ComboFix 11-04-09.01 - Mira 10.04.2011 18:16:34.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4087.2631 [GMT 2:00]
Spuštěný z: c:\users\Mira\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-10 do 2011-04-10 )))))))))))))))))))))))))))))))
.
.
2011-04-10 16:21 . 2011-04-10 16:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-10 12:33 . 2011-04-10 12:33 -------- d-----w- c:\users\Mira\AppData\Local\{78EB2B43-A8BC-456B-9B79-3532162263B9}
2011-04-10 09:31 . 2011-04-10 09:31 -------- d-----w- c:\users\Mira\AppData\Local\{CDC60954-131D-45C8-99D9-6B8B3BA323D3}
2011-04-10 08:48 . 2011-04-10 08:48 -------- d-----w- c:\program files (x86)\Reality Pump
2011-04-09 17:28 . 2011-04-09 17:29 -------- d-----w- c:\users\Mira\AppData\Local\{29D90921-3A17-459F-9984-B81D361FB1E1}
2011-04-09 09:07 . 2011-04-09 09:07 -------- d-----w- c:\users\Mira\AppData\Local\{2DB76EF4-C138-48DA-BA3E-ACAB268F0C3E}
2011-04-08 14:49 . 2011-04-08 14:49 -------- d-----w- c:\program files (x86)\Ubisoft
2011-04-08 14:49 . 2011-04-08 14:49 1 ----a-w- c:\windows\SysWow64\SI.bin
2011-04-08 06:12 . 2011-04-08 06:12 -------- d-----w- c:\users\Mira\AppData\Local\{788570AE-92A2-4A76-8FF1-72211BA540D8}
2011-04-08 05:59 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE69CAE2-F08D-41DC-AF0E-172FFA7117BA}\mpengine.dll
2011-04-07 19:00 . 2011-04-07 19:00 -------- d-----w- c:\users\Mira\AppData\Local\{E89B39BD-18BF-4C75-9068-A02A51DA0C9A}
2011-04-07 16:47 . 2011-04-07 16:47 -------- d-----w- c:\users\Mira\AppData\Local\Diagnostics
2011-04-07 15:03 . 2011-04-07 15:03 -------- d-----w- c:\users\Mira\AppData\Local\4A Games
2011-04-07 06:28 . 2011-04-07 06:28 -------- d-----w- c:\users\Mira\AppData\Local\{FAE4C662-79D7-496E-A2F1-C88CD4FFEA57}
2011-04-06 04:46 . 2011-04-06 04:46 -------- d-----w- c:\users\Mira\AppData\Local\{7A135529-6719-42B6-9078-97BAABD5B58C}
2011-04-05 19:42 . 2011-04-05 19:42 -------- d-----w- c:\users\Mira\AppData\Local\Electronic Arts
2011-04-05 17:38 . 2011-04-05 17:38 -------- d--h--r- c:\users\Mira\AppData\Roaming\SecuROM
2011-04-05 16:29 . 2011-04-05 16:29 -------- d-----w- c:\program files\trend micro
2011-04-05 16:28 . 2011-04-05 16:29 -------- d-----w- C:\rsit
2011-04-05 15:38 . 2011-04-05 15:38 -------- d-----w- c:\program files (x86)\ESET
2011-04-05 07:03 . 2011-04-05 07:03 -------- d-----w- c:\users\Mira\AppData\Local\{6D406405-C063-472A-A483-87366991ACE5}
2011-04-04 18:01 . 2011-04-04 18:01 -------- d-----w- c:\users\Mira\AppData\Local\{414CB867-C31A-4BEE-A6B2-0B659C69AA85}
2011-04-04 17:39 . 2010-09-07 20:08 1308776 ----a-w- c:\windows\system32\nvgenco64.dll
2011-04-04 17:39 . 2010-09-07 20:09 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2011-04-04 17:39 . 2010-09-07 20:08 155752 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2011-04-04 17:37 . 2010-10-19 08:10 1500264 ----a-w- c:\windows\system32\nvdispco642050.dll
2011-04-04 17:37 . 2010-10-19 08:10 1308776 ----a-w- c:\windows\system32\nvgenco642030.dll
2011-04-04 17:37 . 2011-02-23 06:28 7732328 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-04 17:37 . 2011-02-23 06:28 5654120 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-04-04 17:37 . 2010-10-19 08:10 386152 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-04-04 17:37 . 2010-10-19 08:10 319080 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2011-04-04 04:28 . 2011-04-04 04:28 -------- d-----w- c:\users\Mira\AppData\Local\{D1E724D8-AFD8-41E4-9057-AD41BAFDD436}
