ComboFix 13-03-05.01 - Petr 06.03.2013 12:54:32.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3063.1803 [GMT 1:00] Spuštěný z: c:\users\Petr_2\Desktop\ComboFix.exe AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Ostatní výmazy ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\program files (x86)\Common Files\Temp c:\programdata\FullRemove.exe c:\windows\SysWow64\tmp35CE.tmp c:\windows\SysWow64\tmp35DF.tmp c:\windows\SysWow64\tmp3DD7.tmp c:\windows\SysWow64\tmp3E17.tmp c:\windows\wininit.ini c:\windows\XSxS . . ((((((((((((((((((((((((( Soubory vytvořené od 2013-02-06 do 2013-03-06 ))))))))))))))))))))))))))))))) . . 2013-03-06 12:02 . 2013-03-06 12:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-06 12:02 . 2013-03-06 12:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-03-06 12:02 . 2013-03-06 12:02 -------- d-----w- c:\users\Petr\AppData\Local\temp 2013-03-06 12:02 . 2013-03-06 12:02 -------- d-----w- c:\users\Kuba\AppData\Local\temp 2013-03-06 12:02 . 2013-03-06 12:02 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7B901AB-5082-4345-B743-7732CAD2803E}\offreg.dll 2013-03-06 07:37 . 2013-03-06 07:37 -------- d-----w- c:\program files (x86)\FinalWire 2013-03-05 20:25 . 2013-03-06 07:12 -------- d-----w- c:\program files\trend micro 2013-03-05 20:25 . 2013-03-05 20:25 -------- d-----w- C:\rsit 2013-03-05 06:19 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7B901AB-5082-4345-B743-7732CAD2803E}\mpengine.dll 2013-03-04 16:14 . 2013-03-04 16:21 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-03-04 16:13 . 2013-03-04 16:13 -------- d-----w- c:\users\Petr\AppData\Local\Programs 2013-03-04 14:24 . 2013-03-04 14:24 51496 ----a-w- c:\windows\system32\drivers\stflt.sys 2013-03-04 10:58 . 2013-03-04 11:28 -------- d-----w- c:\programdata\clp 2013-03-04 09:50 . 2013-03-04 09:50 -------- d-----w- c:\program files\Enigma Software Group 2013-03-04 09:49 . 2013-03-04 10:55 -------- d-----w- c:\windows\6B6C4C461B7E4A419E70ACFBB22B1D81.TMP 2013-02-28 09:51 . 2013-03-01 10:09 -------- d-----w- C:\ZC Portál Plus 2013-02-28 07:45 . 2013-02-28 07:54 695675 ----a-w- c:\windows\unins000.exe 2013-02-28 07:45 . 2009-07-28 22:26 7168 ----a-w- c:\windows\system32\kbdru668.dll 2013-02-28 07:45 . 2009-07-28 22:26 6656 ----a-w- c:\windows\SysWow64\kbdru668.dll 2013-02-28 07:45 . 2007-03-14 14:06 6656 ----a-w- c:\windows\SysWow64\kbdur666.dll 2013-02-28 07:45 . 2007-03-14 14:06 6656 ----a-w- c:\windows\system32\kbdur666.dll 2013-02-28 07:45 . 2007-03-14 14:06 7168 ----a-w- c:\windows\system32\kbdru667.dll 2013-02-28 07:45 . 2007-03-14 14:06 6656 ----a-w- c:\windows\SysWow64\kbdru667.dll 2013-02-28 07:45 . 2007-03-14 14:05 7168 ----a-w- c:\windows\system32\kbdru666.dll 2013-02-28 07:45 . 2007-03-14 14:05 6656 ----a-w- c:\windows\SysWow64\kbdru666.dll 2013-02-26 20:48 . 2013-02-26 20:48 -------- d-----w- c:\users\Petr_2\AppData\Roaming\Wargaming.net 2013-02-26 17:55 . 2013-02-26 17:55 -------- d-----w- c:\users\Petr\AppData\Roaming\Wargaming.net 2013-02-26 17:32 . 2013-02-26 17:32 -------- d-----w- C:\Games 2013-02-23 21:15 . 2013-02-23 21:15 -------- d-----w- c:\programdata\Creative Labs 2013-02-19 22:09 . 2013-02-19 22:09 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-19 11:48 . 2013-02-19 11:49 -------- d-----w- c:\program files (x86)\AntiTwin 2013-02-15 17:08 . 2013-02-15 17:08 -------- d-----w- c:\users\Petr_2\AppData\Roaming\dvdcss 2013-02-09 08:29 . 2013-02-09 08:30 -------- d-----w- c:\users\Kuba\AppData\Roaming\NVIDIA 2013-02-08 18:42 . 2013-02-08 18:42 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-02-08 10:13 . 2013-02-08 10:14 -------- d-----w- c:\users\Petr_2\AppData\Local\Temporary Projects 2013-02-08 10:09 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2013-02-08 10:09 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2013-02-08 10:09 . 2009-07-22 08:17 79896 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2013-02-08 10:09 . 2009-07-22 08:17 111640 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2013-02-08 10:08 . 2013-02-08 10:08 -------- d-----w- c:\windows\system32\RsFx 2013-02-08 10:08 . 2013-02-08 10:08 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0 2013-02-08 10:08 . 2013-02-08 10:08 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2013-02-08 10:08 . 2013-02-08 10:08 -------- d-----w- c:\windows\SysWow64\1033 2013-02-08 10:08 . 2013-02-08 10:08 -------- d-----w- c:\windows\system32\1033 2013-02-08 10:08 . 2013-02-08 10:08 -------- d-----w- c:\program files\Microsoft.NET 2013-02-08 10:07 . 