VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Meniace sa ikony

https://forum.viry.cz:443/viewtopic.php?t=138750

Stránka 1 z 1

Meniace sa ikony

Napsal: 24 čer 2014 11:08
od RYAN0619
Dobrý deň mám problém s ikonami ktoré sa zmenili na google chrome. Ak spustím tú ikonu zapne sa mi google chrome a začne dačo sťahovať. Ak zmením jednu ikonu na nfs most wanted tak sa zmenia všetky ikoni.Može to byt vír? ďakujem


Tu je log z FRST:
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by MoMo (administrator) on MOMO-PC on 24-06-2014 12:02:53
Running from C:\Users\MoMo\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Angličtina (USA)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mncatblndSrv] => C:\Windows\system32\mncatblnd.vbe
HKLM-x32\...\Run: [mncweagcSrv] => C:\Windows\system32\mncweagc.vbe
HKLM-x32\...\Run: [MSStp] => C:\Windows\system32\msstp.vbe
HKLM-x32\...\Run: [mncqoycSrv] => C:\Windows\inf\mncqoyc.vbe
HKU\S-1-5-21-3465585249-3896408302-660863420-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-3465585249-3896408302-660863420-1001\...\Run: [Advanced SystemCare 6] => C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-3465585249-3896408302-660863420-1001\...\Run: [Sony Ericsson PC Companion] => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [405712 2010-04-19] ()
HKU\S-1-5-21-3465585249-3896408302-660863420-1001\...\MountPoints2: {5d08d74d-d8dc-11e3-9366-001fd0d81a44} - G:\Startme.exe
HKU\S-1-5-21-3465585249-3896408302-660863420-1001\...\MountPoints2: {5d08d772-d8dc-11e3-9366-001fd0d81a44} - G:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8097878F0249CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\MoMo\AppData\Roaming\Mozilla\Firefox\Profiles\qe34hb5o.default
FF Homepage: my.daemon-search.com|hxxp://go.microsoft.com/fwlink/p/?linkid=255141
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\MoMo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\MoMo\AppData\Roaming\Mozilla\Firefox\Profiles\qe34hb5o.default\user.js
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-03-27]

