(taky) problém Certified Toolbar Search + Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

(taky) problém Certified Toolbar Search +

Příspěvekod Vrbik » 24 led 2013 23:07

Prosím o pomoc. Nějak se nám tady uhnízdila tahle obludnost (http://search.certified-toolbar.com/). Je to ve Firefoxu po spuštění a nemůžu se toho zbavit. Pln optimismu jsem našel nějaké pokyny, nainstaloval Malwarebytes Anti-Malware, smazal označené, výsledek 0. Udělal jsem pár dalších drobností - bez výsledku. Teď, když tady vidím postup řešení obdobného problému uživatele kubicek326, je mi jasný, že s mým primitivním přístupem (prosím o toleranci) to bez pomoci nezvládnu (tak snad jsem tady správně).

Použil jsem Highjackthis a ten píše:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:45, on 24.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\wincmd\WINCMD32.EXE
C:\Documents and Settings\All Users\Plocha\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Jan\Data aplikací\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: DownTango Launcher - {a4689b79-6a50-4cb1-b9e1-e5970c88bf96} - C:\Documents and Settings\Jan\Data aplikací\FTDownTango1bToolbar\FTDownTango1bToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DownTango Launcher - {a4689b79-6a50-4cb1-b9e1-e5970c88bf96} - C:\Documents and Settings\Jan\Data aplikací\FTDownTango1bToolbar\FTDownTango1bToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EverioService] "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2d930acb-2420-49dc-a746-4206b6a229dd} - C:\Documents and Settings\Jan\Data aplikací\FTDownTango1bToolbar\FTDownTango1bToolbar.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11996 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod memphisto » 24 led 2013 23:39

Odinstaluj:
Google Toolbar
Ask Toolbar
Winamp Toolbar
DownTango Launcher
McAfee Security Scan

v logu fixni:
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

udělej rychlý sken v Mbam a dej log

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod Vrbik » 25 led 2013 09:04

Zdravím.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.24.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jan :: PC [administrátor]

Ochrana: Povolena

25.1.2013 8:26:47
mbam-log-2013-01-25 (08-26-47).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 228539
Uplynulý čas: 10 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

AdwCleaner
# AdwCleaner v2.108 - Logfile created 01/25/2013 at 08:44:47
# Updated 24/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jan - PC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\All Users\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\WINDOWS\Tasks\Protected Search.job
Folder Found : C:\DOCUME~1\Jan\LOCALS~1\Temp\AskSearch
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
Folder Found : C:\Documents and Settings\Jan\Data aplikací\Complitly
Folder Found : C:\Program Files\Complitly
Folder Found : C:\Program Files\Protected Search
Folder Found : C:\Program Files\Winamp Toolbar

***** [Registry] *****

Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\Software\Winamp Toolbar
Key Found : HKU\S-1-5-21-839522115-746137067-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKU\S-1-5-21-839522115-746137067-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201

*************************

AdwCleaner[R1].txt - [13784 octets] - [24/01/2013 22:13:27]
AdwCleaner[R2].txt - [7977 octets] - [25/01/2013 08:44:47]

########## EOF - C:\AdwCleaner[R2].txt - [8037 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod memphisto » 25 led 2013 09:21

V AdwCleaner nech vše smazat a dodej log.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod Vrbik » 25 led 2013 12:01

Vše provedeno:

# AdwCleaner v2.108 - Logfile created 01/25/2013 at 10:57:22
# Updated 24/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jan - PC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\All Users\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINDOWS\Tasks\Protected Search.job
Folder Deleted : C:\DOCUME~1\Jan\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
Folder Deleted : C:\Documents and Settings\Jan\Data aplikací\Complitly
Folder Deleted : C:\Program Files\Complitly
Folder Deleted : C:\Program Files\Protected Search
Folder Deleted : C:\Program Files\Winamp Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\Winamp Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q= --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si= ... 1&st=bs&q= --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si= ... e&tid=3201 --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [13784 octets] - [24/01/2013 22:13:27]
AdwCleaner[R2].txt - [8106 octets] - [25/01/2013 08:44:47]
AdwCleaner[R3].txt - [8166 octets] - [25/01/2013 10:56:29]
AdwCleaner[S2].txt - [8309 octets] - [25/01/2013 10:57:22]

