Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problém Chrome - Facebook

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#31 Příspěvek od wedders »

IE,Opera, MF - nič...Chrome mi naskočil ale akonáhle som klikol niekam len načítavalo keď som dal obnoviť stránku nič...(takto som sa na chvíľu aj pred tým vedel dostať - ale po chvíli nič bez reakcie...) :(
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#32 Příspěvek od stell »

daj log z Combofix
http://www.bleepingcomputer.com/combofi ... t-combofix
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#33 Příspěvek od wedders »

Kód: Vybrat vše

ComboFix 12-06-16.02 - Tomík . 06. 2012  13:05:12.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.421.1051.18.4010.2413 [GMT 2:00]
Running from: c:\users\TomÝk\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-18 to 2012-06-18  )))))))))))))))))))))))))))))))
.
.
2012-06-18 09:57 . 2012-06-18 09:58	--------	d-----w-	c:\program files (x86)\Ask.com
2012-06-18 09:57 . 2012-05-02 13:24	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-06-18 09:57 . 2012-04-27 08:20	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-06-18 09:57 . 2012-04-24 22:32	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-06-18 09:57 . 2012-06-18 09:58	--------	d-----w-	c:\programdata\Avira
2012-06-18 09:57 . 2012-06-18 09:57	--------	d-----w-	c:\program files (x86)\Avira
2012-06-18 07:37 . 2012-06-18 07:37	--------	d-----w-	c:\programdata\Malwarebytes
2012-06-18 07:37 . 2012-06-18 07:37	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-18 07:37 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-17 19:37 . 2012-06-17 19:37	--------	d-----w-	C:\_OTL
2012-06-17 11:24 . 2012-05-14 23:41	8955792	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B8AA522E-DE23-499F-9287-AF80F557F6E9}\mpengine.dll
2012-06-15 03:21 . 2011-09-06 08:39	174640	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-14 07:45 . 2012-06-14 07:45	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-06-14 07:45 . 2012-06-14 07:45	--------	d-----w-	c:\program files (x86)\Oracle
2012-06-14 07:44 . 2012-05-04 17:29	687504	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-06-14 07:44 . 2012-05-04 17:29	772504	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-06-14 07:44 . 2012-06-14 07:44	--------	d-----w-	c:\program files (x86)\Java
2012-06-13 21:20 . 2012-06-17 21:37	--------	d-----w-	c:\program files\NETGATE
2012-06-13 19:05 . 2012-06-14 19:30	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 19:05 . 2012-06-14 19:30	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-13 07:16 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-06-13 07:16 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-06-13 06:54 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-13 06:54 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-13 06:54 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-13 06:54 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-13 06:54 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-13 06:54 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-13 06:54 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-12 11:11 . 2012-06-12 11:11	--------	d-----w-	c:\programdata\RELOADED
2012-06-09 13:25 . 2012-06-09 13:25	--------	d-----w-	c:\users\Public\CyberLink
2012-06-09 12:49 . 2012-06-09 12:51	--------	d-----w-	c:\program files (x86)\Common Files\Nero
2012-06-09 12:48 . 2012-06-09 12:55	--------	d-----w-	c:\programdata\Nero
2012-06-09 12:44 . 2011-12-01 09:42	15920	----a-w-	c:\windows\system32\drivers\NBVolUp.sys
2012-06-09 12:44 . 2012-06-09 12:55	--------	d-----w-	c:\program files (x86)\Nero
2012-06-09 12:44 . 2012-06-09 12:44	--------	dc----w-	c:\windows\system32\DRVSTORE
2012-06-09 12:44 . 2011-12-01 09:42	72240	----a-w-	c:\windows\system32\drivers\NBVol.sys
2012-06-09 11:46 . 2012-06-09 11:46	--------	d-----w-	c:\program files\MediaInfo
2012-06-08 19:21 . 2012-06-08 19:22	--------	d-----w-	c:\programdata\DVD Shrink
2012-06-08 19:21 . 2012-06-08 19:21	--------	d-----w-	c:\program files (x86)\DVD Shrink
2012-06-02 23:46 . 2012-06-02 23:46	--------	d-----w-	c:\programdata\Intel
2012-06-02 16:16 . 2012-06-02 16:16	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-06-02 16:08 . 2012-05-26 10:36	204800	----a-w-	c:\windows\system32\unrar64.dll
2012-06-02 16:08 . 2012-06-02 16:08	--------	d-----w-	c:\program files\MPC-HC
2012-06-02 13:43 . 2012-06-02 13:43	--------	d-----w-	c:\windows\SysWow64\Wat
2012-06-02 13:43 . 2012-06-02 13:43	--------	d-----w-	c:\windows\system32\Wat
2012-06-02 13:23 . 2012-06-02 13:23	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2012-06-01 23:11 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-06-01 23:11 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-06-01 23:11 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-06-01 23:11 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-06-01 23:11 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-06-01 23:11 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-06-01 23:11 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-06-01 23:08 . 2011-10-01 05:45	886784	----a-w-	c:\program files\Common Files\System\wab32.dll
2012-06-01 23:08 . 2011-10-01 04:37	708608	----a-w-	c:\program files (x86)\Common Files\System\wab32.dll
2012-06-01 23:08 . 2011-12-30 06:26	515584	----a-w-	c:\windows\system32\timedate.cpl
2012-06-01 23:08 . 2012-03-17 07:58	75120	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-06-01 23:08 . 2011-12-30 05:27	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2012-06-01 23:08 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-06-01 23:08 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-06-01 23:08 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2012-06-01 23:08 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2012-06-01 20:46 . 2012-06-01 20:46	--------	d-----w-	c:\programdata\ALM
2012-06-01 20:45 . 2012-06-01 20:45	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2012-06-01 20:44 . 2012-06-01 20:44	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-06-01 20:26 . 2012-06-01 20:59	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2012-06-01 20:22 . 2012-06-01 20:26	--------	d-----w-	c:\program files\Common Files\Adobe
2012-06-01 20:22 . 2012-06-01 20:47	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-06-01 20:06 . 2012-06-01 20:06	560184	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-06-01 20:04 . 2012-06-01 20:14	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2012-06-01 18:01 . 2012-06-01 18:01	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-06-01 18:00 . 2012-06-02 16:25	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2012-06-01 17:59 . 2012-06-01 17:59	--------	d-----w-	c:\program files\Microsoft Analysis Services
2012-06-01 17:59 . 2012-06-01 17:59	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2012-06-01 17:58 . 2012-06-13 06:57	--------	d-----w-	c:\programdata\Microsoft Help
2012-06-01 17:58 . 2012-06-01 17:58	--------	d-----r-	C:\MSOCache
2012-06-01 17:42 . 2012-06-01 17:42	--------	d-----w-	c:\programdata\Media Get LLC
2012-06-01 17:41 . 2012-06-01 17:41	--------	d-----w-	c:\programdata\IBUpdaterService
2012-06-01 17:34 . 2012-06-01 17:34	--------	d-----w-	c:\program files (x86)\MusicJet
2012-06-01 17:34 . 2012-06-01 17:34	--------	dc-h--w-	c:\programdata\{8890AAED-0271-4F75-ABAA-79FDD6B94AD2}
2012-06-01 17:33 . 2012-06-01 17:33	--------	d-----w-	c:\program files (x86)\uTorrent
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\windows\SysWow64\spool
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\programdata\Sony
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\program files (x86)\Sony
2012-06-01 16:53 . 2012-06-01 16:53	--------	d-----w-	c:\program files (x86)\DsNET Corp
2012-06-01 16:50 . 2012-06-12 17:34	--------	d-----w-	c:\program files (x86)\JDownloader
2012-06-01 16:49 . 2012-06-01 16:49	--------	d-----w-	c:\programdata\Ask
2012-06-01 16:47 . 2012-06-01 16:47	--------	d-----w-	c:\program files (x86)\Foxit Software
2012-06-01 16:44 . 2012-06-01 16:44	8769696	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-06-01 16:43 . 2012-06-01 16:43	--------	d-----w-	c:\program files (x86)\PhotoScape
2012-06-01 16:40 . 2012-06-01 16:40	--------	d-----w-	c:\program files (x86)\PANDORA.TV
2012-06-01 16:40 . 2012-06-01 16:41	--------	d-----w-	c:\program files (x86)\The KMPlayer
2012-06-01 16:39 . 2012-06-11 18:09	--------	d-----w-	c:\program files (x86)\AIMP3
2012-06-01 16:37 . 2012-06-01 16:37	--------	d-----w-	c:\program files (x86)\Mp3tag
2012-06-01 16:32 . 2012-06-01 16:32	--------	d-----w-	c:\program files (x86)\Opera
2012-06-01 16:26 . 2012-06-01 16:26	--------	d-----w-	c:\programdata\McAfee
2012-06-01 16:26 . 2012-06-01 16:26	--------	d-----w-	c:\windows\system32\Macromed
2012-06-01 16:24 . 2012-06-01 16:24	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-06-01 16:18 . 2012-06-01 16:18	--------	d--h--w-	c:\programdata\Common Files
2012-06-01 16:10 . 2012-06-01 16:45	--------	d-----w-	c:\program files (x86)\ICQ7M
2012-06-01 15:33 . 2012-06-01 15:33	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-06-01 14:53 . 2012-06-01 14:53	--------	d-----w-	c:\program files\CCleaner
2012-06-01 14:20 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-06-01 14:20 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-06-01 14:20 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-06-01 14:16 . 2012-06-01 15:33	--------	d-----r-	c:\program files (x86)\Skype
2012-06-01 14:15 . 2012-06-08 15:24	--------	d-----w-	c:\programdata\Skype
2012-06-01 14:15 . 2012-06-01 14:15	--------	d-----w-	c:\program files\Elantech
2012-06-01 14:14 . 2012-06-01 14:16	--------	d-----w-	c:\users\Tomík
2012-06-01 14:12 . 2012-06-01 14:12	--------	d-----w-	C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-01 14:14 . 2010-06-24 02:33	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-29 1519312]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-05-29 15:25	1519312	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-29 1519312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-05-29 1564880]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-04 1997416]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 19:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-12 12558440]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-02 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-02 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-02 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\mvob3y62.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&locale=en_SK&apn_uid=2b2a0d97-51c4-4f10-b13b-0a95633cb59c&apn_ptnrs=%5EABZ&apn_sauid=6F256DAC-5A60-43DC-8BBD-AF888BD722F0&apn_dtid=%5EYYYYYY%5EYY%5ESK&&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
.
**************************************************************************
.
Completion time: 2012-06-18  13:21:42 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-18 11:21
.
Pre-Run: 222 196 453 376 bytes free
Post-Run: 221 963 890 688 bytes free
.
- - End Of File - - 493BD2F3EF1F64DE8EA67945068C53CA
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#34 Příspěvek od stell »

