ComboFix 13-11-04.01 - Petr Neuwirth 05.11.2013  20:31:46.4.2 - x64 NETWORK
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.420.1029.18.8191.7263 [GMT 1:00]
Sputn z: c:\users\Petr Neuwirth\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvoen nov Bod Obnoven
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2013-10-05 do 2013-11-05  )))))))))))))))))))))))))))))))
.
.
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\UpdatusUser.Intel\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\Mamka\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\Mamka.Intel\AppData\Local\temp
2013-11-05 19:37 . 2013-11-05 19:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-05 13:42 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A6E622F6-B018-4C04-804C-A188BCD4BFB3}\mpengine.dll
2013-11-05 13:31 . 2013-11-05 13:31	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Roaming\AVAST Software
2013-11-05 13:28 . 2013-11-05 13:28	92544	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-11-05 13:28 . 2013-11-05 13:28	84328	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-11-05 13:28 . 2013-11-05 13:28	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-11-05 13:28 . 2013-11-05 13:28	65264	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-11-05 13:28 . 2013-11-05 13:28	409832	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-11-05 13:28 . 2013-11-05 13:28	38984	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-11-05 13:28 . 2013-11-05 13:28	205320	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-11-05 13:28 . 2013-11-05 13:28	1032416	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-11-05 13:28 . 2013-11-05 13:28	43152	----a-w-	c:\windows\avastSS.scr
2013-11-05 10:13 . 2013-11-05 13:12	--------	d-----w-	c:\programdata\Avira
2013-11-05 09:52 . 2013-11-05 09:52	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Local\ElevatedDiagnostics
2013-11-04 11:50 . 2013-11-04 11:50	--------	d-----w-	C:\FRST
2013-11-04 09:35 . 2013-11-04 09:35	--------	d-----w-	C:\rsit
2013-11-01 14:12 . 2013-11-01 14:12	--------	d-----w-	c:\programdata\DAEMON Tools Pro
2013-10-31 18:05 . 2013-10-31 18:05	--------	d-----w-	c:\users\Mamka.Intel\AppData\Roaming\Seznam.cz
2013-10-31 02:00 . 2013-10-31 02:00	--------	d-sh--w-	c:\users\Petr Neuwirth\AppData\Roaming\msnmsg
2013-10-31 01:42 . 2013-10-31 01:42	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Local\Application Data
2013-10-31 01:42 . 2013-10-31 01:42	--------	d-----w-	c:\program files (x86)\Seznam.cz
2013-10-31 01:41 . 2013-10-31 04:48	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Roaming\DAEMON Tools Lite
2013-10-31 01:38 . 2010-11-21 03:24	1169224	----a-w-	c:\users\Petr Neuwirth\AppData\Roaming\2OFLHMVLPK.exe
2013-10-24 17:37 . 2013-10-24 17:37	--------	d-----w-	c:\users\Mamka.Intel\AppData\Roaming\WTablet
2013-10-24 17:37 . 2013-10-24 17:37	--------	d-----w-	c:\users\Mamka.Intel\AppData\Roaming\Wacom
2013-10-24 14:12 . 2013-10-24 14:12	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Local\Evernote
2013-10-24 14:05 . 2013-10-24 14:05	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Roaming\com.livebrush
2013-10-24 12:33 . 2013-10-24 12:33	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Roaming\com.gugga.radiomini
2013-10-24 12:11 . 2013-10-24 12:11	--------	d-----w-	c:\users\Petr Neuwirth\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2013-10-24 12:10 . 2013-10-24 12:11	--------	d-----w-	c:\programdata\Wacom
2013-10-24 12:10 . 2013-10-24 12:10	--------	d-----w-	c:\program files (x86)\Bamboo Dock
2013-10-24 12:00 . 2013-11-05 09:55	--------	d-----w-	c:\users\Guest
2013-10-24 12:00 . 2013-11-05 09:55	--------	d-----w-	c:\users\Martina!
