-01-10 15:03 . 2012-06-06 19:49 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-10 15:03 . 2011-06-27 06:21 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 14:30 . 2011-02-11 18:35 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-09 13:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-14 13:30 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-14 13:30 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-14 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-14 13:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 05:59 . 2012-12-14 13:29 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-14 13:29 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-27 06:26 . 2012-12-14 13:30 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 05:51 . 2012-12-14 13:30 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 05:51 . 2012-12-14 13:30 1494528 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 05:51 . 2012-12-14 13:30 134144 ----a-w- c:\windows\system32\url.dll
2012-10-27 05:49 . 2012-12-14 13:30 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 05:49 . 2012-12-14 13:30 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 05:49 . 2012-12-14 13:30 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 05:49 . 2012-12-14 13:30 247808 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 05:49 . 2012-12-14 13:30 2453504 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 05:49 . 2012-12-14 13:30 12295680 ----a-w- c:\windows\system32\ieframe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
c:\users\Stene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Thunderbird.lnk - c:\program files (x86)\Mozilla Thunderbird\thunderbird.exe [2012-12-7 388576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NDAS Device Management.lnk - c:\program files\NDAS\System\ndasmgmt.exe [2007-6-29 380904]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2008-04-17 23040]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2008-04-17 70144]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-03 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-09 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-09 254528]
S1 ndasfat;NDAS FAT;c:\windows\system32\DRIVERS\ndasfat.sys [2007-06-29 537064]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-06 69976]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 09237936
*Deregistered* - 09237936
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 15:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = %SystemRoot%\system32\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\SecuROM\License information*]
"datasecu"=hex:d1,bc,b2,67,51,bc,ef,59,ae,54,ec,ee,9e,8f,0f,b5,a1,80,09,f1,3c,
49,55,a7,33,80,bd,ef,99,4f,f4,4d,b8,e3,28,d4,98,38,89,74,5b,c4,38,d2,d1,2f,\
"rkeysecu"=hex:f6,e7,a9,14,71,6e,66,24,a8,d6,4d,52,b9,0d,a6,91
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Celkový čas: 2013-01-17 10:45:23
ComboFix-quarantined-files.txt 2013-01-17 09:45
.
Před spuštěním: Volných bajtů: 213 973 975 040
Po spuštění: Volných bajtů: 219 041 554 432
.
- - End Of File - - 6FB78373A8D6C6362EA5597770B1A05F

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: HijackThis - Certified Toolbar search

Příspěvekod Žbeky » 17 led 2013 16:56

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\PerfStringBackup.TMP

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu


Toto otestuj na Virustotal
c:\windows\Launcher.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 18 led 2013 13:09

Po ComboFixu jsem musel restartovat PC :thumbup:

ComboFix 13-01-17.01 - Stene 18.01.2013 12:38:19.12.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2597 [GMT 1:00]
Spuštěný z: c:\users\Stene\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Stene\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\PerfStringBackup.TMP"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\PerfStringBackup.TMP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-18 do 2013-01-18 )))))))))))))))))))))))))))))))
.
.
2013-01-18 11:49 . 2013-01-18 11:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-18 11:49 . 2013-01-18 11:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-18 09:10 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{197BE879-EE00-4732-9237-7CF659CBE8E9}\mpengine.dll
2013-01-17 10:50 . 2013-01-17 21:29 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-01-16 21:50 . 2013-01-16 21:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-16 21:50 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 21:50 . 2013-01-16 21:50 -------- d-----w- c:\users\Stene\AppData\Local\Programs
2013-01-16 12:08 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe
2013-01-14 21:29 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
2013-01-09 13:38 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 13:38 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-08 16:43 . 2012-03-27 09:50 6426672 ----a-w- c:\program files\Alwil So
2013-01-07 18:44 . 2013-01-07 19:41 -------- d-----w- c:\users\Stene\AppData\Roaming\Hamachi
2013-01-07 18:44 . 2013-01-07 18:44 -------- d-----w- c:\program files (x86)\Hamachi
2013-01-07 18:44 . 2013-01-07 18:44 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2013-01-07 18:42 . 2013-01-18 11:52 -------- d-----w- c:\users\Stene\AppData\Local\LogMeIn Hamachi
2013-01-07 18:42 . 2013-01-07 18:42 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-12-24 17:59 . 2012-12-24 17:59 -------- d-----w- c:\programdata\YTD Video Downloader
2012-12-24 17:59 . 2012-12-24 17:59 -------- d-----w- c:\program files (x86)\GreenTree Applications
2012-12-21 13:02 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 13:02 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 13:02 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 13:02 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 16:04 . 2007-06-29 16:33 537064 ----a-w- c:\windows\system32\drivers\ndasfat.sys
2012-12-20 16:04 . 2007-06-29 16:33 339944 ----a-w- c:\windows\system32\drivers\lfsfilt.sys
2012-12-20 16:04 . 2012-12-20 16:04 -------- d-----w- c:\program files\NDAS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 15:03 . 2012-06-06 19:49 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-10 15:03 . 2011-06-27 06:21 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 14:30 . 2011-02-11 18:35 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-09 13:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-14 13:30 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-14 13:30 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-14 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-14 13:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 05:59 . 2012-12-14 13:29 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-14 13:29 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-27 06:26 . 2012-12-14 13:30 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 05:51 . 2012-12-14 13:30 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 05:51 . 2012-12-14 13:30 1494528 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 05:51 . 2012-12-14 13:30 134144 ----a-w- c:\windows\system32\url.dll
2012-10-27 05:49 . 2012-12-14 13:30 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 05:49 . 2012-12-14 13:30 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 05:49 . 2012-12-14 13:30 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 05:49 . 2012-12-14 13:30 247808 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 05:49 . 2012-12-14 13:30 2453504 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 05:49 . 2012-12-14 13:30 12295680 ----a-w- c:\windows\system32\ieframe.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
c:\users\Stene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Thunderbird.lnk - c:\program files (x86)\Mozilla Thunderbird\thunderbird.exe [2013-1-17 389168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NDAS Device Management.lnk - c:\program files\NDAS\System\ndasmgmt.exe [2007-6-29 380904]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2008-04-17 23040]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2008-04-17 70144]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-03 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-09 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-09 254528]
S1 ndasfat;NDAS FAT;c:\windows\system32\DRIVERS\ndasfat.sys [2007-06-29 537064]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-06 69976]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-06 15:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = %SystemRoot%\system32\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 10.0.0.138
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Stene\AppData\Roaming\Mozilla\Firefox\Profiles\e6s5ay5g.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1679234959-3771141595-1235745478-1001\Software\SecuROM\License information*]
"datasecu"=hex:d1,bc,b2,67,51,bc,ef,59,ae,54,ec,ee,9e,8f,0f,b5,a1,80,09,f1,3c,
49,55,a7,33,80,bd,ef,99,4f,f4,4d,b8,e3,28,d4,98,38,89,74,5b,c4,38,d2,d1,2f,\
"rkeysecu"=hex:f6,e7,a9,14,71,6e,66,24,a8,d6,4d,52,b9,0d,a6,91
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Celkový čas: 2013-01-18 13:05:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-18 12:05
ComboFix2.txt 2013-01-17 09:45
.
Před spuštěním: Volných bajtů: 216 916 348 928
Po spuštění: Volných bajtů: 216 533 069 824
.
- - End Of File - - 55E4BF69213D663D20EF2CCC8C1444D1



A tady je odkaz na VirusTotal -> https://www.virustotal.com/file/eab5b24 ... 358511043/

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: HijackThis - Certified Toolbar search

Příspěvekod memphisto » 18 led 2013 22:14

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: HijackThis - Certified Toolbar search

Příspěvekod Stene » 21 led 2013 15:29

Pc je v poho, ale po zapnutí prohlížeče je tam pořád ta blbá stránka (domovská stránka je seznam.cz)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29:14, on 21.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Users\Stene\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: NDAS Device Management.lnk = C:\Program Files\NDAS\System\ndasmgmt.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NDAS Service (ndassvc) - XIMETA, Inc. - C:\Program Files\NDAS\System\ndassvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9658 bytes


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 102 hostů