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex:

Kód: Vybrat vše

KILLALL::
Folder::
c:\program files (x86)\Ask.com
c:\program files\NETGATE
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"AdobeCS5ServiceManager"=-
"NBAgent"=-
"SunJavaUpdateSched"=-
"Malwarebytes' Anti-Malware"=-
"ApnUpdater"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
Driver::
SpyEmrg
SkypeUpdate
SpyEmrgGuard
Extra::
FireFox::
FF - ProfilePath - c:\users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\mvob3y62.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&locale=en_SK&apn_uid=2b2a0d97-51c4-4f10-b13b-0a95633cb59c&apn_ptnrs=%5EABZ&apn_sauid=6F256DAC-5A60-43DC-8BBD-AF888BD722F0&apn_dtid=%5EYYYYYY%5EYY%5ESK&&q=
RegLock:: 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
ClearJavaCache::
Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož sem .log
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#35 Příspěvek od wedders »

Kód: Vybrat vše

ComboFix 12-06-16.02 - Tomík . 06. 2012  14:13:03.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.421.1051.18.4010.2481 [GMT 2:00]
Running from: c:\users\TomÝk\Desktop\ComboFix.exe
Command switches used :: c:\users\TomÝk\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-18 to 2012-06-18  )))))))))))))))))))))))))))))))
.
.
2012-06-18 12:22 . 2012-06-18 12:22	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-06-18 12:22 . 2012-06-18 12:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-06-18 09:57 . 2012-06-18 09:58	--------	d-----w-	c:\program files (x86)\Ask.com
2012-06-18 09:57 . 2012-05-02 13:24	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-06-18 09:57 . 2012-04-27 08:20	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-06-18 09:57 . 2012-04-24 22:32	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-06-18 09:57 . 2012-06-18 09:58	--------	d-----w-	c:\programdata\Avira
2012-06-18 09:57 . 2012-06-18 09:57	--------	d-----w-	c:\program files (x86)\Avira
2012-06-18 07:37 . 2012-06-18 07:37	--------	d-----w-	c:\programdata\Malwarebytes
2012-06-18 07:37 . 2012-06-18 07:37	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-18 07:37 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-17 19:37 . 2012-06-17 19:37	--------	d-----w-	C:\_OTL
2012-06-17 11:24 . 2012-05-14 23:41	8955792	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B8AA522E-DE23-499F-9287-AF80F557F6E9}\mpengine.dll
2012-06-15 03:21 . 2011-09-06 08:39	174640	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-14 07:45 . 2012-06-14 07:45	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-06-14 07:45 . 2012-06-14 07:45	--------	d-----w-	c:\program files (x86)\Oracle
2012-06-14 07:44 . 2012-05-04 17:29	687504	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-06-14 07:44 . 2012-05-04 17:29	772504	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-06-14 07:44 . 2012-06-14 07:44	--------	d-----w-	c:\program files (x86)\Java
2012-06-13 21:20 . 2012-06-17 21:37	--------	d-----w-	c:\program files\NETGATE
2012-06-13 19:05 . 2012-06-14 19:30	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 19:05 . 2012-06-14 19:30	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-13 07:16 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-06-13 07:16 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-06-13 06:54 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-13 06:54 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-13 06:54 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-13 06:54 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-13 06:54 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-13 06:54 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-13 06:54 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-12 11:11 . 2012-06-12 11:11	--------	d-----w-	c:\programdata\RELOADED
2012-06-09 13:25 . 2012-06-09 13:25	--------	d-----w-	c:\users\Public\CyberLink
2012-06-09 12:49 . 2012-06-09 12:51	--------	d-----w-	c:\program files (x86)\Common Files\Nero
2012-06-09 12:48 . 2012-06-09 12:55	--------	d-----w-	c:\programdata\Nero
2012-06-09 12:44 . 2011-12-01 09:42	15920	----a-w-	c:\windows\system32\drivers\NBVolUp.sys
2012-06-09 12:44 . 2012-06-09 12:55	--------	d-----w-	c:\program files (x86)\Nero
2012-06-09 12:44 . 2012-06-09 12:44	--------	dc----w-	c:\windows\system32\DRVSTORE
2012-06-09 12:44 . 2011-12-01 09:42	72240	----a-w-	c:\windows\system32\drivers\NBVol.sys
2012-06-09 11:46 . 2012-06-09 11:46	--------	d-----w-	c:\program files\MediaInfo
2012-06-08 19:21 . 2012-06-08 19:22	--------	d-----w-	c:\programdata\DVD Shrink
2012-06-08 19:21 . 2012-06-08 19:21	--------	d-----w-	c:\program files (x86)\DVD Shrink
2012-06-02 23:46 . 2012-06-02 23:46	--------	d-----w-	c:\programdata\Intel
2012-06-02 16:16 . 2012-06-02 16:16	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-06-02 16:08 . 2012-05-26 10:36	204800	----a-w-	c:\windows\system32\unrar64.dll
2012-06-02 16:08 . 2012-06-02 16:08	--------	d-----w-	c:\program files\MPC-HC
2012-06-02 13:43 . 2012-06-02 13:43	--------	d-----w-	c:\windows\SysWow64\Wat
2012-06-02 13:43 . 2012-06-02 13:43	--------	d-----w-	c:\windows\system32\Wat
2012-06-02 13:23 . 2012-06-02 13:23	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2012-06-01 23:11 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-06-01 23:11 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-06-01 23:11 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-06-01 23:11 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-06-01 23:11 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-06-01 23:11 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-06-01 23:11 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-06-01 23:08 . 2011-10-01 05:45	886784	----a-w-	c:\program files\Common Files\System\wab32.dll
2012-06-01 23:08 . 2011-10-01 04:37	708608	----a-w-	c:\program files (x86)\Common Files\System\wab32.dll
2012-06-01 23:08 . 2011-12-30 06:26	515584	----a-w-	c:\windows\system32\timedate.cpl
2012-06-01 23:08 . 2012-03-17 07:58	75120	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-06-01 23:08 . 2011-12-30 05:27	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2012-06-01 23:08 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-06-01 23:08 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-06-01 23:08 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2012-06-01 23:08 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2012-06-01 20:46 . 2012-06-01 20:46	--------	d-----w-	c:\programdata\ALM
2012-06-01 20:45 . 2012-06-01 20:45	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2012-06-01 20:44 . 2012-06-01 20:44	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-06-01 20:26 . 2012-06-01 20:59	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2012-06-01 20:22 . 2012-06-01 20:26	--------	d-----w-	c:\program files\Common Files\Adobe
