Prosím poraďte,.problémy s pc
Napsal: 13 led 2012 22:21
Prosím o radu,
ComboFix 12-01-13.03 - spravce 13.01.2012 21:40:36.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3997.2797 [GMT 1:00]
Spuštěný z: c:\users\spravce\Documents\spravce\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 4
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Přístup byl odepřen.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\spravce\100001112794354
c:\users\spravce\100001112794354\html\album-Danar 010.html
c:\users\spravce\100001112794354\html\album-Italy 2011.html
c:\users\spravce\100001112794354\html\album-P+ívek 010.html
c:\users\spravce\100001112794354\html\album-Profile Pictures.html
c:\users\spravce\100001112794354\html\album-Wall Photos.html
c:\users\spravce\100001112794354\html\events.html
c:\users\spravce\100001112794354\html\friends.html
c:\users\spravce\100001112794354\html\lock.gif
c:\users\spravce\100001112794354\html\messages.html
c:\users\spravce\100001112794354\html\photos-me.html
c:\users\spravce\100001112794354\html\photos.html
c:\users\spravce\100001112794354\html\profile.html
c:\users\spravce\100001112794354\html\style.css
c:\users\spravce\100001112794354\html\videos.html
c:\users\spravce\100001112794354\html\wall.html
c:\users\spravce\100001112794354\index.html
c:\users\spravce\100001112794354\photos\Danar 010\126581590722267.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581600722266.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581604055599.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581607388932.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581610722265.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581614055598.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581617388931.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581620722264.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581624055597.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581627388930.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581630722263.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581650722261.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581654055594.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581657388927.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581660722260.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581664055593.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581667388926.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581670722259.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581674055592.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581677388925.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581680722258.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581687388924.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581690722257.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581694055590.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581697388923.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581700722256.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688037844955.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688057844953.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688067844952.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688114511614.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688197844939.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688247844934.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688311178261.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688451178247.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688497844909.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688537844905.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688584511567.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688637844895.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688687844890.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688727844886.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688771178215.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688814511544.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688857844873.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688884511537.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688977844861.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689034511522.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689104511515.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689201178172.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689264511499.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689357844823.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689384511487.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689424511483.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689454511480.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689477844811.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689597844799.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689631178129.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689674511458.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689704511455.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689754511450.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689801178112.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689851178107.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689887844770.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689921178100.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689981178094.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690047844754.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690077844751.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690137844745.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690177844741.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690244511401.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690284511397.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690331178059.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690367844722.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690427844716.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690521178040.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690624511363.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690711178021.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188720561175036.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\Snad u ka+żd+Ż pam+ítky byli po ulici Rumuni a prod+ív.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079398339153.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079401672486.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079405005819.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079408339152.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079411672485.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079415005818.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079418339151.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079421672484.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079425005817.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079428339150.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079491672477.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079495005810.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079498339143.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079501672476.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079505005809.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079508339142.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079511672475.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079515005808.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079518339141.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079521672474.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079608339132.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079611672465.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079615005798.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079618339131.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079621672464.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079625005797.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079628339130.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079631672463.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079635005796.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079638339129.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079705005789.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079708339122.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079711672455.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079715005788.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079718339121.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079721672454.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079725005787.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079728339120.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079731672453.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079735005786.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079805005779.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079808339112.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079811672445.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079815005778.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079818339111.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079821672444.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079825005777.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079828339110.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079831672443.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079835005776.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079881672438.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079885005771.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079888339104.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079891672437.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079895005770.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079898339103.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079901672436.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079905005769.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079908339102.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079911672435.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\100684763311950.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\100684813311945.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\148189518561474.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\160541930659566.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\190688974311528.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\prost¦Ť spicza fotka -D.jpg
c:\users\spravce\100001112794354\photos\Wall Photos\N+ív+ít¦Ťva +ś+şpu.jpg
c:\users\spravce\100001112794354\README.txt
c:\users\spravce\100001112794354\videos\198166060230486.mp4
c:\users\spravce\100001112794354\videos\198657040181388.mp4
c:\users\spravce\100001112794354\videos\¦î+üST vystoupen+ş T+íborsk+ę gardy.mp4
c:\users\spravce\9100.jpg
c:\users\spravce\9121.jpg
c:\users\spravce\9142.jpg
c:\users\spravce\9214.jpg
c:\users\spravce\AppData\Local\Temp\RtkBtMnt.exe
c:\users\spravce\AppData\Roaming\.#
c:\users\spravce\AppData\Roaming\.#\MBX@DF4@3E2760.###
c:\users\spravce\AppData\Roaming\.#\MBX@DF4@3E2790.###
c:\users\spravce\AppData\Roaming\.#\MBX@F5C@262770.###
c:\users\spravce\AppData\Roaming\.#\MBX@F5C@2627A0.###
c:\users\spravce\AppData\Roaming\AD ON Multimedia
c:\users\spravce\AppData\Roaming\AD ON Multimedia\eBay Shortcuts\config.ini
c:\users\spravce\AppData\Roaming\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe
c:\users\spravce\Dj Tommis - Clubber Edit 2 (Extented 2010) .mp3
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\SysWow64\tmpE060.tmp
c:\windows\SysWow64\tmpE0AF.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-13 do 2012-01-13 )))))))))))))))))))))))))))))))
.
.
