Otázka Kontrola logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod jaro3 » 01 úno 2014 09:51

Už je tam ale jen záznam v security center , odmažeme..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
SecCenter::
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\users\Samerko\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update
c:\users\Samerko\AppData\Local\Google\Update

Driver::
SkypeUpdate

DDS::
uStart Page = hxxp://search.yahoo.com/?fr=avantsearch6
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}

RegLock::
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,6e,df,
 93,b7,8b,eb,08,91,4f,cb,e8,45,6f,3d,2a
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,28,b5,
 02,2c,88,3d,01,8c,88,2a,46,04,49,ea,46
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cb,24,
 8e,33,18,d0,01,97,c1,15,24,77,4e,25,d3
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,3b,1b,ed,a5,b8,
 a5,6f,ae,16,0b,92,3e,44,ab,9e,55,92,b9
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,21,da,
 cc,7b,ad,2f,0c,81,83,47,9c,2e,7e,85,5a
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,3b,1b,4b,dc,f2,
 f0,29,35,b3,5a,85,7f,44,53,21,81,de,52
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,3b,1b,4c,dc,f2,
 f0,29,35,b3,5a,85,7f,44,53,21,81,de,52
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"=hex:51,66,7a,6c,4c,1d,3b,1b,12,a5,e6,
 f5,a5,c4,35,07,9c,86,ff,59,8e,7b,cb,f7
"{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}"=hex:51,66,7a,6c,4c,1d,3b,1b,fc,f7,da,
 3b,01,03,d3,0a,92,55,66,9d,c9,ed,ca,35
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,87,9c,
 86,1c,10,b2,02,80,da,98,c6,6a,ae,3b,a9
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,c8,f8,
 30,75,0c,f6,01,ad,bb,50,2b,f9,44,27,2e
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,39,
 53,8f,3d,15,0c,89,f8,b9,9b,04,73,3f,60
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
 6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
 65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
 68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
 61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
 6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\drivers\vasdDev.sys
c:\windows\system32\acovcnt.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 01 úno 2014 14:14

Combofix malo by to byť vymazané:

ComboFix 13-11-07.01 - Samerko . 02. 2014 13:32:36.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4072.2722 [GMT 1:00]
Running from: c:\users\Samerko\Desktop\ComboFix.exe
Command switches used :: c:\users\Samerko\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1676706566-1539175069-4259669011-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.22.3\goopdate.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.22.3\psmachine.dll
c:\program files (x86)\Google\Update\1.3.22.3\psuser.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Samerko\AppData\Local\Facebook\Update
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Samerko\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Samerko\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\Samerko\AppData\Local\Google\Update
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdate.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_am.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_da.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_de.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_el.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_en.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_es.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_et.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_id.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_is.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_it.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_no.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_te.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_th.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\psmachine.dll
c:\users\Samerko\AppData\Local\Google\Update\1.3.22.3\psuser.dll
c:\users\Samerko\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\users\Samerko\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe
c:\users\Samerko\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2014-01-01 to 2014-02-01 )))))))))))))))))))))))))))))))
.
.
2014-02-01 12:47 . 2014-02-01 12:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\Avant Downloader
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\Avant Profiles
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\program files (x86)\Avant Browser
2014-01-29 14:52 . 2014-01-29 14:52 -------- d-----w- c:\program files\ESET
2014-01-28 12:04 . 2014-01-28 12:04 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-01-21 13:28 . 2014-01-21 13:29 -------- d-----w- C:\php
2014-01-20 17:49 . 2012-03-19 14:12 1454896 ----a-w- c:\windows\system32\drivers\vasdDev.sys
2014-01-18 17:46 . 2014-01-18 17:46 31648 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2014-01-18 17:45 . 2014-01-18 17:46 -------- d-----w- c:\program files\HWiNFO64
2014-01-13 20:20 . 2014-01-13 20:20 -------- d-----w- c:\users\Samerko\.smtube
2014-01-13 20:16 . 2014-01-22 18:27 -------- d-----w- c:\users\Samerko\.smplayer
2014-01-13 20:15 . 2014-01-13 20:16 -------- d-----w- c:\program files\SMPlayer
2014-01-12 12:54 . 2014-01-12 12:57 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-31 19:00 . 2012-03-15 14:09 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-01-31 14:56 . 2013-09-28 20:08 948 ----a-w- C:\FixitRegBackup.reg
2013-12-28 19:35 . 2013-12-28 19:35 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-28 19:35 . 2013-12-28 19:35 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-28 19:35 . 2013-12-28 19:35 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-28 19:35 . 2013-12-28 19:35 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-28 19:35 . 2013-12-28 19:35 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-28 19:35 . 2013-12-28 19:35 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-28 19:35 . 2013-12-28 19:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-28 19:35 . 2013-12-28 19:35 413696 ----a-w- c:\windows\system32\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-28 19:35 . 2013-12-28 19:35 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-28 19:35 . 2013-12-28 19:35 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-28 19:35 . 2013-12-28 19:35 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-28 19:35 . 2013-12-28 19:35 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-28 19:35 . 2013-12-28 19:35 235520 ----a-w- c:\windows\system32\url.dll
2013-12-28 19:35 . 2013-12-28 19:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-28 19:35 . 2013-12-28 19:35 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-28 19:35 . 2013-12-28 19:35 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-16 00:54 . 2014-01-31 19:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18061AD7-6187-4859-86CB-80D142CF028E}\mpengine.dll
2013-12-11 16:30 . 2012-04-01 15:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 16:30 . 2012-04-01 15:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-29 21:28 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-29 21:28 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-29 21:28 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-29 21:28 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-29 21:28 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-29 21:28 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-29 21:28 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-29 21:28 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-29 21:28 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-29 21:28 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-29 21:28 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-29 21:28 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-29 21:28 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-29 21:28 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-29 21:28 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-29 21:28 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-29 21:28 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-29 21:28 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-29 21:28 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-29 21:28 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-29 21:28 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-29 21:28 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 14:18 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 14:18 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 14:18 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 14:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-07 15:00 . 2012-09-02 18:36 82896128 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdatp.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 16:30]
.
2014-02-01 c:\windows\Tasks\Wise Care 365.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-08-21 12:57]
.
2014-01-29 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-08-21 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-16 4090824]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Upload to Facebook - c:\program files (x86)\WebcamMax\share\iecontext.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2014-02-01 13:57:26 - machine was rebooted
ComboFix-quarantined-files.txt 2014-02-01 12:57
ComboFix2.txt 2014-01-31 19:26
ComboFix3.txt 2014-01-30 15:07
.
Pre-Run: 91 261 796 352 bytes free
Post-Run: 90 954 739 712 bytes free
.
- - End Of File - - A20FC8911601C306568725CB50B4F0F3