2012-06-01 20:22 . 2012-06-01 20:47	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-06-01 20:06 . 2012-06-01 20:06	560184	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-06-01 20:04 . 2012-06-01 20:14	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2012-06-01 18:01 . 2012-06-01 18:01	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-06-01 18:00 . 2012-06-02 16:25	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2012-06-01 17:59 . 2012-06-01 17:59	--------	d-----w-	c:\program files\Microsoft Analysis Services
2012-06-01 17:59 . 2012-06-01 17:59	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2012-06-01 17:58 . 2012-06-13 06:57	--------	d-----w-	c:\programdata\Microsoft Help
2012-06-01 17:58 . 2012-06-01 17:58	--------	d-----r-	C:\MSOCache
2012-06-01 17:42 . 2012-06-01 17:42	--------	d-----w-	c:\programdata\Media Get LLC
2012-06-01 17:41 . 2012-06-01 17:41	--------	d-----w-	c:\programdata\IBUpdaterService
2012-06-01 17:34 . 2012-06-01 17:34	--------	d-----w-	c:\program files (x86)\MusicJet
2012-06-01 17:34 . 2012-06-01 17:34	--------	dc-h--w-	c:\programdata\{8890AAED-0271-4F75-ABAA-79FDD6B94AD2}
2012-06-01 17:33 . 2012-06-01 17:33	--------	d-----w-	c:\program files (x86)\uTorrent
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\windows\SysWow64\spool
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\programdata\Sony
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\program files (x86)\Sony
2012-06-01 16:53 . 2012-06-01 16:53	--------	d-----w-	c:\program files (x86)\DsNET Corp
2012-06-01 16:50 . 2012-06-12 17:34	--------	d-----w-	c:\program files (x86)\JDownloader
2012-06-01 16:49 . 2012-06-01 16:49	--------	d-----w-	c:\programdata\Ask
2012-06-01 16:47 . 2012-06-01 16:47	--------	d-----w-	c:\program files (x86)\Foxit Software
2012-06-01 16:44 . 2012-06-01 16:44	8769696	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-06-01 16:43 . 2012-06-01 16:43	--------	d-----w-	c:\program files (x86)\PhotoScape
2012-06-01 16:40 . 2012-06-01 16:40	--------	d-----w-	c:\program files (x86)\PANDORA.TV
2012-06-01 16:40 . 2012-06-01 16:41	--------	d-----w-	c:\program files (x86)\The KMPlayer
2012-06-01 16:39 . 2012-06-11 18:09	--------	d-----w-	c:\program files (x86)\AIMP3
2012-06-01 16:37 . 2012-06-01 16:37	--------	d-----w-	c:\program files (x86)\Mp3tag
2012-06-01 16:32 . 2012-06-01 16:32	--------	d-----w-	c:\program files (x86)\Opera
2012-06-01 16:26 . 2012-06-01 16:26	--------	d-----w-	c:\programdata\McAfee
2012-06-01 16:26 . 2012-06-01 16:26	--------	d-----w-	c:\windows\system32\Macromed
2012-06-01 16:24 . 2012-06-01 16:24	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-06-01 16:18 . 2012-06-01 16:18	--------	d--h--w-	c:\programdata\Common Files
2012-06-01 16:10 . 2012-06-01 16:45	--------	d-----w-	c:\program files (x86)\ICQ7M
2012-06-01 15:33 . 2012-06-01 15:33	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-06-01 14:53 . 2012-06-01 14:53	--------	d-----w-	c:\program files\CCleaner
2012-06-01 14:20 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-06-01 14:20 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-06-01 14:20 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-06-01 14:16 . 2012-06-01 15:33	--------	d-----r-	c:\program files (x86)\Skype
2012-06-01 14:15 . 2012-06-08 15:24	--------	d-----w-	c:\programdata\Skype
2012-06-01 14:15 . 2012-06-01 14:15	--------	d-----w-	c:\program files\Elantech
2012-06-01 14:14 . 2012-06-01 14:16	--------	d-----w-	c:\users\Tomík
2012-06-01 14:12 . 2012-06-01 14:12	--------	d-----w-	C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-01 14:14 . 2010-06-24 02:33	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-06-18_11.16.47   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-06-18 11:26	42452              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-18 11:26	37782              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-06-01 14:15 . 2012-06-18 11:26	6308              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1571869238-3936240484-2151935606-1001_UserData.bin
- 2012-06-18 11:16 . 2012-06-18 11:16	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-18 12:23 . 2012-06-18 12:23	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-18 11:16 . 2012-06-18 11:16	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-18 12:23 . 2012-06-18 12:23	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-06-18 11:28	616008              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-18 10:00	616008              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-18 11:28	106388              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-18 10:00	106388              c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2012-06-18 11:15	482304              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-18 12:22	482304              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-06-01 18:53 . 2012-06-18 12:22	16834012              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1571869238-3936240484-2151935606-1001-8192.dat
- 2012-06-01 18:53 . 2012-06-18 11:15	16834012              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1571869238-3936240484-2151935606-1001-8192.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-29 1519312]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-05-29 15:25	1519312	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-29 1519312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-05-29 1564880]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-04 1997416]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 19:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-12 12558440]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-02 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-02 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-02 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\mvob3y62.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&locale=en_SK&apn_uid=2b2a0d97-51c4-4f10-b13b-0a95633cb59c&apn_ptnrs=%5EABZ&apn_sauid=6F256DAC-5A60-43DC-8BBD-AF888BD722F0&apn_dtid=%5EYYYYYY%5EYY%5ESK&&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
.
**************************************************************************
.
Completion time: 2012-06-18  14:28:40 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-18 12:28
ComboFix2.txt  2012-06-18 11:21
.
Pre-Run: 221 895 401 472 bytes free
Post-Run: 221 825 724 416 bytes free
.
- - End Of File - - 35508F0640788018E20DB6867795C6F9
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#36 Příspěvek od stell »

