Re: Prosím o kontrolu logu, trojan? a certifield toolbar
Napsal: 28 led 2013 19:21
Porposí o log ze skenu ComboFix. Najdete ho v c:\combofix.txt. Je třeba se přesvědčit, zda tam něco nezbylo.
ComboFix 13-01-28.02 - Jirka 29.01.2013 1:46.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3037.1930 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\ASPG_icon.ico
c:\windows\IsUn0405.exe
c:\windows\msvcr71.dll
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 01:04 . 2013-01-29 01:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-27 00:21 . 2013-01-27 01:07 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP
2013-01-27 00:19 . 2013-01-27 00:19 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E560EF8D-A1AE-4E8F-92AA-F6E8C9D0FEDE}\offreg.dll
2013-01-27 00:11 . 2013-01-27 00:11 -------- d-----w- c:\users\Jirka\AppData\Roaming\CheckPoint
2013-01-27 00:09 . 2013-01-27 00:09 -------- d-----w- c:\program files\DoNotTrackPlus
2013-01-27 00:09 . 2013-01-27 00:09 -------- d-----w- c:\program files\Check Point Software Technologies LTD
2013-01-27 00:09 . 2013-01-27 00:11 -------- d-----w- c:\program files\CheckPoint
2013-01-27 00:08 . 2013-01-27 00:08 -------- d-----w- c:\programdata\CheckPoint
2013-01-26 20:38 . 2013-01-26 21:30 -------- d-----w- c:\program files\trend micro
2013-01-26 18:59 . 2013-01-26 18:59 -------- d-----w- c:\programdata\Kaspersky Lab
2013-01-26 17:26 . 2013-01-26 17:26 -------- d-----w- c:\program files\Enigma Software Group
2013-01-26 17:24 . 2013-01-26 17:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-01-25 15:58 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E560EF8D-A1AE-4E8F-92AA-F6E8C9D0FEDE}\mpengine.dll
2013-01-20 21:14 . 2013-01-20 21:14 -------- d-----w- c:\users\Jirka\AppData\Roaming\Registry Mechanic
2013-01-20 21:11 . 2013-01-20 21:11 -------- d-----w- c:\users\Jirka\AppData\Roaming\PC Tools Performance Toolkit
2013-01-20 21:02 . 2010-08-26 13:47 44544 ----a-w- c:\windows\system32\msxml4a.dll
2013-01-20 21:02 . 2010-08-20 16:21 127352 ----a-w- c:\windows\system32\drivers\PCTDSMon.sys
2013-01-20 21:02 . 2010-08-20 16:21 107992 ----a-w- c:\windows\system32\drivers\PCTDMDefrag.sys
2013-01-20 21:01 . 2010-08-26 14:43 37344 ----a-w- c:\windows\system32\CleanMFT32.exe
2013-01-20 21:01 . 2008-04-02 14:54 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2013-01-20 21:01 . 2008-04-02 14:53 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2013-01-20 21:01 . 2008-04-02 14:53 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2013-01-20 21:01 . 2004-08-04 06:00 506368 ----a-w- c:\windows\system32\msxml.dll
2013-01-20 21:01 . 2008-09-17 20:17 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-01-20 21:01 . 2013-01-20 21:02 -------- d-----w- c:\program files\Common Files\PC Tools
2013-01-20 21:01 . 2013-01-20 21:10 -------- d-----w- c:\program files\PC Tools Utilities
2013-01-20 21:01 . 2013-01-20 21:01 -------- d-----w- c:\programdata\PC Tools
2013-01-20 20:29 . 2013-01-20 20:29 -------- d-----w- c:\program files\CCleaner
2013-01-16 17:59 . 2013-01-03 06:18 15360 ----a-w- c:\windows\Launcher.exe
2013-01-16 16:18 . 2013-01-16 16:18 -------- d-----w- c:\users\Jirka\AppData\Local\Apple Computer
2013-01-16 16:18 . 2013-01-16 16:18 -------- d-----w- c:\users\Jirka\AppData\Roaming\Apple Computer
2013-01-15 14:12 . 2002-09-03 12:02 72192 ----a-w- c:\windows\unlite3.exe
2013-01-15 14:12 . 2013-01-15 14:12 -------- d-----w- c:\program files\Bradbury
2013-01-15 09:52 . 2013-01-15 09:56 -------- d-----w- c:\program files\EasyPHP-12.1
2013-01-09 09:10 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 09:10 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 09:10 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 09:10 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 09:08 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-05 11:56 . 2013-01-16 18:00 -------- d-----w- c:\users\Jirka\AppData\Local\DownTango
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 23:23 . 2012-04-11 19:56 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-08 23:23 . 2011-05-27 06:11 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:13 . 2012-12-22 07:48 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 07:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 10:49 . 2012-12-13 10:49 454744 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2012-11-14 02:09 . 2012-12-14 05:48 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-14 05:48 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 05:48 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-14 05:48 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 05:48 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-14 05:48 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-13 05:40 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-13 05:41 376832 ----a-w- c:\windows\system32\dpnet.dll
