Otázka Kontrola logu

Příspěvekod **jaro3** » 29 lis 2013 11:42

použij tohle:
http://www.bleepingcomputer.com/downloa ... oval-tool/

Reklama

SamerLP · Příspěvekod **SamerLP** » 29 lis 2013 14:14

To nebude treba už som to spravil cez Fixit ako hovorím ale neviem či pomohlo a ten trend micro neviem ako písal som vám ten screen... že neviem ako...

Příspěvekod **Žbeky** » 29 lis 2013 18:10

Udělej ten combofix a odmažem to v něm

SamerLP · Příspěvekod **SamerLP** » 29 lis 2013 18:55

ComboFix log:

ComboFix 13-11-07.01 - Samerko . 11. 2013 18:28:43.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4072.2498 [GMT 1:00]
Running from: C:\Users\Samerko\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Windows\msvcr71.dll

---- Previous Run -------

C:\Users\Samerko\Odinstalovat.exe
C:\Windows\SysWow64\frapsvid.dll
C:\Windows\SysWow64\Packet.dll
C:\Windows\SysWow64\pthreadVC.dll
C:\Windows\SysWow64\wpcap.dll

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_npf

((((((((((((((((((((((((( Files Created from 2013-10-28 to 2013-11-29 )))))))))))))))))))))))))))))))

2013-11-29 17:47:09 . 2013-11-29 17:47:09 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-11-27 14:17:00 . 2013-11-27 14:17:01 -------- d-----w- C:\Program Files\McAfee Security Scan
2013-11-25 20:23:41 . 2013-11-25 20:24:03 -------- d-----w- C:\Program Files (x86)\PhotoScape
2013-11-21 19:43:50 . 2013-11-27 18:23:45 -------- d-----w- C:\Users\Samerko\AppData\Roaming\.minecraft
2013-11-16 20:12:06 . 2013-11-16 20:12:06 -------- d-----w- C:\Users\Samerko\AppData\Roaming\Vidalia
2013-11-13 13:14:52 . 2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\system32\authui.dll
2013-11-13 13:13:43 . 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\system32\IKEEXT.DLL
2013-11-13 13:13:43 . 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 13:13:42 . 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\system32\nshwfp.dll
2013-11-13 13:13:42 . 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-11-13 13:13:42 . 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-11-13 13:00:04 . 2013-11-13 13:00:05 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-11-12 15:47:31 . 2013-11-12 15:47:31 -------- d-----w- C:\ProgramData\4shared Desktop
2013-11-12 15:21:39 . 2013-11-16 20:03:51 -------- d-----w- C:\Program Files (x86)\Vidalia Bundle
2013-11-09 21:09:34 . 2009-12-30 14:12:46 -------- d-----w- C:\lgsl
2013-11-09 19:53:27 . 2013-11-14 14:31:33 -------- d-----w- C:\PHP-F
2013-11-08 20:33:46 . 2013-11-08 20:34:17 -------- d-----w- C:\Users\Samerko\BTSync
2013-11-08 20:33:11 . 2013-11-08 20:33:11 -------- d-----w- C:\Program Files (x86)\BitTorrent Sync
2013-11-08 20:33:08 . 2013-11-16 22:20:48 -------- d-----w- C:\Users\Samerko\AppData\Roaming\BitTorrent Sync
2013-11-02 14:00:23 . 2013-11-02 14:00:48 -------- d-----w- C:\Program Files (x86)\RocketDock
2013-11-01 11:58:44 . 2013-11-01 11:58:44 -------- d-----w- C:\Windows\ERUNT
2013-10-31 10:20:41 . 2013-10-31 10:20:42 -------- d-----w- C:\ProgramData\Oracle
2013-10-31 10:20:37 . 2013-10-31 10:20:37 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2013-10-31 10:20:20 . 2013-10-08 06:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-11-28 14:50:58 . 2013-09-28 20:08:00 948 ----a-w- C:\FixitRegBackup.reg
2013-11-27 14:06:20 . 2012-03-15 14:09:53 45056 ----a-w- C:\Windows\system32\acovcnt.exe
2013-11-23 11:17:42 . 2012-04-01 15:43:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-23 11:17:42 . 2012-04-01 15:43:15 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-12 17:08:53 . 2013-10-12 17:07:19 388 ----a-w- C:\Users\Samerko\Spustit.bat
2013-10-05 06:02:40 . 2013-10-05 06:02:40 388096 ----a-r- C:\Users\Samerko\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-25 02:22:59 . 2013-11-13 13:14:26 340992 ----a-w- C:\Windows\system32\schannel.dll
2013-09-25 01:57:24 . 2013-11-13 13:14:26 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-12 18:32:16 . 2012-09-02 18:36:50 79143768 ----a-w- C:\Windows\system32\MRT.exe
2013-09-08 02:30:37 . 2013-10-10 12:22:43 1903552 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2013-09-08 02:27:14 . 2013-10-10 12:22:43 327168 ----a-w- C:\Windows\system32\mswsock.dll
2013-09-08 02:03:58 . 2013-10-10 12:22:42 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