no combofix zlyhal, nic nezmazal,
Takze premiestnis ikonu combofixu priamo na C:\ a zopakujes celu proceduru s CFScript.txt.
log potom vloz sem.
Predtym ale pingneme facebook.
takze teraz stiahni tento batak na plochu a spust, otvori sa ti textovy document, obsah vloz sem.
a potom zopakuj akciu combofixom, tak ako som napisal.

BATAK
http://mysharegadget.com/file/437112012 ... 6695860/cs
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#37 Příspěvek od wedders »

Kód: Vybrat vše

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Tomˇk-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : chello.sk

Wireless LAN adapter Pripojenie bezdr“tovej siete 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : DC-A9-71-57-FB-4E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Pripojenie bezdr“tovej siete:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 130
   Physical Address. . . . . . . . . : DC-A9-71-57-FB-4D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Lok lne pripojenie:

   Connection-specific DNS Suffix  . : chello.sk
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E8-11-32-D3-54-4A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a7:a354:d917:cec8%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 85.216.202.154(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 18. jŁna 2012 14:30:07
   Lease Expires . . . . . . . . . . : 20. jŁna 2012 13:21:18
   Default Gateway . . . . . . . . . : 85.216.202.1
   DHCP Server . . . . . . . . . . . : 217.23.240.20
   DHCPv6 IAID . . . . . . . . . . . : 300421426
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F7-91-BA-E8-11-32-69-88-C8
   DNS Servers . . . . . . . . . . . : 195.34.133.21
                                       212.186.211.21
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Sieśov‚ pripojenie Bluetooth:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : DC-A9-71-57-FB-51
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.chello.sk:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : chello.sk
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . : chello.sk
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:55d8:ca9a::55d8:ca9a(Preferred) 
   Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
   DNS Servers . . . . . . . . . . . : 195.34.133.21
                                       212.186.211.21
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{2092781E-D341-476E-A3BB-9E2E397DB080}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3476:188c:aa27:3565(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3476:188c:aa27:3565%17(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{D3956EF5-171B-4DCA-8B6A-9CBBFA74A098}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2271EA09-7B23-4A91-A655-8283B759D2E7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  viedns09.chello.at
Address:  195.34.133.21