2011-04-03 18:47 . 2011-04-03 18:47 -------- d-----w- c:\users\Mira\AppData\Local\{20731704-C7AF-4CAA-A6DC-DFE94F825E34}
2011-04-01 13:06 . 2011-04-01 13:06 -------- d-----w- c:\users\Mira\AppData\Local\{DF2B83F5-1B09-4FF8-87E2-68E08D131C6E}
2011-04-01 10:51 . 2011-04-01 10:51 -------- d-----w- c:\users\Mira\AppData\Local\{2F2E95C3-B521-4726-A762-4884CE4505D7}
2011-03-31 15:43 . 2011-03-31 15:44 -------- d-----w- c:\users\Mira\AppData\Local\{0378EBC5-3892-41B0-A869-3AB1F865F281}
2011-03-31 10:07 . 2011-03-31 10:07 -------- d-----w- c:\users\Mira\AppData\Local\{E97B52D9-E78D-40E5-A2A9-1FD5C8CD8D89}
2011-03-30 14:15 . 2011-03-30 14:15 -------- d-----w- c:\users\Mira\AppData\Local\{98BD6D41-8D50-495A-A52B-ACE7CCBD4ED5}
2011-03-29 19:08 . 2011-03-29 19:08 -------- d-----w- c:\users\Mira\AppData\Local\{54E54012-8B77-4C52-A04D-EE7C767843BA}
2011-03-29 05:45 . 2011-03-29 05:45 -------- d-----w- c:\users\Mira\AppData\Local\{741D7ACA-6FB9-4AD6-9E96-1A69C9EA9AD9}
2011-03-28 10:16 . 2011-04-04 08:00 -------- d-----w- c:\users\Mira\AppData\Roaming\dvdcss
2011-03-28 06:52 . 2011-03-28 06:52 -------- d-----w- c:\users\Mira\AppData\Local\{F783EAF6-139F-497B-AE72-23BBAACE2E57}
2011-03-26 07:53 . 2011-03-26 07:53 -------- d-----w- c:\users\Mira\AppData\Local\{2A9A501C-99EF-4133-B316-BF5B5B754B67}
2011-03-25 19:53 . 2011-03-25 19:53 -------- d-----w- c:\users\Mira\AppData\Local\{CFA7D8F7-FCBE-4E98-A086-DA4DFDD27CB0}
2011-03-25 07:52 . 2011-03-25 07:53 -------- d-----w- c:\users\Mira\AppData\Local\{077A6168-9ECC-41FC-A316-B01EC1278EB2}
2011-03-24 20:15 . 2011-04-05 19:42 -------- d-----w- c:\programdata\Electronic Arts
2011-03-24 20:15 . 2011-03-24 20:15 -------- d-----w- c:\programdata\EA Core
2011-03-24 19:16 . 2011-04-05 20:23 -------- d-----w- c:\programdata\Solidshield
2011-03-24 07:24 . 2011-03-24 19:24 -------- d-----w- c:\users\Mira\AppData\Local\{1D003163-23B2-4202-81E0-F34A2A0E85FE}
2011-03-23 18:30 . 2011-03-23 18:30 -------- d-----w- c:\users\Mira\AppData\Local\{3F78F886-E98C-4A77-9717-7771DC73F029}
2011-03-23 06:29 . 2011-03-23 06:30 -------- d-----w- c:\users\Mira\AppData\Local\{8C938E6C-66BF-49D9-8A12-3E61E03FEB87}
2011-03-22 19:38 . 2011-03-22 19:38 -------- d-----w- c:\users\Mira\AppData\Local\Apps
2011-03-22 17:58 . 2011-03-22 17:57 73728 ---ha-w- c:\windows\SysWow64\psProxy.dll
2011-03-22 17:58 . 2011-03-22 17:57 380928 ---ha-w- c:\windows\SysWow64\pSOAP32.dll
2011-03-22 17:58 . 2011-03-22 17:57 188416 ---ha-w- c:\windows\SysWow64\pocketHTTP.dll
2011-03-22 17:58 . 2011-03-22 17:57 110676 ---ha-w- c:\windows\SysWow64\psDime.dll
2011-03-22 17:58 . 2011-03-22 17:57 266240 ---ha-w- c:\windows\SysWow64\EncryptedFolder.dll
2011-03-22 17:58 . 2011-03-22 19:38 -------- d-----w- c:\program files (x86)\FILERECOVERY-PRO
2011-03-22 17:44 . 2011-03-22 17:44 -------- d-----w- c:\users\Mira\AppData\Local\{56F710D3-2856-4008-8F31-491FD5D7E943}
2011-03-22 17:25 . 2011-03-22 17:25 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-22 17:25 . 2011-03-22 17:25 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-03-22 17:25 . 2011-03-22 17:25 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-22 17:24 . 2011-03-22 17:25 728024 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-22 17:24 . 2011-03-22 17:24 1975768 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-22 17:24 . 2011-03-22 17:24 1893336 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-22 17:24 . 2011-03-22 17:24 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-03-22 17:24 . 2011-03-22 17:24 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-22 05:43 . 2011-03-22 05:43 -------- d-----w- c:\users\Mira\AppData\Local\{6F0D5A97-A79C-4A69-8590-EB609E0AE0F7}