2013-02-08 10:08 -------- d-----w- c:\program files\Microsoft SQL Server 2013-02-08 10:05 . 2013-02-08 10:08 -------- d-----w- c:\program files (x86)\Microsoft SQL Server 2013-02-08 10:05 . 2013-02-08 10:05 -------- d-----w- c:\program files\Microsoft Synchronization Services 2013-02-08 10:05 . 2013-02-08 10:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2013-02-08 10:04 . 2013-02-09 12:51 188128 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll 2013-02-08 10:03 . 2013-02-08 10:10 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0 2013-02-08 10:02 . 2013-02-08 10:02 -------- d-----w- c:\windows\symbols 2013-02-08 10:02 . 2013-02-08 10:02 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0 2013-02-08 10:02 . 2013-02-08 10:02 -------- d-----w- c:\program files\Microsoft Help Viewer 2013-02-08 10:02 . 2013-02-08 10:02 -------- d-----w- c:\program files (x86)\Microsoft SDKs 2013-02-08 10:02 . 2013-02-08 10:02 -------- d-----w- c:\windows\PCHEALTH 2013-02-08 09:57 . 2013-02-08 09:57 551424 ----a-w- C:\VS_EXPBSLN_x64_enu.MSI 2013-02-06 11:33 . 2013-02-20 22:06 -------- d-----w- c:\users\Petr_2\AppData\Roaming\ZCPortalPlus 2013-02-05 08:17 . 2013-02-05 08:17 -------- d-----w- c:\users\Petr_2\AppData\Local\Apple . . . (((((((((((((((((((((((((((((((((((((((( Find3M výpis )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-28 15:11 . 2012-04-06 06:52 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-28 15:11 . 2011-09-25 18:06 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-23 21:16 . 2011-10-19 17:13 466520 ----a-w- c:\windows\system32\wrap_oal.dll 2013-02-23 21:16 . 2011-10-19 17:13 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2013-02-23 21:16 . 2011-10-19 17:13 123480 ----a-w- c:\windows\system32\OpenAL32.dll 2013-02-23 21:16 . 2011-10-19 17:13 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2013-02-19 22:09 . 2011-10-11 12:15 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-02-13 23:25 . 2011-09-27 19:22 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-01-17 00:28 . 2011-10-10 06:29 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-04 04:43 . 2013-02-13 05:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-16 17:11 . 2012-12-21 20:23 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-21 20:23 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 20:23 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-21 20:23 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-09 14:59 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-09 14:59 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-09 14:59 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-09 14:59 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-09 14:59 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-09 14:59 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-09 14:59 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-09 14:59 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-09 14:59 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-09 14:59 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-09 14:59 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-09 14:59 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-09 14:59 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-09 14:59 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-09 14:59 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-09 14:59 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-09 14:59 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-09 14:59 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-09 14:59 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-09 14:59 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-09 14:59 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 14:59 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 14:59 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 14:59 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-09 14:59 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 14:59 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-09 14:59 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-09 14:59 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-09 14:59 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-09 14:59 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-09 14:59 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-12-07 10:46 . 