########## EOF - C:\AdwCleaner[S2].txt - [8369 octets] ##########


11:06:29.0546 3068 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:06:29.0703 3068 ============================================================
11:06:29.0703 3068 Current date / time: 2013/01/25 11:06:29.0703
11:06:29.0703 3068 SystemInfo:
11:06:29.0703 3068
11:06:29.0703 3068 OS Version: 5.1.2600 ServicePack: 3.0
11:06:29.0703 3068 Product type: Workstation
11:06:29.0703 3068 ComputerName: PC
11:06:29.0703 3068 UserName: Jan
11:06:29.0703 3068 Windows directory: C:\WINDOWS
11:06:29.0703 3068 System windows directory: C:\WINDOWS
11:06:29.0703 3068 Processor architecture: Intel x86
11:06:29.0703 3068 Number of processors: 1
11:06:29.0703 3068 Page size: 0x1000
11:06:29.0703 3068 Boot type: Normal boot
11:06:29.0703 3068 ============================================================
11:06:30.0468 3068 Drive \Device\Harddisk0\DR0 - Size: 0x25432CDE00 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:06:30.0468 3068 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
11:06:30.0468 3068 Drive \Device\Harddisk2\DR4 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:06:30.0859 3068 ============================================================
11:06:30.0859 3068 \Device\Harddisk0\DR0:
11:06:30.0859 3068 MBR partitions:
11:06:30.0859 3068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
11:06:30.0859 3068 \Device\Harddisk1\DR1:
11:06:30.0859 3068 MBR partitions:
11:06:30.0859 3068 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385421
11:06:30.0859 3068 \Device\Harddisk2\DR4:
11:06:30.0859 3068 MBR partitions:
11:06:30.0859 3068 \Device\Harddisk2\DR4\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x575452C1
11:06:30.0859 3068 ============================================================
11:06:30.0875 3068 C: <-> \Device\Harddisk0\DR0\Partition1
11:06:31.0390 3068 E: <-> \Device\Harddisk1\DR1\Partition1
11:06:31.0390 3068 F: <-> \Device\Harddisk2\DR4\Partition1
11:06:31.0390 3068 ============================================================
11:06:31.0390 3068 Initialize success
11:06:31.0390 3068 ============================================================
11:07:02.0703 3732 ============================================================
11:07:02.0703 3732 Scan started
11:07:02.0703 3732 Mode: Manual;
11:07:02.0703 3732 ============================================================
11:07:02.0859 3732 ================ Scan system memory ========================
11:07:02.0859 3732 System memory - ok
11:07:02.0875 3732 ================ Scan services =============================
11:07:02.0984 3732 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
11:07:02.0984 3732 Aavmker4 - ok
11:07:02.0984 3732 Abiosdsk - ok
11:07:03.0000 3732 abp480n5 - ok
11:07:03.0062 3732 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:07:03.0062 3732 ACPI - ok
11:07:03.0093 3732 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:07:03.0109 3732 ACPIEC - ok
11:07:03.0171 3732 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:07:03.0171 3732 AdobeFlashPlayerUpdateSvc - ok
11:07:03.0187 3732 adpu160m - ok
11:07:03.0218 3732 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:07:03.0234 3732 aec - ok
11:07:03.0265 3732 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:07:03.0281 3732 AFD - ok
11:07:03.0281 3732 Aha154x - ok
11:07:03.0296 3732 aic78u2 - ok
11:07:03.0312 3732 aic78xx - ok
11:07:03.0343 3732 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:07:03.0343 3732 Alerter - ok
11:07:03.0359 3732 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
11:07:03.0375 3732 ALG - ok
11:07:03.0375 3732 AliIde - ok
11:07:03.0406 3732 [ F6F5E047369784E607F3A636AC576148 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
11:07:03.0406 3732 AmdK8 - ok
11:07:03.0406 3732 amsint - ok
11:07:03.0453 3732 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:07:03.0468 3732 AppMgmt - ok
11:07:03.0500 3732 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:07:03.0500 3732 Arp1394 - ok
11:07:03.0500 3732 asc - ok
11:07:03.0515 3732 asc3350p - ok
11:07:03.0515 3732 asc3550 - ok
11:07:03.0609 3732 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:07:03.0640 3732 aspnet_state - ok
11:07:03.0671 3732 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:07:03.0671 3732 aswFsBlk - ok
11:07:03.0703 3732 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
11:07:03.0703 3732 aswMon2 - ok
11:07:03.0750 3732 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:07:03.0750 3732 aswRdr - ok
11:07:03.0796 3732 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:07:03.0812 3732 aswSnx - ok
11:07:03.0843 3732 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:07:03.0843 3732 aswSP - ok
11:07:03.0859 3732 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:07:03.0875 3732 aswTdi - ok
11:07:03.0906 3732 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:07:03.0906 3732 AsyncMac - ok
11:07:03.0921 3732 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:07:03.0921 3732 atapi - ok
11:07:03.0953 3732 Atdisk - ok
11:07:03.0984 3732 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:07:04.0000 3732 Atmarpc - ok
11:07:04.0031 3732 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:07:04.0031 3732 AudioSrv - ok
11:07:04.0078 3732 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:07:04.0078 3732 audstub - ok
11:07:04.0171 3732 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:07:04.0171 3732 avast! Antivirus - ok
11:07:04.0187 3732 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:07:04.0187 3732 Beep - ok
11:07:04.0218 3732 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
11:07:04.0250 3732 BITS - ok
11:07:04.0281 3732 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
11:07:04.0281 3732 Browser - ok
11:07:04.0328 3732 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:07:04.0328 3732 cbidf2k - ok
11:07:04.0390 3732 [ 8EF654045E518AC00E52E7A1E2D3AD70 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
11:07:04.0390 3732 CCALib8 - ok
11:07:04.0437 3732 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:07:04.0437 3732 CCDECODE - ok
11:07:04.0437 3732 cd20xrnt - ok
11:07:04.0468 3732 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:07:04.0468 3732 Cdaudio - ok
11:07:04.0484 3732 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:07:04.0484 3732 Cdfs - ok
11:07:04.0531 3732 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:07:04.0531 3732 Cdrom - ok
11:07:04.0531 3732 Changer - ok
11:07:04.0578 3732 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:07:04.0578 3732 CiSvc - ok
11:07:04.0625 3732 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:07:04.0625 3732 ClipSrv - ok
11:07:04.0656 3732 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:07:04.0703 3732 clr_optimization_v2.0.50727_32 - ok