Name:    facebook.com
Addresses:  2a03:2880:10:1f02:face:b00c:0:25
	  2a03:2880:2110:3f01:face:b00c::
	  2a03:2880:10:8f01:face:b00c:0:25
	  69.171.242.11
	  66.220.158.11
	  66.220.149.11
	  69.171.229.11
	  69.171.224.37


Pinging facebook.com [69.171.242.11] with 32 bytes of data:
Reply from 69.171.242.11: bytes=32 time=112ms TTL=245
Reply from 69.171.242.11: bytes=32 time=115ms TTL=245

Ping statistics for 69.171.242.11:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 112ms, Maximum = 115ms, Average = 113ms

===========================================================================
Interface List
 18...dc a9 71 57 fb 4e ......Microsoft Virtual WiFi Miniport Adapter
 16...dc a9 71 57 fb 4d ......Intel(R) Centrino(R) Wireless-N 130
 13...e8 11 32 d3 54 4a ......Realtek PCIe GBE Family Controller
 12...dc a9 71 57 fb 51 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     85.216.202.1   85.216.202.154     10
     85.216.202.0    255.255.255.0         On-link    85.216.202.154    266
   85.216.202.154  255.255.255.255         On-link    85.216.202.154    266
   85.216.202.255  255.255.255.255         On-link    85.216.202.154    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    85.216.202.154    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    85.216.202.154    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20   1110 ::/0                     2002:c058:6301::c058:6301
  1    306 ::1/128                  On-link
 17     58 2001::/32                On-link
 17    306 2001:0:5ef5:79fb:3476:188c:aa27:3565/128
                                    On-link
 20   1010 2002::/16                On-link
 20    266 2002:55d8:ca9a::55d8:ca9a/128
                                    On-link
 13    266 fe80::/64                On-link
 17    306 fe80::/64                On-link
 13    266 fe80::a7:a354:d917:cec8/128
                                    On-link
 17    306 fe80::3476:188c:aa27:3565/128
                                    On-link
  1    306 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#38 Příspěvek od stell »

ping je ok,
takze sprav log z combofixu a uvidime, ci bude facebook fungovat.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#39 Příspěvek od wedders »