2011-03-21 18:12 . 2011-03-21 18:12 -------- d-----w- c:\windows\Sun
2011-03-21 18:12 . 2011-03-21 18:12 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-21 18:11 . 2011-03-21 18:11 -------- d-----w- c:\programdata\McAfee
2011-03-21 15:38 . 2011-03-21 15:38 -------- d-----w- c:\users\Mira\AppData\Local\{4A5F9FDC-7830-46D5-87A9-015360993906}
2011-03-20 21:06 . 2011-03-20 21:06 -------- d-----w- c:\users\Mira\AppData\Local\{F6EDA7B3-63EF-4791-85FF-DCCD81BB2AF1}
2011-03-20 08:17 . 2011-03-20 08:17 -------- d-----w- c:\users\Mira\AppData\Local\{AFCE8280-21E4-44F7-8679-3DF5E0765A26}
2011-03-19 18:20 . 2011-03-19 18:20 -------- d-----w- c:\users\Mira\AppData\Local\{E1FE9E42-13D5-47BE-91C9-7D268A3453AE}
2011-03-19 06:19 . 2011-03-19 06:19 -------- d-----w- c:\users\Mira\AppData\Local\{62BBC766-2DA9-4786-B30E-DA831266B642}
2011-03-18 15:41 . 2011-03-18 15:41 -------- d-----w- c:\users\Mira\AppData\Local\{C99C4AB5-C04A-494D-A69B-2816FDB00429}
2011-03-17 17:28 . 2011-03-17 17:28 -------- d-----w- c:\users\Mira\AppData\Local\{A9717C32-97C4-4242-A3D9-EA87041262B9}
2011-03-17 06:30 . 2011-03-17 06:30 -------- d-----w- c:\program files (x86)\Microsoft
2011-03-17 05:28 . 2011-03-17 05:28 -------- d-----w- c:\users\Mira\AppData\Local\{7DD6F6F3-A050-48AE-876C-00D64C9C5032}
2011-03-16 14:46 . 2011-03-16 14:46 -------- d-----w- c:\users\Mira\AppData\Local\{0119BF38-A1B3-4B56-A687-D31184C7E19A}
2011-03-15 19:54 . 2011-03-15 19:54 -------- d-----w- c:\users\Mira\AppData\Local\{48001449-6ABC-4ADD-B0EB-059099A575BB}
2011-03-15 07:54 . 2011-03-15 07:54 -------- d-----w- c:\users\Mira\AppData\Local\{4E26E13C-2BBD-46C7-A841-5A1F9490284C}
2011-03-14 19:53 . 2011-03-14 19:53 -------- d-----w- c:\users\Mira\AppData\Local\{80303BA6-61B1-4024-99AB-7BF43CE3920A}
2011-03-14 07:53 . 2011-03-14 07:53 -------- d-----w- c:\users\Mira\AppData\Local\{D157EBE9-62DB-4A4E-9907-A9D38D568700}
2011-03-13 19:52 . 2011-03-13 19:53 -------- d-----w- c:\users\Mira\AppData\Local\{FD3378AA-E0F5-47FC-95A5-99056AF723CE}
2011-03-13 07:52 . 2011-03-13 07:52 -------- d-----w- c:\users\Mira\AppData\Local\{5A58E43D-0BB7-447D-A47E-90C04489D887}
2011-03-12 07:31 . 2011-03-12 19:31 -------- d-----w- c:\users\Mira\AppData\Local\{ECD866BB-41D2-4146-B3A9-ABAC95B1D862}
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 05:30 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-23 06:28 . 2011-02-23 06:28 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-23 06:28 . 2011-02-23 06:28 6606440 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-23 06:28 . 2011-02-23 06:28 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-02-23 06:28 . 2011-02-23 06:28 3112040 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-23 06:28 . 2011-02-23 06:28 2895976 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-02-23 06:28 . 2011-02-23 06:28 2479720 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-23 06:28 . 2011-02-23 06:28 2251368 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-02-23 06:28 . 2011-02-23 06:28 20473960 ----a-w- c:\windows\system32\nvoglv64.dll