Chrome:
=======
CHR Extension: (Disk Google) - C:\Users\MoMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\MoMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Hľadať v Google) - C:\Users\MoMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (Peňaženka Google) - C:\Users\MoMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Gmail) - C:\Users\MoMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [153736 2010-03-11] (Avanquest Software) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2014-03-27] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 ghsdiagMDM; C:\Windows\System32\DRIVERS\ghsdiagMDM.sys [122496 2011-11-28] (HS Incorporated)
S3 ghsmdm; C:\Windows\System32\DRIVERS\ghsmdm.sys [122496 2011-11-28] (HS Incorporated)
S3 ghsnmea; C:\Windows\System32\DRIVERS\ghsnmea.sys [122496 2011-11-28] (HS Incorporated)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-06] ()
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-01] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-01] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-01] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-01] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-01] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-01] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-01] (MCCI Corporation)
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-24 12:02 - 2014-06-24 12:03 - 00010253 _____ () C:\Users\MoMo\Desktop\FRST.txt
2014-06-24 12:01 - 2014-06-24 12:02 - 00000000 ____D () C:\FRST
2014-06-24 12:01 - 2014-06-24 12:01 - 02082816 _____ (Farbar) C:\Users\MoMo\Desktop\FRST64.exe
2014-06-24 12:00 - 2014-06-24 12:01 - 02082816 _____ (Farbar) C:\Users\MoMo\Downloads\FRST64.exe
2014-06-24 11:59 - 2014-06-24 12:00 - 01073152 _____ (Farbar) C:\Users\MoMo\Downloads\FRST.exe
2014-06-24 11:58 - 2014-06-24 11:58 - 00015327 _____ () C:\Users\MoMo\Desktop\LM.bat
2014-06-24 11:58 - 2014-06-24 11:57 - 00112640 _____ (forum.viry.cz) C:\Users\MoMo\Desktop\FRSTLauncher.exe
2014-06-24 11:57 - 2014-06-24 11:58 - 00029696 _____ () C:\Users\MoMo\AppData\Local\MSGBOX.EXE
2014-06-24 11:57 - 2014-06-24 11:57 - 00781909 _____ () C:\Users\MoMo\Downloads\RSIT (1).exe
2014-06-24 11:57 - 2014-06-24 11:57 - 00112640 _____ (forum.viry.cz) C:\Users\MoMo\Downloads\FRSTLauncher.exe
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\rsit
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-06-24 11:56 - 2014-06-24 11:56 - 00781909 _____ () C:\Users\MoMo\Downloads\RSIT.exe
2014-06-24 11:54 - 2014-06-24 11:58 - 00000000 ____D () C:\Users\MoMo\Desktop\ln
2014-06-23 18:35 - 2014-06-23 18:35 - 01311301 _____ () C:\Users\MoMo\Downloads\KingsRoad MultiHack v1.0.3.rar
2014-06-23 18:00 - 2014-06-23 18:27 - 254642959 _____ () C:\Users\MoMo\Downloads\CS-1.6-non-steam-od-Gamesites (1).zip
2014-06-23 12:31 - 2014-06-24 11:07 - 00000224 _____ () C:\Windows\setupact.log
2014-06-23 12:31 - 2014-06-23 12:31 - 00007020 _____ () C:\Windows\PFRO.log
2014-06-23 12:31 - 2014-06-23 12:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 12:30 - 2014-06-23 12:30 - 00000000 _____ () C:\asc_rdflag
2014-06-23 07:14 - 2012-10-12 20:09 - 00025472 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-06-19 16:14 - 2014-06-19 16:29 - 254642959 _____ () C:\Users\MoMo\Downloads\CS-1.6-non-steam-od-Gamesites.zip
2014-06-19 15:55 - 2014-06-19 15:57 - 266271112 _____ () C:\Users\MoMo\Downloads\CS-Warzone.rar
2014-06-19 15:52 - 2014-06-19 15:52 - 00010912 _____ () C:\Users\MoMo\Downloads\CS-Professional.exe.torrent
2014-06-17 15:01 - 2014-06-17 15:01 - 01572864 _____ () C:\Users\MoMo\Downloads\WordPad.dmg
2014-06-16 19:40 - 2014-06-16 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-16 19:40 - 2014-06-16 19:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-15 18:08 - 2014-06-15 18:08 - 00123041 _____ () C:\Users\MoMo\Downloads\[kickass.to]gta.vice.city.crack.torrent
2014-06-11 08:27 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 08:27 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 08:27 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 08:27 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 08:27 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 08:27 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 08:27 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 08:27 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 08:27 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 08:27 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 08:27 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 08:27 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 08:27 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 08:27 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 08:27 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 08:27 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 08:27 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 08:27 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 08:27 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 08:27 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 08:27 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 08:27 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 08:27 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 08:27 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 08:27 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 08:27 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 08:27 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 08:27 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 08:27 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 08:27 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 08:27 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 08:27 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 08:27 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 08:27 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 08:27 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 08:27 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 08:27 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 08:27 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 08:27 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 08:27 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 08:27 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 08:27 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 08:27 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 08:27 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 08:27 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 08:27 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 08:27 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 08:27 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 08:27 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 08:27 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 08:27 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 08:27 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 08:27 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 08:27 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 08:27 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 08:27 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 08:27 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 08:27 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 08:27 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 08:27 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 08:27 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 08:27 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 08:27 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 08:27 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 08:27 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 08:27 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-03 21:54 - 2014-06-03 21:54 - 02953096 _____ (ESET) C:\Windows\SysWOW64\%InstallDir%speclean.exe
2014-05-31 22:29 - 2014-05-31 22:33 - 00000000 ____D () C:\Users\MoMo\Desktop\The Elder Scrolls V Skyrim
2014-05-31 21:55 - 2014-05-31 21:55 - 00000000 ____D () C:\Users\MoMo\AppData\Local\Skyrim
2014-05-31 21:45 - 2014-05-31 21:45 - 00003148 _____ () C:\Windows\System32\Tasks\{54844947-E5A6-4D0B-9C7E-75CC2D06F946}
2014-05-28 16:44 - 2014-05-28 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-05-28 16:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-05-28 16:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-05-28 16:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-05-28 16:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-05-28 16:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-05-28 16:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