11:07:04.0781 3732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:07:04.0796 3732 clr_optimization_v4.0.30319_32 - ok
11:07:04.0796 3732 CmdIde - ok
11:07:04.0812 3732 COMSysApp - ok
11:07:04.0843 3732 Cpqarray - ok
11:07:04.0875 3732 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:07:04.0890 3732 CryptSvc - ok
11:07:04.0890 3732 dac2w2k - ok
11:07:04.0906 3732 dac960nt - ok
11:07:04.0937 3732 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:07:04.0937 3732 DcomLaunch - ok
11:07:04.0968 3732 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:07:04.0984 3732 Dhcp - ok
11:07:05.0000 3732 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:07:05.0000 3732 Disk - ok
11:07:05.0015 3732 dmadmin - ok
11:07:05.0093 3732 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:07:05.0125 3732 dmboot - ok
11:07:05.0140 3732 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:07:05.0140 3732 dmio - ok
11:07:05.0171 3732 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:07:05.0171 3732 dmload - ok
11:07:05.0218 3732 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:07:05.0218 3732 dmserver - ok
11:07:05.0234 3732 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:07:05.0234 3732 DMusic - ok
11:07:05.0281 3732 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:07:05.0281 3732 Dnscache - ok
11:07:05.0328 3732 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:07:05.0328 3732 Dot3svc - ok
11:07:05.0343 3732 dpti2o - ok
11:07:05.0359 3732 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:07:05.0359 3732 drmkaud - ok
11:07:05.0390 3732 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:07:05.0390 3732 EapHost - ok
11:07:05.0421 3732 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:07:05.0421 3732 ERSvc - ok
11:07:05.0453 3732 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
11:07:05.0468 3732 Eventlog - ok
11:07:05.0500 3732 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
11:07:05.0500 3732 EventSystem - ok
11:07:05.0531 3732 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:07:05.0531 3732 Fastfat - ok
11:07:05.0593 3732 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:07:05.0609 3732 FastUserSwitchingCompatibility - ok
11:07:05.0625 3732 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:07:05.0625 3732 Fdc - ok
11:07:05.0656 3732 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:07:05.0656 3732 Fips - ok
11:07:05.0671 3732 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:07:05.0687 3732 Flpydisk - ok
11:07:05.0734 3732 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:07:05.0734 3732 FltMgr - ok
11:07:05.0812 3732 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:07:05.0828 3732 FontCache3.0.0.0 - ok
11:07:05.0875 3732 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:07:05.0875 3732 Fs_Rec - ok
11:07:05.0921 3732 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:07:05.0921 3732 Ftdisk - ok
11:07:05.0968 3732 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
11:07:05.0984 3732 GoogleDesktopManager-051210-111108 - ok
11:07:06.0015 3732 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:07:06.0015 3732 Gpc - ok
11:07:06.0062 3732 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:07:06.0062 3732 gupdate - ok
11:07:06.0093 3732 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:07:06.0093 3732 gupdatem - ok
11:07:06.0125 3732 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:07:06.0140 3732 gusvc - ok
11:07:06.0156 3732 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:07:06.0156 3732 HDAudBus - ok
11:07:06.0234 3732 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:07:06.0234 3732 helpsvc - ok
11:07:06.0281 3732 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:07:06.0281 3732 HidServ - ok
11:07:06.0296 3732 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:07:06.0296 3732 hidusb - ok
11:07:06.0343 3732 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:07:06.0343 3732 hkmsvc - ok
11:07:06.0375 3732 [ 58176988FBA04153D35D7EB92825A14F ] HP Port Resolver C:\WINDOWS\system32\hpbpro.exe
11:07:06.0390 3732 HP Port Resolver - ok
11:07:06.0406 3732 [ B00044476F6D091922DA76A086ECC15B ] HP Status Server C:\WINDOWS\system32\hpboid.exe
11:07:06.0406 3732 HP Status Server - ok
11:07:06.0421 3732 hpn - ok
11:07:06.0453 3732 [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:07:06.0468 3732 HPZid412 - ok
11:07:06.0500 3732 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:07:06.0500 3732 HPZipr12 - ok
11:07:06.0531 3732 [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:07:06.0531 3732 HPZius12 - ok
11:07:06.0562 3732 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:07:06.0562 3732 HTTP - ok
11:07:06.0593 3732 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:07:06.0609 3732 HTTPFilter - ok
11:07:06.0609 3732 i2omgmt - ok
11:07:06.0625 3732 i2omp - ok
11:07:06.0656 3732 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:07:06.0656 3732 i8042prt - ok
11:07:06.0750 3732 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:07:06.0781 3732 idsvc - ok
11:07:06.0796 3732 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:07:06.0796 3732 Imapi - ok
11:07:06.0843 3732 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
11:07:06.0859 3732 ImapiService - ok
11:07:06.0875 3732 ini910u - ok
11:07:07.0015 3732 [ 284BCB80391783D328A8D8163E97FD58 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:07:07.0062 3732 IntcAzAudAddService - ok
11:07:07.0078 3732 IntelIde - ok
11:07:07.0109 3732 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:07:07.0109 3732 ip6fw - ok
11:07:07.0140 3732 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:07:07.0140 3732 IpFilterDriver - ok
11:07:07.0171 3732 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:07:07.0171 3732 IpInIp - ok
11:07:07.0203 3732 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:07:07.0203 3732 IpNat - ok
11:07:07.0234 3732 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:07:07.0250 3732 IPSec - ok
11:07:07.0265 3732 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:07:07.0265 3732 IRENUM - ok
11:07:07.0312 3732 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:07:07.0312 3732 isapnp - ok
11:07:07.0390 3732 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:07:07.0390 3732 JavaQuickStarterService - ok
11:07:07.0406 3732 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:07:07.0406 3732 Kbdclass - ok
11:07:07.0453 3732 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:07:07.0453 3732 kbdhid - ok
11:07:07.0468 3732 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:07:07.0468 3732 kmixer - ok
11:07:07.0484 3732 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:07:07.0500 3732 KSecDD - ok