2011-02-23 06:28 . 2011-02-23 06:28 18580072 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-23 06:28 . 2011-02-23 06:28 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-02-23 06:28 . 2011-02-23 06:28 15047272 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-02-23 06:28 . 2011-02-23 06:28 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-02-23 06:28 . 2011-02-23 06:28 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-02-23 06:28 . 2011-02-23 06:28 12962792 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-23 06:28 . 2011-02-23 06:28 12862568 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-02-23 06:28 . 2011-02-23 06:28 10079336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-02-23 06:28 . 2010-12-11 14:41 4942952 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-02-23 06:28 . 2010-12-11 14:41 2200680 ----a-w- c:\windows\system32\nvapi64.dll
2011-02-23 06:28 . 2010-12-11 14:41 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-02-19 06:37 . 2011-03-09 05:34 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 05:34 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 05:34 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 05:34 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 05:34 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-02 20:40 . 2010-12-14 18:47 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 17:11 . 2010-12-11 14:47 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-26 06:53 . 2011-02-09 07:05 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-09 07:05 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-09 07:05 144384 ----a-w- c:\windows\system32\cdd.dll
2011-01-21 05:36 . 2011-01-21 05:36 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-01-21 05:36 . 2011-01-21 05:36 413800 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-01-17 06:17 . 2011-03-09 05:34 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-17 05:38 . 2011-03-09 05:34 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-12-11 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"EADM"="c:\program files (x86)\Electronic Arts\EADM\EADMUI.exe" [2011-04-03 11857920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2010-11-11 64112]
"boincmgr"="c:\program files (x86)\BOINC\boincmgr.exe" [2010-09-23 4543232]
"boinctray"="c:\program files (x86)\BOINC\boinctray.exe" [2010-09-23 58112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-11 1038088]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-18 369256]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-11-11 539248]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-11-18 2919168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
FF - ProfilePath - c:\users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\138euzqz.default\
FF - prefs.js: browser.search.defaulturl - http://www.seznam.cz
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-04-10 18:23:13
ComboFix-quarantined-files.txt 2011-04-10 16:23
.
Před spuštěním: Volných bajtů: 501 386 452 992
Po spuštění: Volných bajtů: 514 164 191 232
.
- - End Of File - - 5AC572316F81A4D63FA665131A04AAF9
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Combofix Log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Combofix Log
omlouvám se, můžete prosím smazat?
Re: Combofix Log
Jasně, moderátoři se o to postarají, tady prosím o lock 
a dej to kam to patří
a dej to kam to patří
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Přispějete na provoz fóra?