2013-10-09 15:54 . 2013-07-04 12:50	633856	----a-w-	c:\windows\system32\comctl32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-05 13:28 . 2013-07-27 10:15	334648	----a-w-	c:\windows\system32\aswBoot.exe
2013-10-28 22:27 . 2012-05-30 21:35	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-28 22:27 . 2012-05-30 21:35	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 19:56 . 2012-05-30 21:54	80541720	----a-w-	c:\windows\system32\MRT.exe
2013-09-15 16:03 . 2013-09-15 15:59	528398	----a-w-	c:\windows\inf\MSASGui.exe
2013-09-12 08:58 . 2001-12-31 23:09	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-09-12 08:58 . 2001-12-31 23:09	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-09-12 08:58 . 2001-12-31 23:08	9281032	----a-w-	c:\windows\system32\nvcuda.dll
2013-09-12 08:58 . 2001-12-31 23:08	7720576	----a-w-	c:\windows\SysWow64\nvcuda.dll
2013-09-12 08:58 . 2001-12-31 23:08	7648000	----a-w-	c:\windows\system32\nvopencl.dll
2013-09-12 08:58 . 2001-12-31 23:08	681760	----a-w-	c:\windows\system32\NvFBC64.dll
2013-09-12 08:58 . 2001-12-31 23:08	6329552	----a-w-	c:\windows\SysWow64\nvopencl.dll
2013-09-12 08:58 . 2001-12-31 23:08	603424	----a-w-	c:\windows\system32\NvIFR64.dll
2013-09-12 08:58 . 2001-12-31 23:08	586016	----a-w-	c:\windows\SysWow64\NvFBC.dll
2013-09-12 08:58 . 2001-12-31 23:08	515360	----a-w-	c:\windows\SysWow64\NvIFR.dll
2013-09-12 08:58 . 2001-12-31 23:08	2986672	----a-w-	c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2001-12-31 23:08	2970400	----a-w-	c:\windows\system32\nvcuvid.dll
2013-09-12 08:58 . 2001-12-31 23:08	29337376	----a-w-	c:\windows\system32\nvoglv64.dll
2013-09-12 08:58 . 2001-12-31 23:08	2789152	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2013-09-12 08:58 . 2001-12-31 23:08	2630304	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-09-12 08:58 . 2001-12-31 23:08	25256224	----a-w-	c:\windows\system32\nvcompiler.dll
2013-09-12 08:58 . 2001-12-31 23:08	2367264	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-09-12 08:58 . 2001-12-31 23:08	22102304	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2013-09-12 08:58 . 2001-12-31 23:08	2007328	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2013-09-12 08:58 . 2001-12-31 23:08	1884448	----a-w-	c:\windows\system32\nvdispco6432723.dll
2013-09-12 08:58 . 2001-12-31 23:08	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2013-09-12 08:58 . 2001-12-31 23:08	15901448	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-09-12 08:58 . 2001-12-31 23:08	15703688	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-09-12 08:58 . 2001-12-31 23:08	1511712	----a-w-	c:\windows\system32\nvdispgenco6432723.dll
2013-09-12 08:58 . 2001-12-31 23:08	13628208	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-09-12 08:58 . 2001-12-31 23:08	12947360	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-09-12 08:58 . 2001-12-31 23:08	11274528	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-09-12 07:25 . 2001-12-31 23:09	6599968	----a-w-	c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2001-12-31 23:09	3452192	----a-w-	c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2001-12-31 23:09	920864	----a-w-	c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2001-12-31 23:09	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2001-12-31 23:09	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-09-12 07:25 . 2001-12-31 23:09	219424	----a-w-	c:\windows\system32\nvmctray.dll
2013-09-12 00:17 . 2013-09-12 00:17	571168	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-09-03 12:35 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-20 13:33 . 2001-12-31 23:08	39200	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2013-08-20 13:32 . 2001-12-31 23:08	29984	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-08-20 13:32 . 2001-12-31 23:08	28448	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2013-08-19 13:45 . 2013-08-19 13:46	720896	----a-w-	c:\windows\iun6002.exe
2007-06-12 13:52 . 2012-06-09 19:23	1011712	----a-w-	c:\program files (x86)\Eizo-test9.exe
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Petr Neuwirth\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Petr Neuwirth\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-05 3568312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CtxfiReg"="CTXFIREG.exe" [2010-07-07 47104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
R3 ALSysIO;ALSysIO;c:\users\PETRNE~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\PETRNE~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-19 15:35	1185744	----a-w-	c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adrese 'Naplnovan lohy'
.
2013-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 22:27]
.
2013-11-05 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-05 13:28]
.
2013-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-28 18:10]
.
2013-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-28 18:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-05 13:28	326944	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Doplkov sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = 
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Pevst cl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Pevst do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pipojit cl vazby k existujcmu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Pipojit k existujcmu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Petr Neuwirth\AppData\Roaming\Mozilla\Firefox\Profiles\0lsw7byp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-11-02 15:35; {7b1bf0b6-a1b9-42b0-b75d-252036438bdc}; c:\users\Petr Neuwirth\AppData\Roaming\Mozilla\Firefox\Profiles\0lsw7byp.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
FF - ExtSQL: 2013-11-05 14:28; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -
.
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-945535167-3234285550-3253582659-1000\Software\SecuROM\License information*]
"datasecu"=hex:54,55,d6,13,50,66,f4,8f,fe,5b,ca,19,b6,b7,ef,4c,cb,0d,b9,ae,b7,
   6f,56,af,2d,e9,68,0b,5b,69,59,67,1f,5d,26,45,6b,68,f3,14,67,42,70,9d,99,8d,\
"rkeysecu"=hex:dd,a0,b0,e6,c1,a9,b8,9f,5f,b4,2a,d5,5b,25,e6,b8
.
[HKEY_USERS\S-1-5-21-945535167-3234285550-3253582659-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\c:\Program Files (x86)\Battlefield3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-945535167-3234285550-3253582659-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\c:\Program Files (x86)\Battlefield3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"2011-10-10T16:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi:"2011-10-10T16:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi:"2011-10-10T16:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-945535167-3234285550-3253582659-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\program files (x86)\Battlefield3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T16:42\00\00"
"qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_USERS\S-1-5-21-945535167-3234285550-3253582659-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\program files (x86)\Battlefield3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkov as: 2013-11-05  20:41:56
ComboFix-quarantined-files.txt  2013-11-05 19:41
ComboFix2.txt  2013-11-02 09:13
.
Ped sputnm: Volnch bajt: 358315560960
Po sputn: Volnch bajt: 358215892992
.
- - End Of File - - 634AD892DB142A72BB655DB679C1153C