11:07:07.0546 3732 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:07:07.0640 3732 lanmanserver - ok
11:07:07.0671 3732 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:07:07.0718 3732 lanmanworkstation - ok
11:07:07.0734 3732 lbrtfdc - ok
11:07:07.0843 3732 [ 5712DCBE52D68865CCA91AE04807B755 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:07:07.0843 3732 LightScribeService - ok
11:07:07.0890 3732 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:07:07.0890 3732 LmHosts - ok
11:07:07.0937 3732 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:07:07.0937 3732 MBAMProtector - ok
11:07:08.0015 3732 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:07:08.0015 3732 MBAMScheduler - ok
11:07:08.0078 3732 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:07:08.0093 3732 MBAMService - ok
11:07:08.0156 3732 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:07:08.0171 3732 MDM - ok
11:07:08.0218 3732 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:07:08.0234 3732 Messenger - ok
11:07:08.0265 3732 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:07:08.0265 3732 mnmdd - ok
11:07:08.0312 3732 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
11:07:08.0328 3732 mnmsrvc - ok
11:07:08.0375 3732 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:07:08.0375 3732 Modem - ok
11:07:08.0421 3732 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:07:08.0421 3732 Mouclass - ok
11:07:08.0437 3732 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:07:08.0437 3732 mouhid - ok
11:07:08.0468 3732 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:07:08.0468 3732 MountMgr - ok
11:07:08.0515 3732 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:07:08.0531 3732 MozillaMaintenance - ok
11:07:08.0546 3732 mraid35x - ok
11:07:08.0546 3732 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:07:08.0562 3732 MRxDAV - ok
11:07:08.0609 3732 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:07:08.0625 3732 MRxSmb - ok
11:07:08.0656 3732 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:07:08.0671 3732 MSDTC - ok
11:07:08.0718 3732 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:07:08.0718 3732 Msfs - ok
11:07:08.0734 3732 MSIServer - ok
11:07:08.0750 3732 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:07:08.0750 3732 MSKSSRV - ok
11:07:08.0781 3732 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:07:08.0781 3732 MSPCLOCK - ok
11:07:08.0796 3732 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:07:08.0812 3732 MSPQM - ok
11:07:08.0843 3732 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:07:08.0843 3732 mssmbios - ok
11:07:08.0875 3732 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:07:08.0875 3732 MSTEE - ok
11:07:08.0906 3732 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:07:08.0906 3732 Mup - ok
11:07:08.0937 3732 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:07:08.0937 3732 NABTSFEC - ok
11:07:08.0984 3732 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:07:09.0000 3732 napagent - ok
11:07:09.0109 3732 [ 290C60D8EB13A15FA753413A3BBEA70A ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
11:07:09.0140 3732 NBService - ok
11:07:09.0171 3732 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:07:09.0171 3732 NDIS - ok
11:07:09.0187 3732 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:07:09.0187 3732 NdisIP - ok
11:07:09.0234 3732 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:07:09.0234 3732 NdisTapi - ok
11:07:09.0250 3732 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:07:09.0250 3732 Ndisuio - ok
11:07:09.0265 3732 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:07:09.0265 3732 NdisWan - ok
11:07:09.0312 3732 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:07:09.0312 3732 NDProxy - ok
11:07:09.0328 3732 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:07:09.0328 3732 NetBIOS - ok
11:07:09.0343 3732 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:07:09.0359 3732 NetBT - ok
11:07:09.0390 3732 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:07:09.0406 3732 NetDDE - ok
11:07:09.0406 3732 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:07:09.0421 3732 NetDDEdsdm - ok
11:07:09.0453 3732 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
11:07:09.0468 3732 Netlogon - ok
11:07:09.0515 3732 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
11:07:09.0515 3732 Netman - ok
11:07:09.0562 3732 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:07:09.0562 3732 NetTcpPortSharing - ok
11:07:09.0593 3732 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:07:09.0593 3732 NIC1394 - ok
11:07:09.0625 3732 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
11:07:09.0625 3732 Nla - ok
11:07:09.0687 3732 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
11:07:09.0687 3732 NMIndexingService - ok
11:07:09.0734 3732 [ 33A4B24A4C4DCF3C168E2C1151A62FC5 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
11:07:09.0734 3732 nmwcd - ok
11:07:09.0750 3732 [ A77265EF7BF998B8BB22A1A23E72B45D ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
11:07:09.0750 3732 nmwcdc - ok
11:07:09.0781 3732 [ 62A8B306AACFC53D6FB08D8D36EAF61F ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
11:07:09.0796 3732 nmwcdnsu - ok
11:07:09.0812 3732 [ C0AD13045C82CC9569595223C7568B7F ] nmwcdnsuc C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
11:07:09.0812 3732 nmwcdnsuc - ok
11:07:09.0843 3732 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:07:09.0843 3732 Npfs - ok
11:07:09.0875 3732 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:07:09.0890 3732 Ntfs - ok
11:07:09.0906 3732 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
11:07:09.0921 3732 NtLmSsp - ok
11:07:09.0968 3732 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:07:10.0000 3732 NtmsSvc - ok
11:07:10.0015 3732 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:07:10.0015 3732 Null - ok
11:07:10.0140 3732 [ BA1B732C1A70CFEA0C1B64F2850BF44F ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:07:10.0234 3732 nv - ok
11:07:10.0250 3732 [ 9ECCD189A9554C30A0D18A429778C7BA ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
11:07:10.0250 3732 nvata - ok
11:07:10.0296 3732 [ 4D6F0D3FB17C1BA64942F415C73ADCDB ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
11:07:10.0296 3732 NVENETFD - ok
11:07:10.0312 3732 [ 921E63AA1E1A20302223D016ACAFB52B ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
11:07:10.0312 3732 nvnetbus - ok
11:07:10.0328 3732 [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
11:07:10.0343 3732 NVSvc - ok
11:07:10.0390 3732 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:07:10.0406 3732 NwlnkFlt - ok
11:07:10.0421 3732 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:07:10.0421 3732 NwlnkFwd - ok
11:07:10.0437 3732 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:07:10.0453 3732 ohci1394 - ok