Příspěvekod **jaro3** » 30 lis 2013 09:27

Vlož ten log celý!

SamerLP · Příspěvekod **SamerLP** » 30 lis 2013 13:29

Nemám iný nemám jediny subor čo som našiel z .txt tento a spravil som podla návodu combofix viac neviem spraviť neni som žiadny gambler alebo čo do pc moc nerozumeim tým návodom a ten návod na vypnutie antiviru nič také nemám ani som nenašiel vypol som ho ako trebalo neviem či dobre spravil som combofix a v C a tam je zložka combofix a tam som naiel subor Combofix.txt len jeden! viac nie tak len toto mám tak nepíšte prosím že celý ja už iný log nemám po druhý krát!

Příspěvekod **jaro3** » 01 pro 2013 10:51

Stáhni si rkill
a spusť ho . Spustí se sken .Po skenu se program sám ukončí.
Pozn.: NERESTARTUJ PC !

pak znovu Combofix.

SamerLP · Příspěvekod **SamerLP** » 30 led 2014 16:25

Ahoj tak po dlhej dobe som spravil log aj combofix aj ten rkill znova prepáčte že som sa už neozval ale zabudol som na log tu sú:
Rkill:
Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/30/2014 03:25:19 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 3760) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/30/2014 03:29:32 PM
Execution time: 0 hours(s), 4 minute(s), and 13 seconds(s)

ComboFix dúfame že konečne ako má byť už bude ten log:
ComboFix 13-11-07.01 - Samerko . 01. 2014 15:41:45.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4072.2298 [GMT 1:00]
Running from: c:\users\Samerko\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Files Created from 2013-12-28 to 2014-01-30 )))))))))))))))))))))))))))))))
.
.
2014-01-30 15:01 . 2014-01-30 15:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-29 14:52 . 2014-01-29 14:52 -------- d-----w- c:\program files\ESET
2014-01-28 12:04 . 2014-01-28 12:04 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-01-21 13:28 . 2014-01-21 13:29 -------- d-----w- C:\php
2014-01-20 17:49 . 2012-03-19 14:12 1454896 ----a-w- c:\windows\system32\drivers\vasdDev.sys
2014-01-18 17:46 . 2014-01-18 17:46 31648 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2014-01-18 17:45 . 2014-01-18 17:46 -------- d-----w- c:\program files\HWiNFO64
2014-01-13 20:20 . 2014-01-13 20:20 -------- d-----w- c:\users\Samerko\.smtube
2014-01-13 20:16 . 2014-01-22 18:27 -------- d-----w- c:\users\Samerko\.smplayer
2014-01-13 20:15 . 2014-01-13 20:16 -------- d-----w- c:\program files\SMPlayer
2014-01-12 12:54 . 2014-01-12 12:57 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-26 11:01 . 2012-03-15 14:09 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-12-28 19:35 . 2013-12-28 19:35 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-28 19:35 . 2013-12-28 19:35 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-28 19:35 . 2013-12-28 19:35 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-28 19:35 . 2013-12-28 19:35 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-28 19:35 . 2013-12-28 19:35 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-28 19:35 . 2013-12-28 19:35 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-28 19:35 . 2013-12-28 19:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-28 19:35 . 2013-12-28 19:35 413696 ----a-w- c:\windows\system32\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-28 19:35 . 2013-12-28 19:35 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-28 19:35 . 2013-12-28 19:35 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-28 19:35 . 2013-12-28 19:35 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-28 19:35 . 2013-12-28 19:35 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-28 19:35 . 2013-12-28 19:35 235520 ----a-w- c:\windows\system32\url.dll
2013-12-28 19:35 . 2013-12-28 19:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-28 19:35 . 2013-12-28 19:35 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-28 19:35 . 2013-12-28 19:35 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-11 16:30 . 2012-04-01 15:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 16:30 . 2012-04-01 15:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-28 14:50 . 2013-09-28 20:08 948 ----a-w- C:\FixitRegBackup.reg
2013-11-26 11:54 . 2013-12-29 21:28 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-29 21:28 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-29 21:28 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-29 21:28 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-29 21:28 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-29 21:28 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-29 21:28 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-29 21:28 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-29 21:28 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-29 21:28 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-29 21:28 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-29 21:28 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-29 21:28 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-29 21:28 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-29 21:28 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-29 21:28 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-29 21:28 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-29 21:28 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-29 21:28 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-29 21:28 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-29 21:28 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-29 21:28 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 14:18 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 14:18 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 14:18 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 14:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-07 15:00 . 2012-09-02 18:36 82896128 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdatp.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 16:30]
.
2014-01-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job
- c:\users\Samerko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-13 16:42]
.
2014-01-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job
- c:\users\Samerko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-13 16:42]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 20:23]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 20:23]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job
- c:\users\Samerko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-01 15:29]
.
2014-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job
- c:\users\Samerko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-01 15:29]
.
2014-01-30 c:\windows\Tasks\Wise Care 365.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-08-21 12:57]
.
2014-01-29 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-08-21 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-16 4090824]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Upload to Facebook - c:\program files (x86)\WebcamMax\share\iecontext.htm
FF - ProfilePath - c:\users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,6e,df,
93,b7,8b,eb,08,91,4f,cb,e8,45,6f,3d,2a
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,28,b5,
02,2c,88,3d,01,8c,88,2a,46,04,49,ea,46
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cb,24,
8e,33,18,d0,01,97,c1,15,24,77,4e,25,d3
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,3b,1b,ed,a5,b8,
a5,6f,ae,16,0b,92,3e,44,ab,9e,55,92,b9
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,21,da,
cc,7b,ad,2f,0c,81,83,47,9c,2e,7e,85,5a
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,3b,1b,4b,dc,f2,
f0,29,35,b3,5a,85,7f,44,53,21,81,de,52
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,3b,1b,4c,dc,f2,
f0,29,35,b3,5a,85,7f,44,53,21,81,de,52
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"=hex:51,66,7a,6c,4c,1d,3b,1b,12,a5,e6,
f5,a5,c4,35,07,9c,86,ff,59,8e,7b,cb,f7
"{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}"=hex:51,66,7a,6c,4c,1d,3b,1b,fc,f7,da,
3b,01,03,d3,0a,92,55,66,9d,c9,ed,ca,35
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,87,9c,
86,1c,10,b2,02,80,da,98,c6,6a,ae,3b,a9
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,c8,f8,
30,75,0c,f6,01,ad,bb,50,2b,f9,44,27,2e
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,39,
53,8f,3d,15,0c,89,f8,b9,9b,04,73,3f,60
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-30 16:07:20
ComboFix-quarantined-files.txt 2014-01-30 15:07
.
Pre-Run: 92 650 991 616 bytes free
Post-Run: 91 836 940 288 bytes free
.
- - End Of File - - 89763E0A47CBE707F5858698DADDAB63

Příspěvekod **jaro3** » 30 led 2014 19:21

Odinstaluj:
McAfee Security Scan
BingBar

Trend Micro:
http://esupport.trendmicro.com/solution ... 56551.aspx

MSE tím programem viz výše , pak nový Combofix.

Eset nechat? Je legální?

SamerLP · Příspěvekod **SamerLP** » 31 led 2014 15:58

ComboFix nedám zatedy.
tak spravil som tie dva programy som odištaloval
MSE som použil fixit tento: http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/
a prosím ten TrendMicro bohužial robím podla návodu a nejde to žiadne yes tam neni čo je to za blbý návod! stiahol som a žiadne yes nikde je to po nejakom jazyku ktorému nerozumiem.
Eset Ano nechať ano je legálny používam vdycky k nemu kódy aktivačné a tak takže je legálny.

Příspěvekod **jaro3** » 31 led 2014 19:31

Yes----Kdy se zobrazí okno Řízení uživatelských účtů ( ve windows , pokud nemáš UAC vypnuté) klepněte na tlačítko Ano.!!

Až to odinstaluješ , dej nový Combofix..

SamerLP · Příspěvekod **SamerLP** » 31 led 2014 20:28

Ano pochopil som odinštalované tu je combofix nový log:

ComboFix 13-11-07.01 - Samerko . 01. 2014 20:07:26.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4072.2543 [GMT 1:00]
Running from: c:\users\Samerko\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-12-28 to 2014-01-31 )))))))))))))))))))))))))))))))
.
.
2014-01-31 19:22 . 2014-01-31 19:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-31 18:57 . 2010-09-17 08:52 525792 ----a-w- c:\windows\DIFxAPI.dll
2014-01-31 18:57 . 2010-09-17 08:52 232272 ----a-w- c:\windows\TmNSCIns.dll
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\Avant Downloader
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\Avant Profiles
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\program files (x86)\Avant Browser
2014-01-29 14:52 . 2014-01-29 14:52 -------- d-----w- c:\program files\ESET
2014-01-28 12:04 . 2014-01-28 12:04 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-01-21 13:28 . 2014-01-21 13:29 -------- d-----w- C:\php
2014-01-20 17:49 . 2012-03-19 14:12 1454896 ----a-w- c:\windows\system32\drivers\vasdDev.sys
2014-01-18 17:46 . 2014-01-18 17:46 31648 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2014-01-18 17:45 . 2014-01-18 17:46 -------- d-----w- c:\program files\HWiNFO64
2014-01-13 20:20 . 2014-01-13 20:20 -------- d-----w- c:\users\Samerko\.smtube
2014-01-13 20:16 . 2014-01-22 18:27 -------- d-----w- c:\users\Samerko\.smplayer
2014-01-13 20:15 . 2014-01-13 20:16 -------- d-----w- c:\program files\SMPlayer
2014-01-12 12:54 . 2014-01-12 12:57 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-31 19:00 . 2012-03-15 14:09 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-01-31 14:56 . 2013-09-28 20:08 948 ----a-w- C:\FixitRegBackup.reg
2013-12-28 19:35 . 2013-12-28 19:35 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-28 19:35 . 2013-12-28 19:35 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-28 19:35 . 2013-12-28 19:35 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-28 19:35 . 2013-12-28 19:35 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-28 19:35 . 2013-12-28 19:35 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-28 19:35 . 2013-12-28 19:35 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-28 19:35 . 2013-12-28 19:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-28 19:35 . 2013-12-28 19:35 413696 ----a-w- c:\windows\system32\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-28 19:35 . 2013-12-28 19:35 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-28 19:35 . 2013-12-28 19:35 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-28 19:35 . 2013-12-28 19:35 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-28 19:35 . 2013-12-28 19:35 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-28 19:35 . 2013-12-28 19:35 235520 ----a-w- c:\windows\system32\url.dll
2013-12-28 19:35 . 2013-12-28 19:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-28 19:35 . 2013-12-28 19:35 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-28 19:35 . 2013-12-28 19:35 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-11 16:30 . 2012-04-01 15:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 16:30 . 