==================== One Month Modified Files and Folders =======

2014-06-24 12:03 - 2014-06-24 12:02 - 00010253 _____ () C:\Users\MoMo\Desktop\FRST.txt
2014-06-24 12:02 - 2014-06-24 12:01 - 00000000 ____D () C:\FRST
2014-06-24 12:01 - 2014-06-24 12:01 - 02082816 _____ (Farbar) C:\Users\MoMo\Desktop\FRST64.exe
2014-06-24 12:01 - 2014-06-24 12:00 - 02082816 _____ (Farbar) C:\Users\MoMo\Downloads\FRST64.exe
2014-06-24 12:00 - 2014-06-24 11:59 - 01073152 _____ (Farbar) C:\Users\MoMo\Downloads\FRST.exe
2014-06-24 11:58 - 2014-06-24 11:58 - 00015327 _____ () C:\Users\MoMo\Desktop\LM.bat
2014-06-24 11:58 - 2014-06-24 11:57 - 00029696 _____ () C:\Users\MoMo\AppData\Local\MSGBOX.EXE
2014-06-24 11:58 - 2014-06-24 11:54 - 00000000 ____D () C:\Users\MoMo\Desktop\ln
2014-06-24 11:57 - 2014-06-24 11:58 - 00112640 _____ (forum.viry.cz) C:\Users\MoMo\Desktop\FRSTLauncher.exe
2014-06-24 11:57 - 2014-06-24 11:57 - 00781909 _____ () C:\Users\MoMo\Downloads\RSIT (1).exe
2014-06-24 11:57 - 2014-06-24 11:57 - 00112640 _____ (forum.viry.cz) C:\Users\MoMo\Downloads\FRSTLauncher.exe
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\rsit
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-06-24 11:56 - 2014-06-24 11:56 - 00781909 _____ () C:\Users\MoMo\Downloads\RSIT.exe
2014-06-24 11:32 - 2014-03-26 16:52 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-24 11:22 - 2014-04-12 19:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-24 11:12 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 11:09 - 2014-03-27 08:30 - 01689581 _____ () C:\Windows\WindowsUpdate.log
2014-06-24 11:07 - 2014-06-23 12:31 - 00000224 _____ () C:\Windows\setupact.log
2014-06-24 11:07 - 2014-04-21 14:03 - 00000340 _____ () C:\Windows\Tasks\Health-Check-auto.job
2014-06-24 11:07 - 2014-03-26 16:52 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-24 11:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-24 07:11 - 2009-07-14 06:45 - 00016864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 07:11 - 2009-07-14 06:45 - 00016864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-23 18:35 - 2014-06-23 18:35 - 01311301 _____ () C:\Users\MoMo\Downloads\KingsRoad MultiHack v1.0.3.rar
2014-06-23 18:27 - 2014-06-23 18:00 - 254642959 _____ () C:\Users\MoMo\Downloads\CS-1.6-non-steam-od-Gamesites (1).zip
2014-06-23 12:31 - 2014-06-23 12:31 - 00007020 _____ () C:\Windows\PFRO.log
2014-06-23 12:31 - 2014-06-23 12:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 12:30 - 2014-06-23 12:30 - 00000000 _____ () C:\asc_rdflag
2014-06-23 12:30 - 2014-03-26 16:47 - 00000000 ____D () C:\Users\MoMo
2014-06-23 07:14 - 2014-03-27 12:13 - 00000000 ____D () C:\Users\MoMo\AppData\Roaming\uTorrent
2014-06-23 07:14 - 2014-03-27 10:43 - 00000000 ____D () C:\Users\MoMo\AppData\Roaming\DAEMON Tools Lite
2014-06-22 22:46 - 2014-03-26 16:54 - 00000423 _____ () C:\Users\MoMo\Desktop\Computer.lnk
2014-06-22 22:44 - 2014-03-27 10:45 - 00001184 _____ () C:\Users\Public\Desktop\Game Booster.lnk
2014-06-22 21:46 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-22 14:08 - 2014-04-21 14:03 - 00000334 _____ () C:\Windows\Tasks\Health-Check.job
2014-06-22 13:00 - 2014-04-21 14:03 - 00000342 _____ () C:\Windows\Tasks\Health-Check-deep.job
2014-06-21 14:27 - 2014-03-26 16:52 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 14:27 - 2014-03-26 16:52 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 15:50 - 2014-03-29 16:13 - 00000000 ____D () C:\Users\MoMo\Documents\NFS Most Wanted
2014-06-19 16:29 - 2014-06-19 16:14 - 254642959 _____ () C:\Users\MoMo\Downloads\CS-1.6-non-steam-od-Gamesites.zip
2014-06-19 15:57 - 2014-06-19 15:55 - 266271112 _____ () C:\Users\MoMo\Downloads\CS-Warzone.rar
2014-06-19 15:52 - 2014-06-19 15:52 - 00010912 _____ () C:\Users\MoMo\Downloads\CS-Professional.exe.torrent
2014-06-17 15:01 - 2014-06-17 15:01 - 01572864 _____ () C:\Users\MoMo\Downloads\WordPad.dmg
2014-06-16 19:40 - 2014-06-16 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-16 19:40 - 2014-06-16 19:40 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-16 19:40 - 2014-04-12 19:40 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-16 19:40 - 2014-04-12 19:40 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 18:08 - 2014-06-15 18:08 - 00123041 _____ () C:\Users\MoMo\Downloads\[kickass.to]gta.vice.city.crack.torrent
2014-06-12 14:22 - 2014-03-26 16:52 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 17:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 14:10 - 2014-03-26 17:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 14:09 - 2014-03-26 16:46 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-03 21:54 - 2014-06-03 21:54 - 02953096 _____ (ESET) C:\Windows\SysWOW64\%InstallDir%speclean.exe
2014-06-02 22:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-01 14:26 - 2014-03-27 02:40 - 00000000 ____D () C:\Users\MoMo\AppData\Roaming\vlc
2014-05-31 22:33 - 2014-05-31 22:29 - 00000000 ____D () C:\Users\MoMo\Desktop\The Elder Scrolls V Skyrim
2014-05-31 21:55 - 2014-05-31 21:55 - 00000000 ____D () C:\Users\MoMo\AppData\Local\Skyrim
2014-05-31 21:55 - 2014-05-17 09:56 - 00000000 ____D () C:\Users\MoMo\Documents\My Games
2014-05-31 21:45 - 2014-05-31 21:45 - 00003148 _____ () C:\Windows\System32\Tasks\{54844947-E5A6-4D0B-9C7E-75CC2D06F946}
2014-05-31 15:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-30 12:21 - 2014-06-11 08:27 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 08:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 08:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 08:27 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 08:27 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 08:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 08:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 08:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 08:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 08:27 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 08:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 08:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 08:27 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 08:27 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 08:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 08:27 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 08:27 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 08:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 08:27 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 08:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 08:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 08:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 08:27 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 08:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 08:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 08:27 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 08:27 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 08:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 08:27 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 08:27 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 08:27 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 08:27 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 08:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 08:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 08:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 08:27 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 08:27 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 08:27 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 08:27 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 08:27 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 08:27 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 08:27 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 08:27 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 08:27 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 08:27 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 08:27 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 08:27 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 08:27 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 08:27 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 08:27 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 08:27 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 08:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-28 16:44 - 2014-05-28 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-05-28 07:25 - 2014-05-21 12:58 - 00000000 ____D () C:\Users\MoMo\Desktop\WoW

