Re: Internet explorer nezobrazuje Seznam.cz
Napsal: 27 říj 2014 21:53
Log Combofixu:
ComboFix 14-10-27.01 - Babi a deda 27.10.2014 21:38:13.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1691 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\emachines.ico
c:\users\Babi a deda\AppData\Roaming\.#
c:\windows\PFRO.log
c:\windows\usgwmt
c:\windows\usgwmt\BReWErS.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-09-27 to 2014-10-27 )))))))))))))))))))))))))))))))
.
.
2014-10-27 20:48 . 2014-10-27 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:38 . 2014-10-27 20:42 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\offreg.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 09:54 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-10-27 05:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-27 05:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-27 05:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-10-27 05:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-10-27 05:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-10-27 05:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-10-27 05:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-27 05:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-27 05:27 . 2014-10-27 16:35 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-26 08:26 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4086016476-1674983531-1512024179-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-10-27 21:50:57
ComboFix-quarantined-files.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 90 306 523 136
Post-Run: Volných bajtu: 89 983 488 000
.
- - End Of File - - D25DBB820AF0329A555A56EB41B653BC
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-10-27.01 - Babi a deda 27.10.2014 21:38:13.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1691 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\emachines.ico
c:\users\Babi a deda\AppData\Roaming\.#
c:\windows\PFRO.log
c:\windows\usgwmt
c:\windows\usgwmt\BReWErS.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-09-27 to 2014-10-27 )))))))))))))))))))))))))))))))
.
.
2014-10-27 20:48 . 2014-10-27 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:38 . 2014-10-27 20:42 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\offreg.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 09:54 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-10-27 05:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-27 05:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-27 05:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-10-27 05:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-10-27 05:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-10-27 05:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-10-27 05:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-27 05:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-27 05:27 . 2014-10-27 16:35 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-26 08:26 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4086016476-1674983531-1512024179-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-10-27 21:50:57
ComboFix-quarantined-files.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 90 306 523 136
Post-Run: Volných bajtu: 89 983 488 000
.
- - End Of File - - D25DBB820AF0329A555A56EB41B653BC
A36C5E4F47E84449FF07ED3517B43A31
