ComboFix 12-07-16.01 - davsa 17.07.2012 23:00:00.5.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2758 [GMT 2:00]
Spuštěný z: c:\users\davsa\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\davsa\Desktop\CFScript.txt
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\davsa\AppData\Local\ToolwizCareFree
c:\users\davsa\AppData\Local\ToolwizCareFree\CookiesExclusion.ini
c:\users\davsa\AppData\Local\ToolwizCareFree\RegCleanBackup\41104,9580985764.reg
c:\users\davsa\AppData\Local\ToolwizCareFree\RegistryBackup\41104,9566429282.regzip
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-17 do 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-17 21:11 . 2012-07-17 21:11 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-17 21:11 . 2012-07-17 21:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-15 19:59 . 2012-07-15 19:59 -------- d-----w- C:\Temp
2012-07-15 13:00 . 2012-07-15 13:01 -------- d-----w- C:\rsit
2012-07-15 11:34 . 2012-07-15 18:36 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-07-15 11:34 . 2012-07-15 18:38 -------- d-----w- c:\program files\Symantec
2012-07-15 11:34 . 2012-07-15 11:34 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-07-15 11:33 . 2012-07-15 19:12 -------- d-----w- c:\windows\system32\drivers\NISx64
2012-07-15 11:33 . 2012-07-15 11:33 -------- d-----w- c:\program files (x86)\Norton Internet Security
2012-07-15 11:33 . 2012-07-15 11:33 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-07-14 22:43 . 2012-07-14 22:43 -------- d-----w- c:\users\davsa\DoctorWeb
2012-07-14 21:51 . 2012-07-14 21:51 -------- d-----w- c:\programdata\Simply Super Software
2012-07-14 20:20 . 2012-07-14 20:20 -------- d-----w- c:\program files (x86)\HD Tune
2012-07-13 20:16 . 2012-07-13 20:16 -------- d-----w- c:\users\davsa\AppData\Roaming\QuickScan
2012-07-13 19:36 . 2012-07-14 22:38 -------- d-----w- c:\users\davsa\AppData\Local\NPE
2012-07-13 18:31 . 2011-12-14 10:47 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-07-13 18:31 . 2011-12-14 10:46 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-07-13 18:31 . 2011-12-14 10:46 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-07-13 18:31 . 2012-07-13 18:31 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2012-07-13 16:44 . 2012-07-13 16:44 572928 ----a-w- c:\windows\SysWow64\msvcp90.dll
2012-07-13 16:44 . 2012-07-13 16:44 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll
2012-07-11 20:19 . 2012-07-11 20:19 -------- d-----w- c:\program files\Compiled Driver Disk (Android)
2012-07-11 14:22 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 13:34 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 13:34 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 13:34 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 13:34 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 13:34 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 13:34 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-10 21:08 . 2012-07-13 19:04 -------- d-----w- c:\users\davsa\AppData\Local\Htc
2012-07-10 21:08 . 2012-07-10 21:08 -------- d-----w- c:\users\davsa\AppData\Roaming\HTC
2012-07-10 21:06 . 2012-07-10 21:06 -------- d-----w- c:\program files (x86)\Spirent Communications
2012-07-08 19:42 . 2012-07-08 19:42 -------- d-----w- c:\users\davsa\AppData\Roaming\Subversion
2012-07-07 22:02 . 2012-07-07 22:02 -------- d-----w- c:\program files (x86)\COMPELSON Labs
2012-07-03 20:43 . 2012-07-10 21:07 -------- d-----w- c:\program files (x86)\HTC
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-23 17:48 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-23 17:48 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-23 17:48 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-23 17:48 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-23 17:48 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-23 17:48 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-23 17:48 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-23 17:48 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-23 17:48 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 20:57 . 2012-06-19 20:57 -------- d-----w- c:\program files (x86)\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-05 20:23 . 2012-04-01 13:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-05 20:23 . 2011-11-16 23:16 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-03 11:46 . 2011-12-28 23:20 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 05:45 . 2012-07-11 13:33 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-11 13:33 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-15 04:01 . 2012-06-13 17:46 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:03 . 2012-06-13 17:46 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-05 22:11 . 2011-12-04 20:39 82816 ----a-w- c:\users\davsa\AppData\Roaming\pcouffin.sys
2012-05-04 18:44 . 2012-04-01 13:44 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 17:29 . 2012-01-16 19:23 772504 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-04 17:29 . 2012-01-16 19:23 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-13 17:46 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 17:46 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 17:46 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 17:46 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 05:32 . 2012-06-13 17:46 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-04-28 03:55 . 