Some content of TEMP:
====================
C:\Users\MoMo\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 15:21

==================== End Of Log ============================

Re: Meniace sa ikony

Napsal: 24 čer 2014 11:10
od vyosek
Zdravim :)

:arrow: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze :?:

Re: Meniace sa ikony

Napsal: 24 čer 2014 11:29
od RYAN0619
Ano používame legálni systém

Re: Meniace sa ikony

Napsal: 24 čer 2014 11:33
od vyosek
:arrow: Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Re: Meniace sa ikony

Napsal: 25 čer 2014 11:12
od RYAN0619
Spravil som všetko podľa vaších inŠtrukcií. Mohol by som sa ešte spýtať z čoho keď je tak ten vírus?



Tu je log s ComboFix:
ComboFix 14-06-24.01 - MoMo . 06. 2014 12:02:55.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1033.18.4095.2595 [GMT 2:00]
Running from: C:\Users\MoMo\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
C:\Users\MoMo\AppData\Local\Msgbox.exe


((((((((((((((((((((((((( Files Created from 2014-05-25 to 2014-06-25 )))))))))))))))))))))))))))))))

Re: Meniace sa ikony

Napsal: 25 čer 2014 11:18
od vyosek
:arrow: CF neprobehl spravne...Muzete jej prosim spustit znovu ale v nouzovem rezimu

:arrow: Pricina problemu se tezko zjistuje, ale klidne bych se vsadil, ze to muze mit na svedomi i ten cinsky IOBit

