ComboFix 12-11-14.01 - Louka 14.11.2012  14:08:47.1.2 - x86 MINIMAL
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.420.1029.18.3292.2509 [GMT 1:00]
Spuštěný z: k:\_\Combofix\aaa.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvořen nový Bod Obnovení
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\UNWISE.EXE
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-10-14 do 2012-11-14  )))))))))))))))))))))))))))))))
.
.
2012-11-14 13:12 . 2012-11-14 13:12	--------	d-----w-	c:\users\Louka\AppData\Local\temp
2012-11-14 13:12 . 2012-11-14 13:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-11-13 06:50 . 2012-11-13 06:50	--------	d-----w-	c:\users\Louka\AppData\Roaming\Ashampoo
2012-11-13 06:48 . 2012-11-13 06:48	--------	d-----w-	c:\users\Louka\AppData\Local\ashampoo
2012-11-13 06:48 . 2012-11-13 06:48	--------	d-----w-	c:\programdata\ashampoo
2012-11-13 06:48 . 2012-11-13 06:48	--------	d-----w-	c:\program files\Ashampoo
2012-11-13 06:45 . 2012-10-12 05:56	6918632	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CFEB4722-2705-4773-8A29-7492A007F549}\mpengine.dll
2012-11-12 09:21 . 2012-11-12 09:33	--------	d-----w-	C:\Záloha datové schránky 12.11.2012
2012-11-12 07:54 . 2012-11-12 08:16	--------	d-----w-	C:\Záloha Elektronické pošty 12.11.2012
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 12:41 . 2011-09-06 06:25	17488	----a-w-	c:\windows\gdrv.sys
2012-09-14 18:28 . 2012-10-11 05:42	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-12 09:48 . 2012-09-12 09:48	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-09-12 09:48 . 2012-09-12 09:48	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-12 09:48 . 2012-09-12 09:48	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-31 17:18 . 2012-10-11 05:41	1211760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12 . 2012-10-11 05:41	3968880	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-11 05:41	3914096	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-24 16:57 . 2012-10-11 05:42	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-08-24 06:59 . 2012-09-24 13:21	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-24 13:21	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-24 13:21	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-24 13:21	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-24 13:21	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-24 13:21	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-12 05:18	1292144	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 05:18	712048	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 05:18	240496	----a-w-	c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 05:18	187760	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12 . 2012-09-26 04:10	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-08-20 17:40 . 2012-10-11 05:41	169984	----a-w-	c:\windows\system32\winsrv.dll
2012-08-20 17:40 . 2012-10-11 05:41	293376	----a-w-	c:\windows\system32\KernelBase.dll
2012-08-20 17:37 . 2012-10-11 05:41	271360	----a-w-	c:\windows\system32\conhost.exe
2012-08-20 17:32 . 2012-10-11 05:41	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	4096	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 05:41	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 05:41	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 05:41	3584	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33 . 2012-10-11 05:41	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-12-14 9951848]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"DkStartup"="c:\program files\SafeNet\BSecClient\dkstartup.exe" [2007-09-13 49152]
"AxMonitor"="c:\program files\SafeNet\BSecClient\axmonitor.exe" [2007-09-13 450560]
"DkAutoReg"="c:\program files\SafeNet\BSecClient\DkAutoReg.exe" [2007-09-13 253952]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DkWLNP]
2007-09-13 12:21	61440	----a-w-	c:\windows\System32\DkWLNP.dll
.
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [x]
R2 DkVcm;SafeNet Virtual Channel Monitor;c:\windows\system32\dkvcm.exe [x]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [x]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [x]
R3 iKeyEnum;Rainbow iKey Enumerator;c:\windows\system32\DRIVERS\ikeyenum.sys [x]
R3 iKeyIFD;Rainbow iKey Virtual Reader;c:\windows\system32\DRIVERS\ikeyifd.sys [x]
R3 RnbToken;Rainbow iKey Token Service;c:\windows\system32\DRIVERS\rnbtoken.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: postsignum.cz\www
TCP: Interfaces\{7340F718-C7D9-447B-AE15-266895F81604}: NameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-HASP Device Drivers - c:\windows\system32\UNWISE.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-14  14:14:05
ComboFix-quarantined-files.txt  2012-11-14 13:14
.
Před spuštěním: Volných bajtů: 407 586 877 440
Po spuštění: Volných bajtů: 407 623 389 184
.
- - End Of File - - 84A73A3EEA83C0AC3924861604FC66E5