11:07:10.0484 3732 [ 21DC5B289DCE2D32A32BAAB7BCF29A6A ] oreans32 C:\WINDOWS\system32\drivers\oreans32.sys
11:07:10.0484 3732 oreans32 - ok
11:07:10.0531 3732 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:07:10.0531 3732 ose - ok
11:07:10.0562 3732 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:07:10.0578 3732 Parport - ok
11:07:10.0593 3732 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:07:10.0593 3732 PartMgr - ok
11:07:10.0625 3732 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:07:10.0640 3732 ParVdm - ok
11:07:10.0671 3732 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
11:07:10.0671 3732 pccsmcfd - ok
11:07:10.0703 3732 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:07:10.0703 3732 PCI - ok
11:07:10.0718 3732 PCIDump - ok
11:07:10.0750 3732 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:07:10.0765 3732 PCIIde - ok
11:07:10.0796 3732 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:07:10.0812 3732 Pcmcia - ok
11:07:10.0812 3732 PDCOMP - ok
11:07:10.0843 3732 PDFRAME - ok
11:07:10.0843 3732 PDRELI - ok
11:07:10.0859 3732 PDRFRAME - ok
11:07:10.0875 3732 perc2 - ok
11:07:10.0890 3732 perc2hib - ok
11:07:10.0921 3732 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
11:07:10.0937 3732 PlugPlay - ok
11:07:10.0984 3732 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
11:07:10.0984 3732 Pml Driver HPZ12 - ok
11:07:11.0000 3732 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
11:07:11.0000 3732 PolicyAgent - ok
11:07:11.0046 3732 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:07:11.0062 3732 PptpMiniport - ok
11:07:11.0109 3732 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:07:11.0109 3732 Processor - ok
11:07:11.0125 3732 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:07:11.0125 3732 ProtectedStorage - ok
11:07:11.0140 3732 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:07:11.0140 3732 PSched - ok
11:07:11.0171 3732 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:07:11.0187 3732 Ptilink - ok
11:07:11.0218 3732 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:07:11.0218 3732 PxHelp20 - ok
11:07:11.0234 3732 ql1080 - ok
11:07:11.0234 3732 Ql10wnt - ok
11:07:11.0250 3732 ql12160 - ok
11:07:11.0265 3732 ql1240 - ok
11:07:11.0265 3732 ql1280 - ok
11:07:11.0281 3732 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:07:11.0281 3732 RasAcd - ok
11:07:11.0328 3732 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:07:11.0343 3732 RasAuto - ok
11:07:11.0359 3732 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:07:11.0359 3732 Rasl2tp - ok
11:07:11.0406 3732 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:07:11.0421 3732 RasMan - ok
11:07:11.0437 3732 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:07:11.0437 3732 RasPppoe - ok
11:07:11.0453 3732 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:07:11.0453 3732 Raspti - ok
11:07:11.0468 3732 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:07:11.0468 3732 Rdbss - ok
11:07:11.0484 3732 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:07:11.0484 3732 RDPCDD - ok
11:07:11.0515 3732 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:07:11.0515 3732 rdpdr - ok
11:07:11.0578 3732 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:07:11.0578 3732 RDPWD - ok
11:07:11.0656 3732 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:07:11.0656 3732 RDSessMgr - ok
11:07:11.0671 3732 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:07:11.0671 3732 redbook - ok
11:07:11.0734 3732 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:07:11.0750 3732 RemoteAccess - ok
11:07:11.0781 3732 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:07:11.0796 3732 RemoteRegistry - ok
11:07:11.0859 3732 [ 4D05898896EC49CF663DDA61041AB096 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:07:11.0859 3732 RichVideo - ok
11:07:11.0921 3732 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
11:07:11.0921 3732 RpcLocator - ok
11:07:11.0953 3732 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:07:11.0968 3732 RpcSs - ok
11:07:12.0015 3732 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
11:07:12.0031 3732 RSVP - ok
11:07:12.0062 3732 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
11:07:12.0062 3732 SamSs - ok
11:07:12.0109 3732 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:07:12.0125 3732 SCardSvr - ok
11:07:12.0156 3732 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:07:12.0171 3732 Schedule - ok
11:07:12.0203 3732 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:07:12.0218 3732 Secdrv - ok
11:07:12.0250 3732 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:07:12.0250 3732 seclogon - ok
11:07:12.0281 3732 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
11:07:12.0281 3732 SENS - ok
11:07:12.0312 3732 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:07:12.0312 3732 Serial - ok
11:07:12.0390 3732 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
11:07:12.0390 3732 ServiceLayer - ok
11:07:12.0437 3732 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:07:12.0437 3732 Sfloppy - ok
11:07:12.0484 3732 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:07:12.0500 3732 SharedAccess - ok
11:07:12.0531 3732 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:07:12.0546 3732 ShellHWDetection - ok
11:07:12.0546 3732 Simbad - ok
11:07:12.0671 3732 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:07:12.0671 3732 SkypeUpdate - ok
11:07:12.0718 3732 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:07:12.0734 3732 SLIP - ok
11:07:12.0750 3732 Sparrow - ok
11:07:12.0781 3732 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:07:12.0781 3732 splitter - ok
11:07:12.0812 3732 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:07:12.0828 3732 Spooler - ok
11:07:12.0843 3732 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:07:12.0859 3732 sr - ok
11:07:12.0890 3732 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
11:07:12.0906 3732 srservice - ok
11:07:12.0937 3732 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:07:12.0953 3732 Srv - ok
11:07:13.0015 3732 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:07:13.0031 3732 SSDPSRV - ok
11:07:13.0062 3732 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:07:13.0125 3732 stisvc - ok
11:07:13.0171 3732 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:07:13.0171 3732 streamip - ok
11:07:13.0203 3732 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:07:13.0203 3732 swenum - ok
11:07:13.0218 3732 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:07:13.0218 3732 swmidi - ok
11:07:13.0234 3732 SwPrv - ok
11:07:13.0250 3732 symc810 - ok
11:07:13.0265 3732 symc8xx - ok
11:07:13.0265 3732 sym_hi - ok
11:07:13.0281 3732 sym_u3 - ok