Re: Meniace sa ikony

Napsal: 25 čer 2014 11:47
od RYAN0619
Ok tak tu je ten druhy log :
ComboFix 14-06-24.01 - MoMo . 06. 2014 12:39:46.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1033.18.4095.2334 [GMT 2:00]
Running from: c:\users\MoMo\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-05-25 to 2014-06-25 )))))))))))))))))))))))))))))))
.
.
2014-06-25 10:44 . 2014-06-25 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-25 10:44 . 2014-06-25 10:44 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-06-24 10:01 . 2014-06-24 10:04 -------- d-----w- C:\FRST
2014-06-24 09:57 . 2014-06-24 09:57 -------- d-----w- c:\program files (x86)\trend micro
2014-06-24 09:57 . 2014-06-24 09:57 -------- d-----w- C:\rsit
2014-06-23 05:14 . 2012-10-12 18:09 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-06-16 17:40 . 2014-06-16 17:40 -------- d-----w- c:\program files\McAfee Security Scan
2014-06-03 19:54 . 2014-06-03 19:54 2953096 ----a-w- c:\windows\SysWow64\%InstallDir%speclean.exe
2014-05-31 19:55 . 2014-05-31 19:55 -------- d-----w- c:\users\MoMo\AppData\Local\Skyrim
2014-05-28 14:44 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2014-05-28 14:44 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2014-05-28 14:44 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2014-05-28 14:44 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2014-05-28 14:44 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2014-05-28 14:44 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-11 12:09 . 2014-03-26 14:46 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-13 18:22 . 2014-04-12 17:40 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 18:22 . 2014-04-12 17:40 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-26 15:06 . 2014-04-26 15:06 2048 ----a-w- c:\windows\SysWow64\winver.exe
2014-04-26 15:06 . 2014-04-26 15:06 833024 ----a-w- c:\windows\SysWow64\user32.dll
2014-04-26 15:06 . 2014-04-26 15:06 410624 ----a-w- c:\windows\SysWow64\systemcpl.dll
2014-04-26 15:06 . 2014-04-26 15:06 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2014-04-17 03:31 . 2014-05-07 14:37 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2CB331E5-E783-4E80-A12C-9D3DDDCE2953}\mpengine.dll
2014-04-14 18:13 . 2014-05-07 14:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 05:41 . 2014-04-21 12:22 1541576 ----a-w- c:\windows\system32\nvdispgenco6433761.dll
2014-04-12 05:41 . 2014-04-21 12:22 1891272 ----a-w- c:\windows\system32\nvdispco6433761.dll
2014-04-12 02:22 . 2014-05-14 13:00 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 13:00 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 13:00 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 13:00 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 13:00 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 13:00 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 13:00 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 13:00 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 13:00 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-04-11 22:24 . 2014-04-21 12:22 15964736 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-04-11 22:24 . 2009-06-10 20:37 14422856 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-04-11 22:24 . 2014-04-21 12:22 23785416 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-04-11 22:24 . 2009-07-13 21:59 18493952 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-04-11 22:24 . 2009-07-13 21:59 17467048 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-04-11 22:24 . 2014-04-21 12:22 31270856 ----a-w- c:\windows\system32\nvoglv64.dll
2014-04-11 22:24 . 2014-04-21 12:22 13158744 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-04-11 22:23 . 2014-04-21 12:22 3107200 ----a-w- c:\windows\system32\nvapi64.dll
2014-04-11 22:23 . 2014-04-21 12:22 2728160 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-04-11 22:22 . 2014-04-21 12:22 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-04-11 22:22 . 2014-04-21 12:22 25257416 ----a-w- c:\windows\system32\nvcompiler.dll
2014-04-11 22:22 . 2014-04-21 12:22 11598560 ----a-w- c:\windows\system32\nvopencl.dll
2014-04-11 22:22 . 2014-04-21 12:22 866760 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-04-11 22:22 . 2014-04-21 12:22 891168 ----a-w- c:\windows\system32\NvFBC64.dll