2012-06-13 17:46 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 17:46 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 17:46 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 17:46 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 17:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 17:46 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 17:46 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 17:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 17:46 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 17:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-20 03:45 . 2012-06-13 17:46 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-20 03:16 . 2012-06-13 17:46 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-16_21.10.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-11-16 21:31 . 2012-07-15 16:48 36994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2011-11-16 21:31 . 2012-07-17 17:32 36994 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-17 17:32 49228 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-07-16 16:26 49228 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-11-16 21:31 . 2012-07-17 17:32 18000 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2845817104-3085971459-2673415368-1001_UserData.bin
- 2011-11-16 21:26 . 2012-07-16 17:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-16 21:26 . 2012-07-17 17:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-16 21:26 . 2012-07-16 17:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-16 21:26 . 2012-07-17 17:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-17 17:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-16 17:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-11-16 21:32 . 2012-07-16 20:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-16 21:32 . 2012-07-17 20:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-16 21:32 . 2012-07-16 20:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-16 21:32 . 2012-07-17 20:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-07-16 21:09 . 2012-07-16 21:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-17 21:13 . 2012-07-17 21:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-17 21:13 . 2012-07-17 21:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-16 21:09 . 2012-07-16 21:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-07-14 22:16 616032 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-17 17:35 616032 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2012-07-17 17:35 631276 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2012-07-14 22:16 631276 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-07-17 17:35 106412 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-14 22:16 106412 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2012-07-14 22:16 121930 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2012-07-17 17:35 121930 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-07-16 21:07 381400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-17 21:11 381400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-16 22:10 . 2012-07-17 21:11 46970268 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2845817104-3085971459-2673415368-1001-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"NeXuS"="c:\program files (x86)\Winstep\Nexus.exe" [2012-03-28 16957056]
.
c:\users\davsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2011-11-17 2430464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files (x86)\AMD AVT\bin\kdbsync.exe" aml
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/17 00:11]; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ntk_PowerDVD;ntk_PowerDVD; [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 CisUtMonitor;CisUtMonitor;c:\windows\system32\DRIVERS\CisUtMonitor.sys [2011-10-30 33360]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2012-01-22 82816]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-17 1255736]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-08 361984]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [2011-02-09 181040]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [2011-07-25 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [2012-03-29 1092728]
S0 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys [2010-02-11 15000]
S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys [2010-02-11 26776]
S1 AmgHips;AmgHips;c:\windows\System32\Drivers\AmgHips.sys [2011-11-17 31008]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-07-10 1161376]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [2011-11-29 167048]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120713.001\IDSvia64.sys [2012-07-13 509088]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [2012-03-29 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [2012-03-29 405624]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [2012-03-27 138232]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2010-11-15 15672]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-07-15 138912]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
.
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\downloads\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\downloads\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\downloads\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\downloads\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\downloads\TRANSLAT12\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\davsa\AppData\Roaming\Mozilla\Firefox\Profiles\uno0wfna.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2845817104-3085971459-2673415368-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{237BA8BE-A3F6-351C-058C-FFD0558D145C}*]
"jagfjagjggilngcldhlg"=hex:62,61,61,6c,00,00
"iagefmlljngbdpghdc"=hex:6b,61,64,6c,69,67,68,6a,62,67,66,61,6a,6f,6c,70,6d,61,
61,67,62,6a,00,00
"jagfjagjggilngcldhhh"=hex:62,61,6e,6b,00,00
"hamdpfdgbgpaailm"=hex:6b,61,64,6c,69,67,68,6a,67,67,64,64,62,61,6b,69,69,67,
6e,6b,69,65,00,00
.