Kód: Vybrat vše

ComboFix 12-06-16.02 - Tomík . 06. 2012  14:53:33.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.421.1051.18.4010.2455 [GMT 2:00]
Running from: C:\ComboFix.exe
Command switches used :: C:\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\AviraBrowserSecurity.exe
c:\program files (x86)\Ask.com\cb_756e.ico
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_624b.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files\NETGATE
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPYEMRG
-------\Legacy_SPYEMRGGUARD
-------\Service_SkypeUpdate
-------\Service_SpyEmrg
-------\Service_SpyEmrgGuard
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-18 to 2012-06-18  )))))))))))))))))))))))))))))))
.
.
2012-06-18 13:02 . 2012-06-18 13:02	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-06-18 09:57 . 2012-05-02 13:24	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-06-18 09:57 . 2012-04-27 08:20	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-06-18 09:57 . 2012-04-24 22:32	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-06-18 09:57 . 2012-06-18 09:58	--------	d-----w-	c:\programdata\Avira
2012-06-18 09:57 . 2012-06-18 09:57	--------	d-----w-	c:\program files (x86)\Avira
2012-06-18 07:37 . 2012-06-18 07:37	--------	d-----w-	c:\programdata\Malwarebytes
2012-06-18 07:37 . 2012-06-18 07:37	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-18 07:37 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-17 19:37 . 2012-06-17 19:37	--------	d-----w-	C:\_OTL
2012-06-17 11:24 . 2012-05-14 23:41	8955792	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B8AA522E-DE23-499F-9287-AF80F557F6E9}\mpengine.dll
2012-06-15 03:21 . 2011-09-06 08:39	174640	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-14 07:45 . 2012-06-14 07:45	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-06-14 07:45 . 2012-06-14 07:45	--------	d-----w-	c:\program files (x86)\Oracle
2012-06-14 07:44 . 2012-05-04 17:29	687504	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-06-14 07:44 . 2012-05-04 17:29	772504	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-06-14 07:44 . 2012-06-14 07:44	--------	d-----w-	c:\program files (x86)\Java
2012-06-13 19:05 . 2012-06-14 19:30	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 19:05 . 2012-06-14 19:30	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-13 07:16 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-06-13 07:16 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-06-13 06:54 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-13 06:54 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-13 06:54 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-13 06:54 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-13 06:54 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-13 06:54 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-13 06:54 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-12 11:11 . 2012-06-12 11:11	--------	d-----w-	c:\programdata\RELOADED
2012-06-09 13:25 . 2012-06-09 13:25	--------	d-----w-	c:\users\Public\CyberLink
2012-06-09 12:49 . 2012-06-09 12:51	--------	d-----w-	c:\program files (x86)\Common Files\Nero
2012-06-09 12:48 . 2012-06-09 12:55	--------	d-----w-	c:\programdata\Nero
2012-06-09 12:44 . 2011-12-01 09:42	15920	----a-w-	c:\windows\system32\drivers\NBVolUp.sys
2012-06-09 12:44 . 2012-06-09 12:55	--------	d-----w-	c:\program files (x86)\Nero
2012-06-09 12:44 . 2012-06-09 12:44	--------	dc----w-	c:\windows\system32\DRVSTORE
2012-06-09 12:44 . 2011-12-01 09:42	72240	----a-w-	c:\windows\system32\drivers\NBVol.sys
2012-06-09 11:46 . 2012-06-09 11:46	--------	d-----w-	c:\program files\MediaInfo
2012-06-08 19:21 . 2012-06-08 19:22	--------	d-----w-	c:\programdata\DVD Shrink
2012-06-08 19:21 . 2012-06-08 19:21	--------	d-----w-	c:\program files (x86)\DVD Shrink
2012-06-02 23:46 . 2012-06-02 23:46	--------	d-----w-	c:\programdata\Intel
2012-06-02 16:16 . 2012-06-02 16:16	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-06-02 16:08 . 2012-05-26 10:36	204800	----a-w-	c:\windows\system32\unrar64.dll
2012-06-02 16:08 . 2012-06-02 16:08	--------	d-----w-	c:\program files\MPC-HC
2012-06-02 13:43 . 2012-06-02 13:43	--------	d-----w-	c:\windows\SysWow64\Wat
2012-06-02 13:43 . 2012-06-02 13:43	--------	d-----w-	c:\windows\system32\Wat
2012-06-02 13:23 . 2012-06-02 13:23	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2012-06-01 23:11 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-06-01 23:11 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-06-01 23:11 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-06-01 23:11 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-06-01 23:11 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-06-01 23:11 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-06-01 23:11 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-06-01 23:08 . 2011-10-01 05:45	886784	----a-w-	c:\program files\Common Files\System\wab32.dll
2012-06-01 23:08 . 2011-10-01 04:37	708608	----a-w-	c:\program files (x86)\Common Files\System\wab32.dll
2012-06-01 23:08 . 2011-12-30 06:26	515584	----a-w-	c:\windows\system32\timedate.cpl
2012-06-01 23:08 . 2012-03-17 07:58	75120	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-06-01 23:08 . 2011-12-30 05:27	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2012-06-01 23:08 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-06-01 23:08 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-06-01 23:08 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2012-06-01 23:08 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2012-06-01 20:46 . 2012-06-01 20:46	--------	d-----w-	c:\programdata\ALM
2012-06-01 20:45 . 2012-06-01 20:45	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2012-06-01 20:44 . 2012-06-01 20:44	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-06-01 20:26 . 2012-06-01 20:59	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2012-06-01 20:22 . 2012-06-01 20:26	--------	d-----w-	c:\program files\Common Files\Adobe