2014-04-11 22:22 . 2014-04-21 12:22 859592 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-04-11 22:22 . 2014-04-21 12:22 2784088 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-04-11 22:22 . 2014-04-21 12:22 2414536 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-04-11 22:22 . 2014-04-21 12:22 11644392 ----a-w- c:\windows\system32\nvcuda.dll
2014-04-11 22:22 . 2014-04-21 12:22 9697128 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-04-11 22:22 . 2014-04-21 12:22 3139928 ----a-w- c:\windows\system32\nvcuvid.dll
2014-04-11 22:22 . 2014-04-21 12:22 2952136 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-04-11 22:22 . 2014-04-21 12:22 9734744 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-04-11 22:22 . 2014-04-21 12:22 895944 ----a-w- c:\windows\system32\NvIFR64.dll
2014-04-11 15:21 . 2014-04-21 12:28 6767392 ----a-w- c:\windows\system32\nvcpl.dll
2014-04-11 15:21 . 2014-04-21 12:28 3512664 ----a-w- c:\windows\system32\nvsvc64.dll
2014-04-11 15:21 . 2014-04-21 12:28 928712 ----a-w- c:\windows\system32\nvvsvc.exe
2014-04-11 15:21 . 2014-04-21 12:28 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-04-11 15:21 . 2014-04-21 12:28 64968 ----a-w- c:\windows\system32\nvshext.dll
2014-04-11 15:21 . 2014-04-21 12:28 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-04-11 15:21 . 2014-04-21 12:28 3728817 ----a-w- c:\windows\system32\nvcoproc.bin
2014-04-06 17:06 . 2014-04-06 17:06 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2014-04-06 17:06 . 2014-04-06 17:06 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2014-04-05 11:50 . 2014-04-05 11:50 1642 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2014-03-31 07:35 . 2010-11-21 03:27 270496 ----a-w- c:\windows\system32\MpSigStub.exe
2014-03-28 13:03 . 2014-03-28 13:03 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2014-03-28 13:03 . 2014-03-28 13:03 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-03-28 13:03 . 2014-03-28 13:03 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2014-03-28 13:03 . 2014-03-28 13:03 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2010-11-21 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2014-04-26 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2010-04-19 405712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ghsdiagMDM;Handset Diagnostic Port;c:\windows\system32\DRIVERS\ghsdiagMDM.sys;c:\windows\SYSNATIVE\DRIVERS\ghsdiagMDM.sys [x]
R3 ghsmdm;Handset USB Modem;c:\windows\system32\DRIVERS\ghsmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ghsmdm.sys [x]
R3 ghsnmea;Handset NMEA Port;c:\windows\system32\DRIVERS\ghsnmea.sys;c:\windows\SYSNATIVE\DRIVERS\ghsnmea.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 12:19 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-12 18:22]
.
2014-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26 14:51]
.
2014-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26 14:51]
.
2014-06-25 c:\windows\Tasks\Health-Check-auto.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2014-04-21 09:09]
.
2014-06-22 c:\windows\Tasks\Health-Check-deep.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2014-04-21 09:09]
.
2014-06-22 c:\windows\Tasks\Health-Check.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2014-04-21 09:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = my.daemon-search.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3465585249-3896408302-660863420-1001\Software\SecuROM\License information*]
"datasecu"=hex:b3,2b,01,e5,a4,c2,b2,b2,f0,98,8a,1e,7e,d0,6c,b2,11,71,4f,9a,c7,
21,95,88,6b,5d,77,c4,5b,d8,f0,5c,c5,74,05,ec,55,3d,fb,94,23,62,41,20,a5,1d,\
"rkeysecu"=hex:3d,c9,40,78,2a,76,19,8b,51,20,01,65,50,ba,ad,32
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-06-25 12:46:29
ComboFix-quarantined-files.txt 2014-06-25 10:46
ComboFix2.txt 2014-06-25 10:28
.
Pre-Run: 97 733 038 080 bytes free
Post-Run: 97 663 012 864 bytes free
.
- - End Of File - - F7457EBC5DD2229140D185E41A14EEFB
A36C5E4F47E84449FF07ED3517B43A31

Re: Meniace sa ikony

Napsal: 25 čer 2014 13:23
od vyosek
:arrow: Odinstalujte McAfee Security Scan

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz