prosím o kontrolu logu-náhodne mrzne pc

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 04 kvě 2014 19:26

nechce nabehnúť log z Combofix, kde ho nájdem?
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

Reklama
izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 04 kvě 2014 19:48

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-04 19:34:33
-----------------------------
19:34:33.782 OS Version: Windows x64 6.1.7601 Service Pack 1
19:34:33.783 Number of processors: 2 586 0xF0D
19:34:33.785 ComputerName: EDIK-PC UserName: Edik
19:34:36.488 Initialize success
19:34:39.648 AVAST engine defs: 14050400
19:35:11.024 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006a
19:35:11.029 Disk 0 Vendor: ATA_____ 1A01 Size: 476940MB BusType: 11
19:35:11.044 Disk 0 MBR read successfully
19:35:11.054 Disk 0 MBR scan
19:35:11.083 Disk 0 Windows 7 default MBR code
19:35:11.095 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 32730 MB offset 63
19:35:11.121 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 444209 MB offset 67033008
19:35:11.156 Disk 0 scanning C:\Windows\system32\drivers
19:35:23.324 Service scanning
19:35:46.285 Modules scanning
19:35:46.305 Disk 0 trace - called modules:
19:35:46.340 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys >>UNKNOWN [0xfffffa8002cff2c0]<<sptd.sys storport.sys hal.dll iaStorA.sys
19:35:46.350 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051711f0]
19:35:46.365 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa8005171aa0]
19:35:46.375 5 iaStorF.sys[fffff88001e8d9a0] -> nt!IofCallDriver -> \Device\0000006a[0xfffffa80031e98f0]
19:35:46.395 \Driver\iaStorA[0xfffffa80031b5de0] -> IRP_MJ_CREATE -> 0xfffffa8002cff2c0
19:35:47.416 AVAST engine scan C:\Windows
19:35:49.446 AVAST engine scan C:\Windows\system32
19:39:05.665 AVAST engine scan C:\Windows\system32\drivers
19:39:22.539 AVAST engine scan C:\Users\Edik
19:43:08.669 AVAST engine scan C:\ProgramData
19:44:54.972 Scan finished successfully
19:47:24.160 Disk 0 MBR has been saved successfully to "C:\Users\Edik\Desktop\MBR.dat"
19:47:24.175 The log file has been saved successfully to "C:\Users\Edik\Desktop\aswMBR.txt"
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod jaro3 » 05 kvě 2014 09:24

C:\Combofix nebo C:\Quubox.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 05 kvě 2014 14:02

2014-05-04 14:13:38 . 2014-05-04 14:13:38 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SpywareTerminatorUpdater.reg.dat
2014-05-04 14:13:38 . 2014-05-04 14:13:38 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SpywareTerminatorShield.reg.dat
2014-05-01 18:49:55 . 2014-05-01 18:49:55 512 ----a-w- C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
2014-05-01 18:47:53 . 2014-05-01 18:47:53 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SynTPEnh.reg.dat
2014-05-01 18:47:51 . 2014-05-04 14:13:35 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6}.reg.dat
2014-05-01 18:47:46 . 2014-05-01 18:47:46 377 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47}.reg.dat
2014-05-01 18:47:24 . 2014-05-01 18:47:24 112 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKLM-Run-Driver Genius.reg.dat
2014-05-01 18:47:22 . 2014-05-01 18:47:22 160 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-HKCU-Run-Praetorian.reg.dat
2014-05-01 18:47:20 . 2014-05-01 18:47:21 1,869 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-{91397D20-1446-11D4-8AF4-0040CA1127B6}.reg.dat
2014-05-01 18:41:09 . 2014-05-04 14:08:30 8,890 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2014-05-01 18:29:08 . 2014-05-04 13:59:16 204 ----a-w- C:\Qoobox\Quarantine\catchme.log
2014-01-18 21:25:43 . 2014-01-18 22:29:54 104 ----a-w- C:\Qoobox\Quarantine\C\Users\Edik\AppData\Roaming\LOVE\not_pacman\highscoreA.vir

nie som si istý, či je to to, ako by sa mal ten súbor volať?
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod jaro3 » 05 kvě 2014 19:07