[HKEY_USERS\S-1-5-21-2845817104-3085971459-2673415368-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{30A408AD-8C93-D2F9-DF57-CBFCCB661BDA}*]
"jaaapfbolnonjahdmfhj"=hex:62,61,6e,6e,00,00
"jaaapfbolnonjahdmfdi"=hex:62,61,6b,6e,00,00
"iaabfhmeeeeniaolbe"=hex:6b,61,6c,6e,67,68,70,70,67,6f,6e,64,65,63,66,6c,63,6e,
66,66,65,69,00,00
"hagajefklkbnooii"=hex:6b,61,6c,6e,67,68,70,70,6b,6d,6d,6e,6a,6e,6e,6f,6b,64,
6a,6a,6d,6a,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="E904D751BB1CE3C5561DCA411BD49871496B4E307B56114287F3E37F0A3A33741310D44794C03ECE9CA6163601F06DA57AAF35B35601BCA9BF0A61D8CEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14075D575E7D6A3B98089DB7CE019D40AA5CDAC67058A2E4FA11B866124C9324A9ECF5C347BDB07B066EFD175D4C11CEE6804AC6B328A3CA64164D9A13A2875DD2BF3108C54D2AD28953600E8CA7C1EF7DA06420E25B112AA5B7931C060F77663BC48B5A5DC1DA4D386EFDC5A83ADAAEB7524D050085CF701B08FB382305279503BBE1C09D8F85CB9750C19B331AB79421171ECE24FC7BEE72196A61393E0FA31DE8866429701D0FFE0E8A94C422EB8A96F66178FBDD61D82E823A2AA8B4592ED115C015B5E0CBBE1C422BD487703DE14AFA18A3C687054725DFB64E67AA66363D8DC8C28CA3EBE2EF89EB2A3CE6A24C41B3B491DA9B9D3683D121A77EA3C922CEA2CD038DBC0FEB4F86868035ABCB63D5B121AB1E031585467B2F390A67C93BCAA87092ABF4792B63DDA9EDD8A91AA1378DB97E0E6709FAC00489A73C02E2ADC8F848CBEA59A4D727BAF8A7A38DA2E5E461CBB73B394D3E9A18CC3B5BC3C40CB3EF5F33E5BBBB0D6DC90C88A4C92FF3B44B9D2EC92BE75B4E668A603FC0D2CBCBED32ECCC329FC6D9BC6E8FFE95BCF2526E67D770B393432923C629565124C425D634C4DF14E5E965C89CDFEA6A7C6EB97053507E0EBE4AD085FC4A211205B62815CAA7F67F56BA5D290C403186D5D5BE7D03D8513A0BA839C9979CB462F4C08F94D0277B56ECE5E019A29BB3EB60FC054489D45E7BCFFA2EAFF89DBAE6266AEA451379EABB5B78675D3B8064E06B1A067570CBAD5898424F7A756C7087029B9E1D54F6591A856437B82622CBEFF5C912C832E95C1C22618D7156CE2770A1A26293CAA1EC1E83806EF525D704E6B80CC8793FFE99555F2132E0592EC391583042261F97DD3AA187FDE2709CBBD79A422246FAFE2A58F7AF55182E97C01FA5D81ED5F09F7C22621829D1B00E3818BA3665703F02E6BBC51BE76AFABA2A124318A8A552242ACF78340B1787F04FC46910B14056C4BBDA5659ABB0D86EA1259C4BEA9E48B2DDFECD428E0D872A6CB72CE277FE01A4A854EDC1B646D3A85CD9D0B1BFCE4D7D20337D8CF49036C68E173D9EFE7C73A7418B0291F5896D892374B2F1D746CE5B113058C2538410F2CAC60B9DDF0BD5F5AF273D69A55E9B4F55FB4B953619304463FEE2F4924D8484C570361A09014459AE947ECB5AAEC5E0613DD5893260C657DB6CD61B6ED5F370BC041333BB38CC440F8058A37AE2C9C6CEC741A0F739DBD5548A9F8F788B38D27EB22DEC0E12F5C7345E103CC06DF8ACB570318E8942AE263D"
.
Celkový čas: 2012-07-17 23:27:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-17 21:27
ComboFix2.txt 2012-07-16 21:22
.
Před spuštěním: Volných bajtů: 86 942 650 368
Po spuštění: Volných bajtů: 86 727 077 888
.
- - End Of File - - 9CB25A3670CC37181DE53E64BEC3C043
Přispějete na provoz fóra?