2012-06-01 20:22 . 2012-06-01 20:47	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-06-01 20:06 . 2012-06-01 20:06	560184	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-06-01 20:04 . 2012-06-01 20:14	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2012-06-01 18:01 . 2012-06-01 18:01	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-06-01 18:00 . 2012-06-02 16:25	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-06-01 18:00 . 2012-06-01 18:00	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2012-06-01 17:59 . 2012-06-01 17:59	--------	d-----w-	c:\program files\Microsoft Analysis Services
2012-06-01 17:59 . 2012-06-01 17:59	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2012-06-01 17:58 . 2012-06-13 06:57	--------	d-----w-	c:\programdata\Microsoft Help
2012-06-01 17:58 . 2012-06-01 17:58	--------	d-----r-	C:\MSOCache
2012-06-01 17:42 . 2012-06-01 17:42	--------	d-----w-	c:\programdata\Media Get LLC
2012-06-01 17:41 . 2012-06-01 17:41	--------	d-----w-	c:\programdata\IBUpdaterService
2012-06-01 17:34 . 2012-06-01 17:34	--------	d-----w-	c:\program files (x86)\MusicJet
2012-06-01 17:34 . 2012-06-01 17:34	--------	dc-h--w-	c:\programdata\{8890AAED-0271-4F75-ABAA-79FDD6B94AD2}
2012-06-01 17:33 . 2012-06-01 17:33	--------	d-----w-	c:\program files (x86)\uTorrent
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\windows\SysWow64\spool
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\programdata\Sony
2012-06-01 17:09 . 2012-06-01 17:09	--------	d-----w-	c:\program files (x86)\Sony
2012-06-01 16:53 . 2012-06-01 16:53	--------	d-----w-	c:\program files (x86)\DsNET Corp
2012-06-01 16:50 . 2012-06-12 17:34	--------	d-----w-	c:\program files (x86)\JDownloader
2012-06-01 16:49 . 2012-06-01 16:49	--------	d-----w-	c:\programdata\Ask
2012-06-01 16:47 . 2012-06-01 16:47	--------	d-----w-	c:\program files (x86)\Foxit Software
2012-06-01 16:44 . 2012-06-01 16:44	8769696	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-06-01 16:43 . 2012-06-01 16:43	--------	d-----w-	c:\program files (x86)\PhotoScape
2012-06-01 16:40 . 2012-06-01 16:40	--------	d-----w-	c:\program files (x86)\PANDORA.TV
2012-06-01 16:40 . 2012-06-01 16:41	--------	d-----w-	c:\program files (x86)\The KMPlayer
2012-06-01 16:39 . 2012-06-11 18:09	--------	d-----w-	c:\program files (x86)\AIMP3
2012-06-01 16:37 . 2012-06-01 16:37	--------	d-----w-	c:\program files (x86)\Mp3tag
2012-06-01 16:32 . 2012-06-01 16:32	--------	d-----w-	c:\program files (x86)\Opera
2012-06-01 16:26 . 2012-06-01 16:26	--------	d-----w-	c:\programdata\McAfee
2012-06-01 16:26 . 2012-06-01 16:26	--------	d-----w-	c:\windows\system32\Macromed
2012-06-01 16:24 . 2012-06-01 16:24	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-06-01 16:18 . 2012-06-01 16:18	--------	d--h--w-	c:\programdata\Common Files
2012-06-01 16:10 . 2012-06-01 16:45	--------	d-----w-	c:\program files (x86)\ICQ7M
2012-06-01 15:33 . 2012-06-01 15:33	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-06-01 14:53 . 2012-06-01 14:53	--------	d-----w-	c:\program files\CCleaner
2012-06-01 14:20 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-06-01 14:20 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-06-01 14:20 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-06-01 14:16 . 2012-06-01 15:33	--------	d-----r-	c:\program files (x86)\Skype
2012-06-01 14:15 . 2012-06-08 15:24	--------	d-----w-	c:\programdata\Skype
2012-06-01 14:15 . 2012-06-01 14:15	--------	d-----w-	c:\program files\Elantech
2012-06-01 14:14 . 2012-06-01 14:16	--------	d-----w-	c:\users\Tomík
2012-06-01 14:12 . 2012-06-01 14:12	--------	d-----w-	C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-01 14:14 . 2010-06-24 02:33	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-06-18_11.16.47   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-06-18 12:32	42968              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-18 12:32	37926              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-06-01 14:15 . 2012-06-18 12:32	6630              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1571869238-3936240484-2151935606-1001_UserData.bin
- 2012-06-18 11:16 . 2012-06-18 11:16	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-18 13:03 . 2012-06-18 13:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-18 11:16 . 2012-06-18 11:16	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-18 13:03 . 2012-06-18 13:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-06-18 12:35	616008              c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-18 10:00	616008              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-18 12:35	106388              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-18 10:00	106388              c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2012-06-18 11:15	482304              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-18 13:03	482304              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-06-01 18:53 . 2012-06-18 13:03	16834012              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1571869238-3936240484-2151935606-1001-8192.dat
- 2012-06-01 18:53 . 2012-06-18 11:15	16834012              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1571869238-3936240484-2151935606-1001-8192.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 257224]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-04 1997416]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 19:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-12 12558440]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-02 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-02 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-02 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\mvob3y62.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
.
**************************************************************************
.
Completion time: 2012-06-18  15:09:13 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-18 13:09
ComboFix2.txt  2012-06-18 12:28
ComboFix3.txt  2012-06-18 11:21
.
Pre-Run: 221 675 180 032 bytes free
Post-Run: 221 416 419 328 bytes free
.
- - End Of File - - 60DBEB03A4AAEF1811DACE20C540C70B
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#40 Příspěvek od stell »