11:07:13.0296 3732 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:07:13.0296 3732 sysaudio - ok
11:07:13.0328 3732 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:07:13.0343 3732 SysmonLog - ok
11:07:13.0375 3732 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:07:13.0390 3732 TapiSrv - ok
11:07:13.0437 3732 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:07:13.0437 3732 Tcpip - ok
11:07:13.0453 3732 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:07:13.0468 3732 TDPIPE - ok
11:07:13.0484 3732 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:07:13.0484 3732 TDTCP - ok
11:07:13.0515 3732 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:07:13.0515 3732 TermDD - ok
11:07:13.0531 3732 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
11:07:13.0546 3732 TermService - ok
11:07:13.0578 3732 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:07:13.0578 3732 Themes - ok
11:07:13.0640 3732 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
11:07:13.0656 3732 TlntSvr - ok
11:07:13.0656 3732 TosIde - ok
11:07:13.0687 3732 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:07:13.0703 3732 TrkWks - ok
11:07:13.0734 3732 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:07:13.0750 3732 Udfs - ok
11:07:13.0750 3732 ultra - ok
11:07:13.0796 3732 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:07:13.0812 3732 Update - ok
11:07:13.0843 3732 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
11:07:13.0859 3732 upnphost - ok
11:07:13.0890 3732 [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
11:07:13.0890 3732 upperdev - ok
11:07:13.0921 3732 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
11:07:13.0937 3732 UPS - ok
11:07:13.0953 3732 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:07:13.0953 3732 usbaudio - ok
11:07:13.0984 3732 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:07:13.0984 3732 usbccgp - ok
11:07:14.0031 3732 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:07:14.0031 3732 usbehci - ok
11:07:14.0046 3732 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:07:14.0046 3732 usbhub - ok
11:07:14.0062 3732 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:07:14.0078 3732 usbohci - ok
11:07:14.0093 3732 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:07:14.0093 3732 usbprint - ok
11:07:14.0109 3732 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:07:14.0125 3732 usbscan - ok
11:07:14.0140 3732 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
11:07:14.0140 3732 usbser - ok
11:07:14.0187 3732 [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
11:07:14.0187 3732 UsbserFilt - ok
11:07:14.0203 3732 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:07:14.0203 3732 USBSTOR - ok
11:07:14.0250 3732 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
11:07:14.0250 3732 usbvideo - ok
11:07:14.0265 3732 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:07:14.0265 3732 VgaSave - ok
11:07:14.0281 3732 ViaIde - ok
11:07:14.0296 3732 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:07:14.0296 3732 VolSnap - ok
11:07:14.0359 3732 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
11:07:14.0375 3732 VSS - ok
11:07:14.0421 3732 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
11:07:14.0437 3732 W32Time - ok
11:07:14.0453 3732 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:07:14.0453 3732 Wanarp - ok
11:07:14.0515 3732 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
11:07:14.0531 3732 Wdf01000 - ok
11:07:14.0546 3732 WDICA - ok
11:07:14.0562 3732 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:07:14.0562 3732 wdmaud - ok
11:07:14.0593 3732 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:07:14.0609 3732 WebClient - ok
11:07:14.0687 3732 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:07:14.0687 3732 winmgmt - ok
11:07:14.0750 3732 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:07:14.0750 3732 WmdmPmSN - ok
11:07:14.0781 3732 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:07:14.0796 3732 Wmi - ok
11:07:14.0828 3732 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
11:07:14.0828 3732 WmiApSrv - ok
11:07:14.0859 3732 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:07:14.0859 3732 WpdUsb - ok
11:07:14.0906 3732 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:07:14.0937 3732 WPFFontCache_v0400 - ok
11:07:14.0984 3732 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:07:15.0000 3732 wscsvc - ok
11:07:15.0031 3732 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:07:15.0031 3732 WSTCODEC - ok
11:07:15.0046 3732 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:07:15.0062 3732 wuauserv - ok
11:07:15.0093 3732 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:07:15.0109 3732 WudfPf - ok
11:07:15.0125 3732 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:07:15.0125 3732 WudfRd - ok
11:07:15.0140 3732 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:07:15.0156 3732 WudfSvc - ok
11:07:15.0218 3732 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:07:15.0250 3732 WZCSVC - ok
11:07:15.0281 3732 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:07:15.0296 3732 xmlprov - ok
11:07:15.0312 3732 ================ Scan global ===============================
11:07:15.0343 3732 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
11:07:15.0390 3732 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:07:15.0421 3732 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:07:15.0453 3732 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
11:07:15.0453 3732 [Global] - ok
11:07:15.0468 3732 ================ Scan MBR ==================================
11:07:15.0484 3732 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:07:15.0593 3732 \Device\Harddisk0\DR0 - ok
11:07:15.0593 3732 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:07:15.0593 3732 \Device\Harddisk1\DR1 - ok
11:07:15.0984 3732 [ 180DBDE3AF7EA48B3DB3AC27B1DDF401 ] \Device\Harddisk2\DR4
11:07:15.0984 3732 \Device\Harddisk2\DR4 - ok
11:07:15.0984 3732 ================ Scan VBR ==================================
11:07:16.0000 3732 [ 055D8814676FA7548542BA7D805E34B9 ] \Device\Harddisk0\DR0\Partition1
11:07:16.0000 3732 \Device\Harddisk0\DR0\Partition1 - ok
11:07:16.0000 3732 [ 9BC0DD52DCAB3DA05243DEE6C9AB7D24 ] \Device\Harddisk1\DR1\Partition1
11:07:16.0000 3732 \Device\Harddisk1\DR1\Partition1 - ok
11:07:16.0015 3732 [ B19AED00D26DAA9ED78E07CBB665BB62 ] \Device\Harddisk2\DR4\Partition1
11:07:16.0015 3732 \Device\Harddisk2\DR4\Partition1 - ok
11:07:16.0015 3732 ============================================================
11:07:16.0015 3732 Scan finished
11:07:16.0015 3732 ============================================================
11:07:16.0031 3072 Detected object count: 0
11:07:16.0031 3072 Actual detected object count: 0
11:08:09.0656 2616 Deinitialize success