To není ono , je to Combofix(číslo).txt
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 06 kvě 2014 20:32

ComboFix 14-04-30.01 - Edik . 05. 2014 20:33:52.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1049.18.3003.1034 [GMT 2:00]
Running from: c:\users\Edik\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Edik\AppData\Roaming\Love
c:\users\Edik\AppData\Roaming\Love\not_pacman\highscoreA
.
.
((((((((((((((((((((((((( Files Created from 2014-04-01 to 2014-05-01 )))))))))))))))))))))))))))))))
.
.
2014-05-01 18:44 . 2014-05-01 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-01 18:20 . 2014-05-01 18:20 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94E173B6-341B-4B33-9674-34443FA5C5C4}\gapaengine.dll
2014-05-01 18:20 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30BA6CAA-BC3A-4941-9A1F-69230A13434E}\mpengine.dll
2014-04-30 17:30 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-26 12:20 . 2014-04-27 10:04 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-04-23 17:31 . 2014-04-23 17:31 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2014-04-23 17:31 . 2014-04-29 22:17 -------- d-----w- c:\programdata\Spyware Terminator
2014-04-23 17:31 . 2014-04-26 06:48 -------- d-----w- c:\program files (x86)\Spyware Terminator
2014-04-22 19:42 . 2014-04-23 18:03 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-22 19:41 . 2014-04-27 10:04 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-22 19:41 . 2014-04-22 19:41 -------- d-----w- c:\programdata\Malwarebytes
2014-04-22 19:41 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-22 19:41 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-22 19:41 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-22 17:52 . 2014-04-22 17:52 -------- d-----w- c:\users\Edik\AppData\Roaming\TuneUp Software
2014-04-22 17:52 . 2014-04-22 17:52 -------- d-----w- c:\users\Edik\AppData\Local\TuneUp Software
2014-04-22 17:49 . 2014-04-22 17:49 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-21 07:04 . 2014-04-14 18:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-20 06:37 . 2014-02-20 08:36 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E7A14DE-F2B5-4B50-8E81-6F3A44D8D951}\gapaengine.dll
2014-04-19 16:42 . 2014-04-19 16:43 -------- d-----w- c:\users\Edik\AppData\Local\Facebook
2014-04-16 17:50 . 2014-04-28 17:40 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-29 21:17 . 2013-04-01 15:39 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 21:17 . 2012-02-15 12:39 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 08:36 . 2013-04-24 15:48 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-16 22:57 . 2013-04-01 14:16 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-06 12:16 . 2014-02-13 09:22 23170048 ----a-w- c:\windows\system32\mshtml.dll
2014-02-06 11:30 . 2014-02-13 09:22 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-06 11:30 . 2014-02-13 09:22 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-02-06 11:12 . 2014-02-13 09:22 2765824 ----a-w- c:\windows\system32\iertutil.dll
2014-02-06 11:07 . 2014-02-13 09:22 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-02-06 11:06 . 2014-02-13 09:22 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-02-06 10:57 . 2014-02-13 09:22 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-02-06 10:56 . 2014-02-13 09:22 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-02-06 10:52 . 2014-02-13 09:22 574976 ----a-w- c:\windows\system32\ieui.dll
2014-02-06 10:49 . 2014-02-13 09:22 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-06 10:48 . 2014-02-13 09:22 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-02-06 10:48 . 2014-02-13 09:22 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2014-02-06 10:32 . 2014-02-13 09:22 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2014-02-06 10:20 . 2014-02-13 09:22 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-02-06 10:17 . 2014-02-13 09:22 195584 ----a-w- c:\windows\system32\msrating.dll
2014-02-06 10:11 . 2014-02-13 09:22 5768704 ----a-w- c:\windows\system32\jscript9.dll
2014-02-06 10:01 . 2014-02-13 09:22 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-02-06 10:00 . 2014-02-13 09:22 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:57 . 2014-02-13 09:22 627200 ----a-w- c:\windows\system32\msfeeds.dll
2014-02-06 09:50 . 2014-02-13 09:22 2041856 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-06 09:47 . 2014-02-13 09:22 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-02-06 09:46 . 2014-02-13 09:22 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-02-06 09:25 . 2014-02-13 09:22 4244480 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-02-06 09:24 . 2014-02-13 09:22 2334208 ----a-w- c:\windows\system32\wininet.dll
2014-02-06 09:22 . 2014-02-13 09:22 13051392 ----a-w- c:\windows\system32\ieframe.dll
2014-02-06 09:09 . 2014-02-13 09:22 1964032 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-02-06 08:55 . 2014-02-13 09:22 1393664 ----a-w- c:\windows\system32\urlmon.dll
2014-02-06 08:41 . 2014-02-13 09:22 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2014-02-06 08:40 . 2014-02-13 09:22 817664 ----a-w- c:\windows\system32\ieapfltr.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"BitTorrent"="c:\users\Edik\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-04-20 1236832]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20924576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-12-20 56720]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-13 3764024]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 MpKsl9ca2f0c2;MpKsl9ca2f0c2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93F121EA-AB61-4FF8-9197-AC42573F2960}\MpKsl9ca2f0c2.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93F121EA-AB61-4FF8-9197-AC42573F2960}\MpKsl9ca2f0c2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-30 16:34 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-01 21:17]
.
2014-04-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3810809530-2793764039-2004029177-1000Core.job
- c:\users\Edik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-19 16:46]
.
2014-04-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3810809530-2793764039-2004029177-1000UA.job
- c:\users\Edik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-19 16:46]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01 15:22]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01 15:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 12:33 2331336 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 12:33 2331336 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 12:33 2331336 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-13 18:29 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-17 163384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-17 387640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-17 418360]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-01-14 2777736]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-10-22 3684488]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yandex.ru/?win=82&clid=47355
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Edik\AppData\Roaming\Mozilla\Firefox\Profiles\6leavf7g.default\
FF - prefs.js: browser.search.selectedEngine - ?????@Mail.Ru
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://go.mail.ru/search?fr=fftb&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{91397D20-1446-11D4-8AF4-0040CA1127B6} - c:\program files (x86)\Yandex\YandexBarIE\yndbar.dll
Wow6432Node-HKCU-Run-Praetorian - c:\users\Edik\AppData\Local\Yandex\Updater\praetorian.exe
Wow6432Node-HKLM-Run-Driver Genius - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Driver Genius Professional Edition_is1 - c:\program files (x86)\Driver-Soft\DriverGenius\unins000.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2804576 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2835393 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2858302v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2898855v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2901110v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-05-01 20:49:55
ComboFix-quarantined-files.txt 2014-05-01 18:49
.
Pre-Run: 2 817 658 880 bytes free
Post-Run: 2 873 253 888 bytes free
.
- - End Of File - - 798CF2E11A4ABB5E58E1E5A3F6A06DC6
A36C5E4F47E84449FF07ED3517B43A31
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 06 kvě 2014 20:52

