ComboFix 14-06-10.01 - Matouskovi 10.06.2014  16:26:29.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.420.1029.18.4030.2491 [GMT 2:00]
Sputn z: c:\users\Matouskovi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\EsterkaP\AppData\Local\288fd6393358f20ff850df97fdd6f5d1\5cd91ef1d926c91.exe
c:\users\EsterkaP\AppData\Local\288fd6393358f20ff850df97fdd6f5d1\7958e7ae468a21c.exe
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\a4c510c21ff52d8.exe
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\b2cf53524eae253.exe
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\libgcc_s_dw2-1.dll
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\libstdc++-6.dll
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\libwinpthread-1.dll
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\mingwm10.dll
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\QtCore4.dll
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\QtNetwork4.dll
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\RegFltrX64.sys
c:\users\Matouskovi\AppData\Local\aa163f7c2795a1efc5ebff5295f40334\RegFltrX86.sys
c:\users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{5DDA2473-FCDF-47EB-9F82-56F8C0E78B82}.xps
c:\users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{76BE3C58-07A9-45F9-A541-A515380B0CDF}.xps
c:\users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7FB190ED-7377-40AE-BC8E-CBE29381BFF5}.xps
c:\users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B09232F6-68A4-4038-913F-66E2DA7298B8}.xps
c:\users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EBB50402-B4E1-4612-8355-735DDA455598}.xps
c:\windows\PFRO.log
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladae/Sluby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RegFltrX64
-------\Service_7958e7ae468a21c.exe
-------\Service_b2cf53524eae253.exe
-------\Service_7958e7ae468a21c.exe
-------\Service_b2cf53524eae253.exe
-------\Service_RegFltrX64
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2014-05-10 do 2014-06-10  )))))))))))))))))))))))))))))))
.
.
2014-06-10 14:30 . 2014-06-10 14:30	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-06-10 14:30 . 2014-06-10 14:30	--------	d-----w-	c:\users\Jindika\AppData\Local\temp
2014-06-10 14:09 . 2014-06-10 13:57	24064	----a-w-	c:\windows\zoek-delete.exe
2014-06-10 14:09 . 2014-06-10 14:33	--------	d-----w-	c:\users\Matouskovi\AppData\Local\Temp
2014-06-10 13:57 . 2014-06-10 14:10	--------	d-----w-	C:\zoek_backup
2014-06-09 20:12 . 2014-06-09 20:23	--------	d-----w-	C:\FRST
2014-06-09 18:10 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{290D3B7B-ACCC-4A59-8255-4D43787045EA}\mpengine.dll
2014-06-07 18:31 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-06 19:01 . 2014-06-06 19:01	--------	d-----w-	c:\users\Matouskovi\AppData\Local\de62af7612640d5cb348a842962ef6e2
2014-06-05 06:37 . 2014-05-02 07:38	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{088E2EFD-CAE4-4F6B-B9CB-C78041D75390}\gapaengine.dll
2014-05-30 19:04 . 2014-05-30 19:04	--------	d-----w-	c:\programdata\SecTaskMan
2014-05-30 19:04 . 2014-05-30 19:04	--------	d-----w-	c:\program files (x86)\Security Task Manager
2014-05-29 15:38 . 2014-06-10 14:30	--------	d-----w-	c:\users\EsterkaP\AppData\Local\288fd6393358f20ff850df97fdd6f5d1
2014-05-22 18:35 . 2014-05-22 18:35	--------	d-----w-	c:\users\EsterkaP\AppData\Roaming\vlc
2014-05-21 14:00 . 2014-05-21 14:00	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-05-21 06:57 . 2014-05-21 06:57	--------	d-----w-	c:\users\Jindika\AppData\Local\LogMeIn
2014-05-19 19:27 . 2014-05-19 19:27	--------	d-sh--w-	c:\users\EsterkaP\AppData\Local\EmieUserList
2014-05-19 19:27 . 2014-05-19 19:27	--------	d-sh--w-	c:\users\EsterkaP\AppData\Local\EmieSiteList
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-01 10:43 . 2012-11-23 10:33	281392	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-06-01 10:43 . 2012-11-22 18:43	281392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-05-31 13:19 . 2012-11-22 18:43	281392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-05-14 16:06 . 2012-11-07 16:15	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 16:06 . 2012-11-07 16:15	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-02 07:38 . 2014-05-02 07:38	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-29 14:01 . 2014-05-03 20:16	23547904	----a-w-	c:\windows\system32\mshtml.dll
2014-04-29 13:40 . 2014-05-03 20:16	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-04-29 12:34 . 2014-05-03 20:16	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-04-21 08:57 . 2014-04-21 08:57	4685824	----a-w-	c:\programdata\ClassicShellSetup64_4_1_0.msi
2014-04-15 19:09 . 2012-11-07 17:20	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-04-14 02:24 . 2014-05-03 20:14	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-04-14 02:19 . 2014-05-03 20:14	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-03-31 07:35 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-20 21:03 . 2012-11-07 16:37	62408	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-20 21:03 . 2012-11-07 16:37	54216	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-20 21:03 . 2013-11-01 14:43	15783992	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-03-20 21:03 . 2013-06-14 16:43	18302384	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-03-20 21:03 . 2014-03-20 21:03	832936	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-03-20 21:03 . 2013-06-14 16:43	947808	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-03-20 21:03 . 2014-03-20 21:03	11589272	----a-w-	c:\windows\system32\nvopencl.dll
2014-03-20 21:03 . 2013-11-01 14:43	9690424	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-03-20 21:02 . 2014-03-20 21:02	31474976	----a-w-	c:\windows\system32\nvoglv64.dll
2014-03-20 21:02 . 2014-03-20 21:02	353504	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-03-20 21:02 . 2014-03-20 21:02	305600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-03-20 21:02 . 2014-03-20 21:02	23716640	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-03-20 21:02 . 2014-03-20 21:02	12708128	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-03-20 21:02 . 2014-03-20 21:02	892704	----a-w-	c:\windows\system32\NvIFR64.dll
