Google Chrome - Sirefef.gen!C.

Buna Seara! Am o problema cu virusul acesta.
In Chrome imi apare asa :"The certificate received indicates that this computer is infected with Sirefef.gen!C."
Am scanat cu Kaspersky 2012 Internet Security nu mi-a gasit nimic,cu spyhunter4 la fel,malware de asemenea. Cum pot scapa de virusul acesta,daca este un virus bineineles..?
Mentionez ca orice downloadez se sterge imediat.

http://support.googl...&answer=2886511

Nu pot downloada nimic. O sa incerc sa fac rost de la cineva,daca reusesc asa o sa va anunt.

1) Click pe Start, Run.
2) Scrie MRT, Enter
[ http://www.pchell.com/images/msrt2.jpg - Pentru incarcare in pagina (embed) Click aici ]

Nu am asa ceva. Folosesc Windows 7 Proffesional pe 32 biti

Edited by meshgheru_andu, 15 May 2013 - 20:55.

eu am pe win7 x64... MRT e varianta 2010, nu 2007

Edited by annonimu, 15 May 2013 - 21:01.

Daca ai updatat windows-ul , ai inclus.
http://www.microsoft...re-removal.aspx

annonimu, on 15 mai 2013 - 21:00, said:

Ai dreptate, imaginea e mai veche.

 mrt.jpg   38.4K   9 downloads

Nu sunt updatat la zi. Am luat Microsoft Security dar ca sa pot scana trebuie sa se updateze,lucrul imposibil deoarece nu pot downloada nimic.

meshgheru_andu, on 15 mai 2013 - 21:10, said:

https://www.microsof...itions/adl.aspx

http://forum.thewind...html#post147422

Am scapat de virus. Persista in schimb problema la download. Da eroare ceva cu "Scanarea nu a reusit" si sterge tot ce s-a downloadat.

Incearca alt browser si seteaza-l ca implicit gen: mozilla Firefox .
Toate download-urile iti trec prin browser si manager-ul de download al browser-ului tau iti face figuri .

Edited by Sempiternal, 16 May 2013 - 15:14.

Bun.
Atunci, procedam in alt mod.
Salvezi pe stick urmatoarele programe:
AdwCleaner,
RogueKiller,
ComboFix si
OTL.

Introduci stick-ul in calculator si transferi pe Desktop programele.
Posibil sa nu fie nevoie de toate.
Rulezi doar ce-ti spun eu mai jos.

1. Dublu click pe AdwCleaner.exe pentru al rula.
Pentru Windows Vista sau Windows7,
click dreapta, selecteaza Run as administrator.
Click pe Search.
Asteapta sa termine de cautat.
Dupa click pe Delete.
Un fisier log se va deschide dupa ce va termina de scanat.
Posteaza continutul lui aici.
Logul se gaseste in C:\AdwCleaner[Sn].txt (n este un numar).
[ http://s8.postimage.org/q3trcenth/ADW1.jpg - Pentru incarcare in pagina (embed) Click aici ]

2. Inchide toate programele care ruleaza.
Scoate tot din porturile USB(Memory Stick, Hard Extern).
Dublu click pe RogueKiller.exe, pentru a rula.
Pentru Windows Vista sau Windows 7,
click dreapta, selecteaza Run as administrator.
Asteapta pana Prescan-ul a terminat.
Click pe "Scan".
Asteapta pana ce in Status box apare "Scan Finished".
Click pe "Report" si copy/paste aici.
Pe imaginea de mai jos ignora pasul 3!
[ http://s9.postimage.org/q04cnvji7/image.jpg - Pentru incarcare in pagina (embed) Click aici ]


AdwCleaner[S1].txt si RogueKiller.txt.

Aveti aici logurile.

Te rog sa nu mai atasezi fisierele!
Pur si simplu, copy>paste aici.

Descarca: ComboFix si salveaza-l pe Desktop.
Apoi asigura-te ca ai inchis toate programele care ruleaza (Yahoo Messenger, Mozila Firefox, etc) si ruleaza ComboFix.
Pentru Windows Vista sau Windows7,
click dreapta, selecteaza Run as administrator.
Te va intreba daca sa inceapa sa curete sistemul. Confirma cu Yes de fiecare data.
Nu-l opri in timp ce scaneaza si dezinfecteaza sistemul. E posibil ca in timpul rularii lui desktop-ul sa dispara, dar nu te ingrijora.
La sfarsit va afisa rezultatele scanarii.
Salveaza acel fisier si posteaza continutul AICI.

ComboFix 13-05-16.02 - Andrei 05/16/2013  19:16:41.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.1.1033.18.1976.1214 [GMT 3:00]
Running from: H:\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Andrei\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Andrei\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\windows\system32\c
c:\windows\system32\C\Yahoo!\Messenger\logs\voice_Andrei_0.log
c:\windows\system32\lang-1033-default.dll
c:\windows\system32\tmp45F6.tmp
c:\windows\system32\tmp4636.tmp
c:\windows\system32\tmpCF24.tmp
c:\windows\system32\tmpCF54.tmp
c:\windows\system32\tmpDB72.tmp
c:\windows\system32\tmpDF61.tmp
c:\windows\XSxS
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-16 to 2013-05-16  )))))))))))))))))))))))))))))))
.
.
2013-05-16 16:24 . 2013-05-16 16:25 -------- d-----w- c:\users\Andrei\AppData\Local\temp
2013-05-16 16:24 . 2013-05-16 16:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-16 15:46 . 2013-05-16 15:46 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB29049B-CA9C-47B6-B29F-3BF0841A0013}\MpKsl43e22ad3.sys
2013-05-16 10:56 . 2013-05-16 10:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-16 10:56 . 2013-04-04 11:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-16 10:47 . 2013-05-16 10:47 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-05-16 06:49 . 2013-05-16 06:49 -------- d-----w- c:\program files\MSXML 4.0
2013-05-16 06:37 . 2012-02-15 05:44 826368 ----a-w- c:\windows\system32\rdpcore.dll
2013-05-16 06:37 . 2012-02-15 04:22 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-05-16 06:37 . 2012-02-15 04:22 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-05-16 06:29 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-05-16 06:29 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-05-16 06:29 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-05-16 06:29 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-05-16 06:29 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-05-16 06:29 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-05-16 06:29 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-05-16 06:29 . 2012-06-02 12:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-16 06:29 . 2012-06-02 12:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-05-15 20:40 . 2013-05-13 22:49 7016152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB29049B-CA9C-47B6-B29F-3BF0841A0013}\mpengine.dll
2013-05-15 18:17 . 2013-05-15 18:17 -------- d-----w- c:\program files\Microsoft Security Client
2013-05-15 09:38 . 2013-05-15 09:38 -------- d-----w- c:\users\Andrei\AppData\Local\Mozilla
2013-05-15 07:53 . 2013-05-15 07:53 -------- d-----w- c:\users\Andrei\AppData\Roaming\Malwarebytes
2013-05-15 07:53 . 2013-05-15 07:53 -------- d-----w- c:\programdata\Malwarebytes
2013-05-15 07:53 . 2013-05-15 07:53 -------- d-----w- c:\users\Andrei\AppData\Local\CCleaner
2013-05-15 07:53 . 2013-05-15 07:53 -------- d-----w- c:\program files\CCleaner
2013-05-15 07:53 . 2013-05-15 07:53 -------- d-----w- c:\users\Andrei\AppData\Local\Programs
2013-05-15 07:44 . 2013-05-15 07:44 -------- d-----w- c:\users\Andrei\AppData\Local\ElevatedDiagnostics
2013-05-14 22:14 . 2013-05-14 22:14 -------- d-----w- c:\program files\Enigma Software Group
2013-05-14 22:13 . 2013-05-14 23:10 -------- d-----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
2013-05-14 22:13 . 2013-05-14 22:13 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-05-14 19:55 . 2013-05-14 21:49 -------- d-----w- c:\programdata\Avira
2013-05-14 16:49 . 2013-05-14 16:49 -------- d-----w- c:\program files\ESET
2013-05-14 08:59 . 2013-05-14 08:59 -------- d-sh--w- c:\windows\system32\%APPDATA%
2013-05-14 08:42 . 2013-05-14 08:42 225280 ----a-w- c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll
2013-05-14 08:42 . 2013-05-14 20:59 -------- d-----w- c:\program files\x264 Video Codec
2013-05-11 21:30 . 2013-05-11 21:30 -------- d-----w- c:\windows\system32\searchplugins
2013-05-11 21:30 . 2013-05-11 21:30 -------- d-----w- c:\windows\system32\Extensions
2013-04-25 20:12 . 2008-02-20 13:49 495104 ----a-w- c:\windows\Dog Lick.exe
2013-04-25 20:12 . 2013-04-25 20:12 -------- d-----w- c:\windows\Dog Lick Uninstaller
2013-04-25 20:12 . 2008-02-20 13:50 903680 ----a-w- c:\windows\Dog Lick.scr
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 03:51 . 2009-07-13 23:11 108544 ----a-w- c:\windows\system32\drivers\CDROM.SYS
2013-05-01 23:06 . 2012-05-04 14:24 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-03-23 08:44 . 2012-11-03 20:47 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-23 08:44 . 2012-11-03 20:47 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-02 15:14 . 2013-03-02 15:14 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-02 15:14 . 2012-07-13 17:06 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-02 15:14 . 2012-07-13 17:06 782240 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MediaIconsOverlay]
@="{1EC23CFF-4C58-458f-924C-8519AEF61B32}"
[HKEY_CLASSES_ROOT\CLSID\{1EC23CFF-4C58-458f-924C-8519AEF61B32}]
2013-05-14 08:42 225280 ----a-w- c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-01-22 1684776]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-09-08 495708]
"Boot Cleanup"="c:\program files\CCleaner\Bin\CCleaner.exe" [2013-05-16 151040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DFX.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk
backup=c:\windows\pss\DFX.lnk.Commonstartup
backupExtension=.Commonstartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.Commonstartup
backupExtension=.Commonstartup
.
[HKLM\~\startupfolder\C:^Users^Andrei^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Andrei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Andrei^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sound Booster.lnk]
path=c:\users\Andrei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sound Booster.lnk
backup=c:\windows\pss\Sound Booster.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot Cleanup]
2013-05-16 10:56 151040 ----a-w- c:\program files\CCleaner\Bin\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-09-03 09:04 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 21:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14 1173504 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-29 05:55 17148552 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2010-09-08 10:05 495708 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-12-05 12:18 968592 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R3 audiobridge;Virtual Audio Bridge;c:\windows\system32\DRIVERS\aubridge.sys [x]
R3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 hwmobilehsn;High Speed USB Modem and USB Serial For Normal;c:\windows\system32\DRIVERS\hwmob01.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R4 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [x]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 MpKsl43e22ad3;MpKsl43e22ad3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB29049B-CA9C-47B6-B29F-3BF0841A0013}\MpKsl43e22ad3.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MPKSL43E22AD3
*NewlyCreated* - TRUESIGHT
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-15 10:28 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-03 08:44]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-18 18:55]
.
2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-18 18:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ro/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 81.180.223.1 81.180.222.254
TCP: Interfaces\{0A021C8B-F2EF-4673-BF4A-49A88689992A}: NameServer = 81.12.132.206 81.12.128.206
FF - ProfilePath - c:\users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\7p5ckfyo.default\
FF - ExtSQL: !HIDDEN! 2012-06-04 12:42; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
MSConfigStartUp-Connectify - c:\program files\Connectify\Connectify.exe
MSConfigStartUp-DFX - c:\program files\DFX\DFX.exe
MSConfigStartUp-Facebook Update - c:\users\Andrei\AppData\Local\Facebook\Update\FacebookUpdate.exe
MSConfigStartUp-Google Update - c:\users\Andrei\AppData\Local\Google\Update\GoogleUpdate.exe
MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
MSConfigStartUp-hpqSRMon - c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
MSConfigStartUp-MEVEQTY5QTBEMzU1QUJENU - c:\users\Andrei\ofhgp.exe
MSConfigStartUp-MSC - c:\program files\Microsoft Security Client\mssecex.exe
MSConfigStartUp-MSSMARTMON1 - c:\users\Andrei\AppData\Roaming\fkvwul.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-SpeedBitVideoAccelerator - c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe
MSConfigStartUp-tbrena - c:\recycler\S-1-5-21-0243556031-888888379-781863308-14699\brenasa.exe
MSConfigStartUp-UIExec - c:\program files\Join Air\UIExec.exe
MSConfigStartUp-updatr - c:\windows\udatr\Module.BAT
MSConfigStartUp-VolumeConcierge - c:\program files\Volume Concierge\VolumeConcierge.exe
MSConfigStartUp-zaber0 - c:\recycler\S-1-5-21-0243556031-888888379-781863308-1830\zaberg.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-05-16  19:28:56
ComboFix-quarantined-files.txt  2013-05-16 16:28
.
Pre-Run: 76,097,376,256 bytes free
Post-Run: 77,099,098,112 bytes free
.
- - End Of File - - 4AFA311F8CACB7BD08649753AB578EB5

Ruleaza din nou RogueKiller.
Inchide toate programele care ruleaza.
Scoate tot din porturile USB(Memory Stick, Hard Extern).
Dublu click pe RogueKiller.exe, pentru a rula.
Pentru Windows Vista sau Windows 7,
click dreapta, selecteaza Run as administrator.
Asteapta pana Prescan-ul a terminat.
Click pe "Scan".
Asteapta pana ce in Status box apare "Scan Finished".
Click pe Fix Host, dupa Fix DNS.

Verifica, daca poti sa folosesti, download-ul, in browser.

Nu,tot nu pot folosi download-ul. Tot aceeasi eroare o primesc.

Ruleaza OTL.
Vezi aici cum:
http://forum.softped...r/#entry8313329

Posteaza cele doua loguri aici.
OTL.txt si Extras.txt