2013-01-09 14:59 55296 ----a-w- c:\windows\SysWow64\cero.rs . . (((((((((((((((((((((((((((((((((( Spouštěcí body v registru ))))))))))))))))))))))))))))))))))))))))))))) . . *Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-31 969104] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344] "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1637496] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" [2010-02-18 241789] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "InstallShieldSetup"="c:\progra~2\INSTAL~1\{F5601~1\setup.exe" [2003-11-10 116880] "InstallShieldSetup1"="c:\progra~2\INSTAL~1\{FCCDA~1\setup.exe" [2003-11-10 116880] "InstallShieldSetup2"="c:\progra~2\INSTAL~1\{0A9DA~1\SETUP.EXE" [2003-11-10 116880] . c:\users\Petr_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.0.lnk - c:\program files (x86)\OpenOffice.org 2.0\program\quickstart.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 602SQL 8 FastCGI Client;602SQL 8 FastCGI Client;c:\program files (x86)\Software602\602SQL95\602FSVC8.EXE [x] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768] R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-02-23 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-19 79360] R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2011-10-19 79360] R3 ioFakDrv;ioVirtual Device;c:\windows\system32\DRIVERS\ioFakDrv.sys [x] R3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer;c:\windows\system32\DRIVERS\ioFakMap.sys [2010-12-15 12672] R3 ioTablet;Tablet Minidriver for ioTablet;c:\windows\system32\DRIVERS\ioTablet.sys [x] R3 ioTblMap;Mini Mapper for ioCentre;c:\windows\system32\DRIVERS\ioTblMap.sys [2011-03-03 12680] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-06-18 19032] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-06-18 12384] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-25 1255736] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432] S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-02 2673064] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 bbcap;bb_capture_driver;c:\windows\system32\DRIVERS\bbcap.sys [2012-09-01 4608] S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2010-07-30 1588608] S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384] S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848] S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408] . . --- Ostatní služby/ovladače v paměti --- . *Deregistered* - VBoxDrv *Deregistered* - VBoxUSBMon . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-03-06 02:11 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe . Obsah adresáře 'Naplánované úlohy' . 2013-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 15:11] . 2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-25 12:52] . 2013-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-25 12:52] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-24 9642528] "Creative SB Monitoring Utility"="sbavmon.dll" [2010-07-29 115712] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Doplňkový sken ------- . uStart Page = hxxp://www.google.com uLocal Page = c:\windows\system32\blank.htm mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_m5910&r=17360911c106pe415v155w5721u069 mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_m5910&r=17360911c106pe415v155w5721u069 mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local mSearchAssistant = hxxp://www.google.com IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: LG Air Sync (R-Click) - Save as Mobile Image - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206 IE: LG Air Sync (R-Click) - Save as Mobile Memo - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208 IE: LG Air Sync (R-Click) - Save as Mobile Text file - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210 IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205 IE: LG Air Sync Option - c:\program files (x86)\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209 TCP: DhcpNameServer = 8.8.8.8 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kvfoem71.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p= . - - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-LaunchList - c:\program files (x86)\Pinnacle\Studio 11\LaunchList2.exe Wow6432Node-HKCU-Run-AdobeBridge - (no file) Toolbar-Locked - (no file) HKLM-Run-AutoKMS - c:\windows\AutoKMS.exe HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe . . . --------------------- ZAMKNUTÉ KLÍČE V REGISTRU --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Celkový čas: 2013-03-06 13:11:02 ComboFix-quarantined-files.txt 2013-03-06 12:11 . Před spuštěním: Volných bajtů: 165 944 582 144 Po spuštění: Volných bajtů: 169 856 020 480 . - - End Of File - - 6215EE1E79C380D24338FC14B556CEB7