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:00:08, on 1. 2. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Tor\tor.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\WebcamMax\wcmmon.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Samerko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samerko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samerko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samerko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samerko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Samerko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Upload to Facebook - C:\Program Files (x86)\WebcamMax\share\iecontext.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13034 bytes

aswMBR:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-02-01 14:03:46
-----------------------------
14:03:46.180 OS Version: Windows x64 6.1.7601 Service Pack 1
14:03:46.180 Number of processors: 2 586 0x2A07
14:03:46.180 ComputerName: SAMERKO-PC UserName: Samerko
14:03:47.678 Initialize success
14:03:59.202 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:03:59.202 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
14:03:59.327 Disk 0 MBR read successfully
14:03:59.342 Disk 0 MBR scan
14:03:59.342 Disk 0 Windows 7 default MBR code
14:03:59.342 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
14:03:59.358 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 256054 MB offset 52430848
14:03:59.389 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 328824 MB offset 576829440
14:03:59.420 Disk 0 scanning C:\Windows\system32\drivers
14:04:05.426 Service scanning
14:04:22.618 Modules scanning
14:04:22.633 Disk 0 trace - called modules:
14:04:22.649 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys sptd.sys hal.dll
14:04:22.664 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cb0730]
14:04:22.664 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8004a3ab20]
14:04:22.680 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a40050]
14:04:22.696 Scan finished successfully
14:04:31.322 Disk 0 MBR has been saved successfully to "C:\Users\Samerko\Desktop\MBR.dat"
14:04:31.322 The log file has been saved successfully to "C:\Users\Samerko\Desktop\aswMBR.txt"

Ten posledný mám problém proste tie zložky nechápem tie zložky čo ste napísali v drivers a tak nemám ani jednu z nich.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod jaro3 » 02 úno 2014 10:47

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\vasdDev.sys

RegLock::
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
 6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
 65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
 68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
 61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
 6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 02 úno 2014 12:46

Tu to je combofix log:

ComboFix 13-11-07.01 - Samerko . 02. 2014 12:13:48.6.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4072.2619 [GMT 1:00]
Running from: c:\users\Samerko\Desktop\ComboFix.exe
Command switches used :: c:\users\Samerko\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\vasdDev.sys"
.
.
((((((((((((((((((((((((( Files Created from 2014-01-02 to 2014-02-02 )))))))))))))))))))))))))))))))
.
.
2014-02-02 11:29 . 2014-02-02 11:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-31 19:28 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18061AD7-6187-4859-86CB-80D142CF028E}\mpengine.dll
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\Avant Downloader
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\Avant Profiles
2014-01-30 19:12 . 2014-01-30 19:12 -------- d-----w- c:\program files (x86)\Avant Browser
2014-01-29 14:52 . 2014-01-29 14:52 -------- d-----w- c:\program files\ESET
2014-01-28 12:04 . 2014-01-28 12:04 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-01-21 13:28 . 2014-01-21 13:29 -------- d-----w- C:\php
2014-01-20 17:49 . 2012-03-19 14:12 1454896 ----a-w- c:\windows\system32\drivers\vasdDev.sys
2014-01-18 17:46 . 2014-01-18 17:46 31648 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2014-01-18 17:45 . 2014-01-18 17:46 -------- d-----w- c:\program files\HWiNFO64
2014-01-13 20:20 . 2014-01-13 20:20 -------- d-----w- c:\users\Samerko\.smtube
2014-01-13 20:16 . 2014-01-22 18:27 -------- d-----w- c:\users\Samerko\.smplayer
2014-01-13 20:15 . 2014-01-13 20:16 -------- d-----w- c:\program files\SMPlayer
2014-01-12 12:54 . 2014-01-12 12:57 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-02 09:27 . 2012-03-15 14:09 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-01-31 14:56 . 2013-09-28 20:08 948 ----a-w- C:\FixitRegBackup.reg
2013-12-28 19:35 . 2013-12-28 19:35 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-28 19:35 . 2013-12-28 19:35 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-28 19:35 . 2013-12-28 19:35 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-28 19:35 . 2013-12-28 19:35 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-28 19:35 . 2013-12-28 19:35 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-28 19:35 . 2013-12-28 19:35 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-28 19:35 . 2013-12-28 19:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-28 19:35 . 2013-12-28 19:35 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-28 19:35 . 2013-12-28 19:35 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-28 19:35 . 2013-12-28 19:35 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-28 19:35 . 2013-12-28 19:35 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-28 19:35 . 2013-12-28 19:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-28 19:35 . 2013-12-28 19:35 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-28 19:35 . 2013-12-28 19:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-28 19:35 . 2013-12-28 19:35 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-28 19:35 . 2013-12-28 19:35 413696 ----a-w- c:\windows\system32\html.iec
2013-12-28 19:35 . 2013-12-28 19:35 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-28 19:35 . 2013-12-28 19:35 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-28 19:35 . 2013-12-28 19:35 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-28 19:35 . 2013-12-28 19:35 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-28 19:35 . 2013-12-28 19:35 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-28 19:35 . 2013-12-28 19:35 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-28 19:35 . 2013-12-28 19:35 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-28 19:35 . 2013-12-28 19:35 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-28 19:35 . 2013-12-28 19:35 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-28 19:35 . 2013-12-28 19:35 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-28 19:35 . 2013-12-28 19:35 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-28 19:35 . 2013-12-28 19:35 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-28 19:35 . 2013-12-28 19:35 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-28 19:35 . 2013-12-28 19:35 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-28 19:35 . 2013-12-28 19:35 235520 ----a-w- c:\windows\system32\url.dll
2013-12-28 19:35 . 2013-12-28 19:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-28 19:35 . 2013-12-28 19:35 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-28 19:35 . 2013-12-28 19:35 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-28 19:35 . 2013-12-28 19:35 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-28 19:35 . 2013-12-28 19:35 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-28 19:35 . 2013-12-28 19:35 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-28 19:35 . 2013-12-28 19:35 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-11 16:30 . 2012-04-01 15:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 16:30 . 2012-04-01 15:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-29 21:28 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-29 21:28 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-29 21:28 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-29 21:28 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-29 21:28 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-29 21:28 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-29 21:28 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-29 21:29 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-29 21:28 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-29 21:28 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-29 21:28 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-29 21:28 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-29 21:28 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-29 21:28 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-29 21:28 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-29 21:28 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-29 21:28 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-29 21:28 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-29 21:28 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-29 21:28 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-29 21:28 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-29 21:28 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-29 21:28 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 14:18 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 14:18 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 14:18 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 14:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-07 15:00 . 2012-09-02 18:36 82896128 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdatp.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 16:30]
.
2014-02-02 c:\windows\Tasks\Wise Care 365.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-08-21 12:57]
.
2014-01-29 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-08-21 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-16 4090824]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Upload to Facebook - c:\program files (x86)\WebcamMax\share\iecontext.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Clownfish - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-02-02 12:39:25 - machine was rebooted
ComboFix-quarantined-files.txt 2014-02-02 11:39
ComboFix2.txt 2014-02-01 12:57
ComboFix3.txt 2014-01-31 19:26
ComboFix4.txt 2014-01-30 15:07
.
Pre-Run: 90 919 809 024 bytes free
Post-Run: 90 714 132 480 bytes free
.
- - End Of File - - FA320670975D528C67A11F865F5B2375
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod Orcus » 02 úno 2014 13:02