2012-04-01 15:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-29 21:28 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-29 21:28 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-29 21:28 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-29 21:28 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-29 21:28 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-29 21:28 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-29 21:28 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-29 21:28 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-29 21:28 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-29 21:28 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-29 21:28 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-29 21:28 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-29 21:28 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-29 21:28 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-29 21:28 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-29 21:28 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-29 21:28 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-29 21:28 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-29 21:28 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-29 21:28 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-29 21:28 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-29 21:28 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 14:18 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 14:18 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 14:18 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 14:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-07 15:00 . 2012-09-02 18:36 82896128 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdatp.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 16:30]
.
2014-01-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job
- c:\users\Samerko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-13 16:42]
.
2014-01-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job
- c:\users\Samerko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-13 16:42]
.
2014-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 20:23]
.
2014-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 20:23]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job
- c:\users\Samerko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-01 15:29]
.
2014-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job
- c:\users\Samerko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-01 15:29]
.
2014-01-31 c:\windows\Tasks\Wise Care 365.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-08-21 12:57]
.
2014-01-29 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-08-21 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-16 4090824]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.yahoo.com/?fr=avantsearch6
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Upload to Facebook - c:\program files (x86)\WebcamMax\share\iecontext.htm
FF - ProfilePath - c:\users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,6e,df,
93,b7,8b,eb,08,91,4f,cb,e8,45,6f,3d,2a
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,28,b5,
02,2c,88,3d,01,8c,88,2a,46,04,49,ea,46
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cb,24,
8e,33,18,d0,01,97,c1,15,24,77,4e,25,d3
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,3b,1b,ed,a5,b8,
a5,6f,ae,16,0b,92,3e,44,ab,9e,55,92,b9
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,21,da,
cc,7b,ad,2f,0c,81,83,47,9c,2e,7e,85,5a
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,3b,1b,4b,dc,f2,
f0,29,35,b3,5a,85,7f,44,53,21,81,de,52
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,3b,1b,4c,dc,f2,
f0,29,35,b3,5a,85,7f,44,53,21,81,de,52
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"=hex:51,66,7a,6c,4c,1d,3b,1b,12,a5,e6,
f5,a5,c4,35,07,9c,86,ff,59,8e,7b,cb,f7
"{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}"=hex:51,66,7a,6c,4c,1d,3b,1b,fc,f7,da,
3b,01,03,d3,0a,92,55,66,9d,c9,ed,ca,35
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,87,9c,
86,1c,10,b2,02,80,da,98,c6,6a,ae,3b,a9
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,c8,f8,
30,75,0c,f6,01,ad,bb,50,2b,f9,44,27,2e
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,39,
53,8f,3d,15,0c,89,f8,b9,9b,04,73,3f,60
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-31 20:26:09
ComboFix-quarantined-files.txt 2014-01-31 19:26
ComboFix2.txt 2014-01-30 15:07
.
Pre-Run: 91 422 117 888 bytes free
Post-Run: 91 172 171 776 bytes free
.
- - End Of File - - 09C8141417A2BA921FC07752FCFD00CF

ale ako vidím stále je ten MSE ale neviem ja som ho aj odištaloval tym fix it a nič ja som ho kedysi odištaloval tak nechápem ako ho stále možem mať

Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Re: Otázka Kontrola logu

Kdo je online