ok, tak ako??
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#41 Příspěvek od wedders »

toto je už na nervy..žiadna reakcia ani v jednom prehliadači... :cry:
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#42 Příspěvek od stell »

no ved, daco ti blokuje facebook, ale zatial netusim ze co, skusime zmenit DNS servery.
Nastavis tam Google servery.
Tu to mam blogu na OBRAZKU,,,ze ako,ale ty tam napises tieto cisla.
8.8.8.8
8.8.4.4
http://www.viruskasino.com/2012/05/filt ... ranok.html
1.Kliknite na tlačidlo Štart, vyberte Ovládací panel.
2.Kliknite na Centrum sietí a zdieľania.
3.Kliknite na primárne pripojenie a Pripojenie k miestnej sieti v rámci služby Active Networks.
4.Kliknite na tlačidlo Vlastnosti.
5.Windows 7 môže sa vás opýta na povolenie vykonávať zmeny nastavenia siete.
6.Zvýraznenie "Internet Protocol verzie 4" a kliknite na položku Vlastnosti.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#43 Příspěvek od wedders »

Obrázek

takto som to nastavil...malo sa niečo diať? FB stále nefunguje...
Nahoru
Uživatelský avatar
stell
VIP in memoriam
VIP in memoriam
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:
Kontaktovat uživatele stell

Re: Problém Chrome - Facebook

#44 Příspěvek od stell »

takto dobre si nastavil, kliknut na ok,,,ale zadaj tento prikaz do prikazoveho riadku
ipconfig /flushdns
ENTER

A znova nastav DNS servery, zatvor, okna, a odskusaj prehliadace, a napis
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Obrázek
Nahoru
wedders
Návštěvník
Návštěvník
Příspěvky: 234
Registrován: 17 čer 2011 11:37

Re: Problém Chrome - Facebook

#45 Příspěvek od wedders »

no zrejme pomohlo dostal som sa na FB cez všetky prehliadače...len mám strašne strašne blbý pocit, že to je len na chviľu..:/
Nahoru
Zamčeno

Zpět na „Prohlížeče, antispamy a poštovní klienti“