2014-03-20 21:02 . 2014-03-20 21:02	863064	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-03-20 21:02 . 2014-03-20 21:02	377688	----a-w-	c:\windows\system32\NvIFROpenGL.dll
2014-03-20 21:02 . 2014-03-20 21:02	333600	----a-w-	c:\windows\SysWow64\NvIFROpenGL.dll
2014-03-20 21:02 . 2014-03-20 21:02	174296	----a-w-	c:\windows\system32\nvinitx.dll
2014-03-20 21:02 . 2014-03-20 21:02	148016	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-03-20 21:02 . 2014-03-20 21:02	877856	----a-w-	c:\windows\system32\NvFBC64.dll
2014-03-20 21:02 . 2014-03-20 21:02	846168	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-03-20 21:02 . 2014-03-20 21:02	484296	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2014-03-20 21:02 . 2014-03-20 21:02	409544	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2014-03-20 21:02 . 2014-03-20 21:02	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2014-03-20 21:02 . 2014-03-20 21:02	197408	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-03-20 21:02 . 2014-03-20 21:02	1885472	----a-w-	c:\windows\system32\nvdispco6433523.dll
2014-03-20 21:02 . 2014-03-20 21:02	1516488	----a-w-	c:\windows\system32\nvdispgenco6433523.dll
2014-03-20 21:02 . 2014-03-20 21:02	1515296	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-03-20 21:02 . 2014-03-20 21:02	3143456	----a-w-	c:\windows\system32\nvcuvid.dll
2014-03-20 21:02 . 2013-11-01 14:43	17755424	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-03-20 21:02 . 2013-06-14 16:43	14709720	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-03-20 21:02 . 2014-03-20 21:02	9728064	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-03-20 21:02 . 2014-03-20 21:02	2958792	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-03-20 21:02 . 2014-03-20 21:02	2783008	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-03-20 21:02 . 2014-03-20 21:02	2411976	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2014-03-20 21:02 . 2014-03-20 21:02	11636176	----a-w-	c:\windows\system32\nvcuda.dll
2014-03-20 21:02 . 2014-03-20 21:02	17561544	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-03-20 21:02 . 2014-03-20 21:02	25255256	----a-w-	c:\windows\system32\nvcompiler.dll
2014-03-20 21:02 . 2013-06-14 16:43	3093280	----a-w-	c:\windows\system32\nvapi64.dll
2014-03-20 21:02 . 2013-06-14 16:43	2715264	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-20 06:52 . 2014-04-15 19:26	10521840	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{788B6AC3-A173-4E97-AE75-821610B5B07E}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-06-29 08:49	594432	----a-w-	c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2014-05-29 1754816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 1314816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 eqnuhafc;eqnuhafc;c:\windows\system32\drivers\eqnuhafc.sys;c:\windows\SYSNATIVE\drivers\eqnuhafc.sys [x]
R1 vspxlbdp;vspxlbdp;c:\windows\system32\drivers\vspxlbdp.sys;c:\windows\SYSNATIVE\drivers\vspxlbdp.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 d11a7098fe97eff.exe;d11a7098fe97eff.exe;c:\users\Matouskovi\AppData\Local\7adb2d282e94c04fb80b2b4806a40862\d11a7098fe97eff.exe;c:\users\Matouskovi\AppData\Local\7adb2d282e94c04fb80b2b4806a40862\d11a7098fe97eff.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola st Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UHSfiltv;UHSfiltv;c:\windows\system32\drivers\UHSfiltv.sys;c:\windows\SYSNATIVE\drivers\UHSfiltv.sys [x]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 RzFilter;RzFilter;c:\windows\system32\drivers\RzFilter.sys;c:\windows\SYSNATIVE\drivers\RzFilter.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AddonControlScript.exe;AddonControlScript.exe;c:\users\Matouskovi\AppData\Local\de62af7612640d5cb348a842962ef6e2\AddonControlScript.exe;c:\users\Matouskovi\AppData\Local\de62af7612640d5cb348a842962ef6e2\AddonControlScript.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 EslWireHelper;ESL Wire Helper Service;c:\program files\EslWire\service\WireHelperSvc.exe;c:\program files\EslWire\service\WireHelperSvc.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 WinRST;WinRST;c:\program files (x86)\WinRST\WinRST.exe;c:\program files (x86)\WinRST\WinRST.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Ostatn sluby/ovladae v pamti ---
.
*NewlyCreated* - REGFLTRX64
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 17:45	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adrese 'Naplnovan lohy'
.
2014-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 16:06]
.
2014-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 17:05]
.
2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 17:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-06-29 08:50	724992	----a-w-	c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2013-06-29 151552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
.
------- Doplkov sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:13558
uInternet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: dell.com
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - d:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-DAEMON Tools Lite - d:\daemon tools lite\uninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-SeznamInstall - c:\users\Matouskovi\AppData\Roaming\Seznam.cz\szninstall.exe
.
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jin sputen procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
c:\users\Matouskovi\AppData\Local\de62af7612640d5cb348a842962ef6e2\FunctionMethodWindows.exe
.
**************************************************************************
.
Celkov as: 2014-06-10  16:35:03 - pota byl restartovn
ComboFix-quarantined-files.txt  2014-06-10 14:35
.
Ped sputnm: Volnch bajt: 42694221824
Po sputn: Volnch bajt: 42700128256
.
- - End Of File - - 0A9CE0A9333EADFC2042E36D24BE1262
A36C5E4F47E84449FF07ED3517B43A31