PC po oprave Combofixom ide normálne, ďakujem za pomoc
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod jaro3 » 07 kvě 2014 09:17

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
Dva antiviry , jeden odinstaluj

odinstaluj
Spyware Terminator

Pak nový Combofix.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 07 kvě 2014 19:06

Microsoft Security Essentials kde by mal byť? nemôžem ho nájsť...
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod Orcus » 08 kvě 2014 09:36

Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

izzy1995
Level 3
Level 3
Příspěvky: 569
Registrován: prosinec 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod izzy1995 » 09 kvě 2014 22:31

bohužiaľ v zozname chýba...
Intel Core i7-4710HQ 3,5Ghz, Intel HM86 Chipset, 8GB DDR3 1600Mhz, SATA HDD 1TB(7200rpm) + 2TB samsung HDD,IPS LED 15,6" 1920x1080px,Intel Graphics 4600, Nvidia GeForce GTX860M 4GB GDDR5,Wi-fi 802.11 a/g/n, Bluetooth
ASUS N551JM-DM157H

Born to be FIIT (STU)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu-náhodne mrzne pc

Příspěvekod jaro3 » 10 kvě 2014 09:34

Odinstaluj:
SpywareTerminator

http://support.microsoft.com/kb/2435760

Pak nový Combofix.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 90 hostů