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Jak to vypadá s problémy + nový log z HJT?
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 02 úno 2014 13:39

DelFix log:

# DelFix v10.6 - Logfile created 02/02/2014 at 13:33:27
# Updated 11/11/2013 by Xplode
# Username : Samerko - SAMERKO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\Users\Samerko\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.2.8.16.0_08.11.2013_22.32.48_log.txt
Deleted : C:\Users\Samerko\Desktop\adwcleaner (1).exe
Deleted : C:\Users\Samerko\Desktop\aswmbr.exe
Deleted : C:\Users\Samerko\Desktop\aswMBR.txt
Deleted : C:\Users\Samerko\Desktop\ComboFix.txt
Deleted : C:\Users\Samerko\Desktop\JRT.exe
Deleted : C:\Users\Samerko\Desktop\HiJackThis.lnk
Deleted : C:\Users\Samerko\Desktop\hjt.txt
Deleted : C:\Users\Samerko\Desktop\MBR.dat
Deleted : C:\Users\Samerko\Desktop\Rkill.txt
Deleted : C:\Users\Samerko\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Samerko\Desktop\SecurityCheck.exe
Deleted : C:\Users\Samerko\Downloads\adwcleaner (1).exe
Deleted : C:\Users\Samerko\Downloads\adwcleaner.exe
Deleted : C:\Users\Samerko\Downloads\aswmbr.exe
Deleted : C:\Users\Samerko\Downloads\ComboFix.exe
Deleted : C:\Users\Samerko\Downloads\JRT.exe
Deleted : C:\Users\Samerko\Downloads\HiJackThis (1).msi
Deleted : C:\Users\Samerko\Downloads\HiJackThis.msi
Deleted : C:\Users\Samerko\Downloads\rkill.com
Deleted : C:\Users\Samerko\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Samerko\Downloads\SecurityCheck.exe
Deleted : C:\Users\Samerko\Downloads\tdsskiller.zip
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #362 [ComboFix created restore point | 02/02/2014 12:12:04]

New restore point created !

########## - EOF - ##########

No problémy neviem trošku lepšie aj povedané
Ten HJT mám naištalovaný ale nejde mi proste ho spustiť nejaký error či čo tak ho nemám ako dať.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod jaro3 » 03 úno 2014 10:16

HJT musíš spustit jako správce.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 03 úno 2014 12:43

OLT.Txt
nemestí sa to sem tu je dowland:
http://uloz.to/xG6aveW4/otl-txt(HESLO: pchelp)

Extras.TxT
tiež je to moc velké tu je dowland:
http://uloz.to/xxeaRGU8/extras-txt (HESLO: pchelp)

HJT neviem nejde mi ani tak ani tak nejde mi kde je v akom subore lebo nikde mi nejde otvoriť ako zástupcu
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod jaro3 » 03 úno 2014 19:00

HJT ..klikni na něj pravým a z nabídky vyber "spustit jako správce".

OTL vlož sem do více příspěvků.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 04 úno 2014 14:19

HJT nikde nič také mi neukazuje ani v štarte ani na odkaze to chápem ale ten pravy subor ani tam
Naposledy upravil(a) SamerLP dne 04 úno 2014 14:27, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 04 úno 2014 14:22

OLT:

OTL logfile created on: 3. 2. 2014 12:13:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Samerko\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,98 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 67,05% Memory free
7,95 Gb Paging File | 6,32 Gb Available in Paging File | 79,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 250,05 Gb Total Space | 93,54 Gb Free Space | 37,41% Space Free | Partition Type: NTFS
Drive D: | 321,12 Gb Total Space | 60,68 Gb Free Space | 18,90% Space Free | Partition Type: NTFS
Drive F: | 0,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SAMERKO-PC | User Name: Samerko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Samerko\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Tor\tor.exe ()
PRC - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe (WiseCleaner.com)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
Nahoru
Uživatelský avatar
SamerLP
Level 4.5
Level 4.5
Příspěvky: 1746
Registrován: srpen 13
Pohlaví: Muž
Stav:
Offline

Re: Otázka Kontrola logu

Příspěvekod SamerLP » 04 úno 2014 14:23

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (NitroReaderDriverReadSpool2) -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (tor) -- C:\Program Files (x86)\Tor\tor.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WiseBootAssistant) -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe (WiseCleaner.com)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (FirebirdGuardianDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
SRV - (FirebirdServerDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 89 hostů