Je to nekonečné (přes max. 60 tis. znaků), log z ComboFix vložím zvlášť.

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

log z ComboFix (Re: (taky) problém Certified Toolbar Search)

Příspěvekod Vrbik » 25 led 2013 12:02

ComboFix 13-01-24.02 - Jan 25.01.2013 11:25:47.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3519.2783 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jan\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Jan\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\PowerToyReadme.htm
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-25 do 2013-01-25 )))))))))))))))))))))))))))))))
.
.
2013-01-24 17:27 . 2013-01-24 17:27 -------- d-----w- c:\documents and settings\Jan\Data aplikací\Malwarebytes
2013-01-24 17:27 . 2013-01-24 17:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-01-24 17:27 . 2013-01-24 17:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-24 17:27 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-21 10:47 . 2013-01-21 10:47 1409 ----a-w- c:\windows\QTFont.for
2013-01-21 10:17 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe
2013-01-21 10:17 . 2013-01-21 10:17 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\SimplyTech
2013-01-21 10:04 . 2013-01-21 10:17 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\DownTango
2013-01-21 10:03 . 2013-01-24 16:59 -------- d-----w- c:\program files\Red Sky
2013-01-12 21:30 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 18:50 . 2012-07-16 19:40 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-12 18:50 . 2012-07-16 19:40 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 12:23 . 2001-10-25 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-11 09:27 . 2012-12-11 09:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-11 09:27 . 2012-08-06 20:06 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-11 09:27 . 2007-07-14 07:54 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-13 11:55 . 2002-09-20 15:41 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:00 . 2009-08-19 16:07 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:03 . 2002-09-20 16:03 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2002-09-20 16:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 12:12 . 2002-09-20 16:05 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2002-09-20 16:04 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 00:35 . 2007-03-11 07:32 385024 ------w- c:\windows\system32\html.iec
2012-10-30 22:51 . 2008-05-29 16:52 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2008-03-25 17:29 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2008-03-25 17:29 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2008-03-25 17:29 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2008-03-25 17:29 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2008-05-29 16:52 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2008-03-25 17:29 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2010-10-12 20:00 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2008-03-25 17:29 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-16 14:21 . 2012-06-30 08:56 6949596 ----a-w- c:\program files\TranscendElite.exe
2011-12-12 23:23 . 2011-12-12 23:20 147670168 ----a-w- c:\program files\Rossmann-Foto-Shop-Client-Setup.exe
2009-11-25 17:17 . 2009-11-25 17:17 1410632 ----a-w- c:\program files\setup_dm_paradies_foto_2.exe
2013-01-20 08:50 . 2013-01-20 08:49 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-27 09:52 . 2013-01-20 08:49 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-06-26 172032]
"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2007-11-01 151552]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-27 30192]
"NBKeyScan"="c:\program files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" [2008-02-21 1647912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=
"c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26338:TCP"= 26338:TCP:BitComet 26338 TCP
"26338:UDP"= 26338:UDP:BitComet 26338 UDP
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12.1.2013 22:30 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.5.2008 17:52 361032]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [11.3.2007 9:14 33824]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.5.2008 17:52 21256]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [24.1.2013 18:27 682344]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [24.1.2013 18:27 21104]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.7.2012 12:19 160944]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [12.6.2009 21:53 30192]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.11.2012 20:07 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.11.2012 20:08 8576]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-16 07:35 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 18:50]
.
2013-01-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-01-12 22:50]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 08:32]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 08:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jan\Data aplikací\Mozilla\Firefox\Profiles\0oejaxbb.default-1359055826453\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-13 20:07; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF
FF - ExtSQL: 2013-01-20 09:49; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-dm paradies foto 2 - c:\program files\dm\dm paradies foto 2\uninstall.exe
AddRemove-Kalender - c:\windows\Uninstall_tkexe -kalender
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-25 11:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1784)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\HPZipm12.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
.
**************************************************************************
.
Celkový čas: 2013-01-25 11:45:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-25 10:45
.
Před spuštěním: Volných bajtů: 88 139 599 872
Po spuštění: Volných bajtů: 89 276 710 912
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer
.
- - End Of File - - C4562F72FD6B99FB3AA73C574908926D