2009-09-10 08:43 . 2009-09-22 09:53 12800 ----a-w- c:\program files\P4G
2009-04-08 09:31 . 2009-04-08 09:31 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
2008-08-11 20:45 . 2008-08-11 20:45 155648 ----a-w- c:\program files\Common Files\MSIactionall.dll
2013-01-16 20:10 . 2013-01-18 23:38 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-09-24 21:02 . 2013-01-18 23:38 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-09-01 233472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 497024]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-11 1474560]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-17 976832]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-26 104416]
"PTAlert"="c:\program files\PC Tools Utilities\Alert.exe" [2010-08-26 1016800]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-23 73832]
.
c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
InternetFax.lnk - c:\program files\InternetFax\pdmon.exe [2012-9-24 3285504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-09-24 21:02 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-09-02 09:26 672632 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-01-23 16:17 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 08:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [x]
R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DMDefragService;Performance Toolkit Disk Defrag Service;c:\program files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [x]
S2 DMRepairService;Performance Toolkit Disk Repair Service;c:\program files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 71960167
*NewlyCreated* - ESGSCANNER
*NewlyCreated* - ISWKL
*NewlyCreated* - VSDATANT
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-27 07:42 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 23:23]
.
2013-01-28 c:\windows\Tasks\PTSchedule.job
- c:\program files\PC Tools Utilities\pt.exe [2013-01-20 14:44]
.
2013-01-29 c:\windows\Tasks\Updater.job
- c:\programdata\WombatUpdater\WombatUpdater.exe [2010-12-30 09:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - /105
TCP: DhcpNameServer = 217.30.64.53 217.30.64.54
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\cs1ylz2x.default-1358369486336\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=0b93bcf1c9fb440684af6213ff4331ee&tu=10G90006J2B000s&sku=&tstsId=&ver=&
FF - ExtSQL: 2013-01-16 22:28; olddefaultimagestyle@dagger2-addons.mozilla.org; c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\cs1ylz2x.default-1358369486336\extensions\olddefaultimagestyle@dagger2-addons.mozilla.org.xpi
FF - ExtSQL: 2013-01-16 22:45; Firefox@365scores.com; c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\cs1ylz2x.default-1358369486336\extensions\Firefox@365scores.com
FF - ExtSQL: 2013-01-27 01:11; ffxtlbr@zonealarm.com; c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\cs1ylz2x.default-1358369486336\extensions\ffxtlbr@zonealarm.com
FF - ExtSQL: 2013-01-27 01:11; donottrack@checkpoint.com; c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\cs1ylz2x.default-1358369486336\extensions\donottrack@checkpoint.com
FF - ExtSQL: 2013-01-27 01:11; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\program files\CheckPoint\ZAForceField\TrustChecker
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=0b93bcf1c9fb440684af6213ff4331ee&tu=10G90006J2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=0b93bcf1c9fb440684af6213ff4331ee&tu=10G90006J2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=base2013&Lan=en&gu=0b93bcf1c9fb440684af6213ff4331ee&tu=10G90006J2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=0b93bcf1c9fb440684af6213ff4331ee&tu=10G90006J2B000s&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 0e6f549600000000000000261881a3a7
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15732
FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16
FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.161:09
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN116564042466440-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ISW - (no file)
SafeBoot-rpcnet
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
AddRemove-SweetIM Bundle by SweetPacks - c:\program files\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(576)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Celkový čas: 2013-01-29 02:09:17
ComboFix-quarantined-files.txt 2013-01-29 01:09
.
Před spuštěním: Volných bajtů: 50 130 608 128
Po spuštění: Volných bajtů: 50 111 459 328
.
- - End Of File - - C83D3E081C4302F7619EC359E791BB79