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod memphisto » 25 led 2013 12:12

Tyhle soubory smaž a nebo přesuň. neměly by být volně v Program Files:
c:\program files\TranscendElite.exe
c:\program files\Rossmann-Foto-Shop-Client-Setup.exe
c:\program files\setup_dm_paradies_foto_2.exe


Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Driver::
SkypeUpdate

Folder::
c:\program files\Skype\Updater
c:\documents and settings\All Users\Data aplikací\Winamp Toolbar

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť?.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\system32\drivers\oreans32.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod Vrbik » 25 led 2013 14:47

popsaným způsobem spuštěný ComboFix zahlásil, že chce vypnout antivirák, což jsem udělal, běželo to dál, ale asi se to nějak kouslo nebo co, místo avizovaných 10 min (resp. možném dvojnásobku) se to 2 hod. tvářilo, že to hledá zavirované soubory a dál pořád nic. Nevydržel jsem. Nešlo nic, než reset. Mám zkusit znovu?

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod memphisto » 25 led 2013 14:50

Zkus to v nouzovém režimu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod Vrbik » 25 led 2013 16:36

V nouzovém to běželo.

ComboFix 13-01-24.02 - Administrator 25.01.2013 16:01:18.2.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3519.3241 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-25 do 2013-01-25 )))))))))))))))))))))))))))))))
.
.
2013-01-25 14:52 . 2013-01-25 14:52 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2013-01-24 17:27 . 2013-01-24 17:27 -------- d-----w- c:\documents and settings\Jan\Data aplikací\Malwarebytes
2013-01-24 17:27 . 2013-01-24 17:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-01-24 17:27 . 2013-01-24 17:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-24 17:27 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-21 10:47 . 2013-01-21 10:47 1409 ----a-w- c:\windows\QTFont.for
2013-01-21 10:17 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe
2013-01-21 10:17 . 2013-01-21 10:17 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\SimplyTech
2013-01-21 10:04 . 2013-01-21 10:17 -------- d-----w- c:\documents and settings\Jan\Local Settings\Data aplikací\DownTango
2013-01-21 10:03 . 2013-01-24 16:59 -------- d-----w- c:\program files\Red Sky
2013-01-12 21:30 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 18:50 . 2012-07-16 19:40 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-12 18:50 . 2012-07-16 19:40 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 12:23 . 2001-10-25 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-11 09:27 . 2012-12-11 09:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-11 09:27 . 2012-08-06 20:06 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-11 09:27 . 2007-07-14 07:54 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-13 11:55 . 2002-09-20 15:41 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:00 . 2009-08-19 16:07 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:03 . 2002-09-20 16:03 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2002-09-20 16:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 12:12 . 2002-09-20 16:05 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2002-09-20 16:04 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 00:35 . 2007-03-11 07:32 385024 ------w- c:\windows\system32\html.iec
2012-10-30 22:51 . 2008-05-29 16:52 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2008-03-25 17:29 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2008-03-25 17:29 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2008-03-25 17:29 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2008-03-25 17:29 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2008-05-29 16:52 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2008-03-25 17:29 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2010-10-12 20:00 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2008-03-25 17:29 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-20 08:50 . 2013-01-20 08:49 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-27 09:52 . 2013-01-20 08:49 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-06-26 172032]
"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2007-11-01 151552]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-27 30192]
"NBKeyScan"="c:\program files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" [2008-02-21 1647912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=
"c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26338:TCP"= 26338:TCP:BitComet 26338 TCP
"26338:UDP"= 26338:UDP:BitComet 26338 UDP
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12.1.2013 22:30 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.5.2008 17:52 361032]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [11.3.2007 9:14 33824]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.5.2008 17:52 21256]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [24.1.2013 18:27 682344]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [24.1.2013 18:27 21104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [12.6.2009 21:53 30192]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.11.2012 20:07 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.11.2012 20:08 8576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-16 07:35 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 18:50]
.
2013-01-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-01-12 22:50]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 08:32]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 08:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Jan\Data aplikací\Mozilla\Firefox\Profiles\0oejaxbb.default-1359055826453\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-13 20:07; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF
FF - ExtSQL: 2013-01-20 09:49; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-25 16:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3780)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\HPZipm12.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
.
**************************************************************************
.
Celkový čas: 2013-01-25 16:17:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-25 15:17
ComboFix2.txt 2013-01-25 10:45
.
Před spuštěním: Volných bajtů: 89 241 595 904
Po spuštění: Volných bajtů: 89 233 645 568
.
- - End Of File - - 995355C53F73873119E8450AD31FB409

Odkaz na výsledek ve Virustotal:
https://www.virustotal.com/file/61083d3 ... 359127711/

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod memphisto » 25 led 2013 18:12

Ještě tohle hoď na Virustotal

c:\windows\Launcher.exe
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Vrbik
nováček
Příspěvky: 20
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: (taky) problém Certified Toolbar Search

Příspěvekod Vrbik » 25 led 2013 18:19



Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 107 hostů