2012-01-13 21:07 . 2012-01-13 21:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-13 19:45 . 2012-01-13 19:45 -------- d-----w- c:\program files (x86)\Cácko
2012-01-13 19:44 . 2012-01-13 19:44 -------- d-----w- c:\program files (x86)\Cáčko
2012-01-13 15:26 . 2012-01-13 15:26 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-01-11 15:55 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:55 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 15:55 . 2011-10-26 05:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 15:55 . 2011-10-26 04:28 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 15:55 . 2011-11-17 07:14 1739160 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:55 . 2011-11-17 05:41 1292592 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 15:55 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:55 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-08 20:25 . 2012-01-08 20:25 -------- d-----w- c:\users\spravce\AppData\Local\DOSBox
2012-01-08 20:25 . 2012-01-08 20:25 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2012-01-05 14:57 . 2012-01-05 14:57 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-01-03 16:21 . 2012-01-13 19:57 -------- d-----w- C:\Nexon
2012-01-01 11:51 . 2012-01-01 11:51 -------- d-----w- c:\program files (x86)\Application Updater
2012-01-01 11:50 . 2012-01-01 11:51 -------- d-----w- c:\program files (x86)\IObit Toolbar
2012-01-01 11:50 . 2012-01-01 11:50 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-12-25 09:11 . 2011-12-25 09:13 -------- d-----w- c:\programdata\AVG Secure Search
2011-12-24 18:16 . 1997-05-26 12:55 23040 ----a-w- c:\windows\SysWow64\irisco32.dll
2011-12-24 18:15 . 2011-12-24 18:16 -------- d-----w- c:\program files (x86)\Readiris10
2011-12-24 18:14 . 2011-12-24 18:18 -------- d-----w- c:\program files (x86)\SmarThru 4
2011-12-24 18:13 . 2011-12-24 18:14 -------- d-----w- c:\program files (x86)\Scan Assistant
2011-12-24 18:13 . 2011-12-24 18:13 -------- d-----w- c:\users\spravce\AppData\Local\S2PC
2011-12-24 18:13 . 2009-12-08 10:38 482408 ----a-w- c:\windows\SSndii.exe
2011-12-24 18:10 . 2011-12-24 18:10 -------- d-----w- c:\users\spravce\AppData\Roaming\InstallShield
2011-12-24 18:10 . 2009-10-28 15:20 38160 ----a-w- c:\windows\SysWow64\msxml2r.dll
2011-12-24 18:10 . 2009-10-28 15:20 21776 ----a-w- c:\windows\SysWow64\msxml2a.dll
2011-12-24 18:10 . 2009-10-28 15:20 701440 ----a-w- c:\windows\SysWow64\msxml2.dll
2011-12-24 18:10 . 2009-10-28 15:20 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2011-12-24 18:10 . 2011-12-24 18:10 -------- d-----w- c:\windows\Samsung
2011-12-24 18:09 . 2011-06-10 03:12 143872 ----a-w- c:\windows\Wiainst64.exe
2011-12-24 18:08 . 2011-04-18 06:10 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\ssb3mpc.dll
2011-12-24 18:06 . 2011-12-24 18:06 -------- d-----w- c:\program files (x86)\Samsung
2011-12-21 20:54 . 2011-12-21 20:54 -------- d-----w- c:\users\spravce\AppData\Roaming\AVG2012
2011-12-21 20:52 . 2011-12-21 20:52 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2011-12-21 20:52 . 2012-01-12 18:17 -------- d-----w- c:\program files (x86)\AVG Secure Search
2011-12-21 20:46 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C748D827-6846-498C-994A-16EAC46AF270}\mpengine.dll
2011-12-21 20:41 . 2012-01-13 17:31 -------- d-----w- c:\windows\system32\drivers\AVG
2011-12-21 20:41 . 2011-12-21 21:00 -------- d-----w- c:\programdata\AVG2012
2011-12-14 22:24 . 2011-11-24 05:00 3141632 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 22:24 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 22:00 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 22:00 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 21:59 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 21:59 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-13 15:26 . 2010-12-16 13:30 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2011-12-31 16:29 . 2009-11-16 16:28 1004 --sha-w- c:\programdata\KGyGaAvL.sys
2011-10-30 17:45 . 2011-10-30 17:45 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-10-30 17:45 . 2011-10-30 17:45 27176 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-10-30 17:45 . 2011-10-30 17:45 13352 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-10-25 16:40 . 2011-10-25 16:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
2010-01-11 10:18 451808 ----a-w- c:\program files (x86)\RadioBar\toolbar.ni.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-25 09:11 1574240 ----a-w- c:\program files (x86)\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{5B291E6C-9A74-4034-971B-A4B007A0B315}"= "c:\program files (x86)\RadioBar\toolbar.ni.dll" [2010-01-11 451808]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll" [2011-12-25 1574240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-08-09 417112]
"SmartRAM"="c:\program files (x86)\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" [2011-08-09 373080]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-01-13 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2011-07-20 4393816]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2011-12-25 892768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-22 21328]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2009-08-11 24576]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 PfFilter;PfFilter;c:\program files (x86)\IObit\Protected Folder\pffilter.sys [2011-03-16 36792]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-25 869216]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-22 33184]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 18:28]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 18:28]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1792352362-3121994989-1617415332-1000Core.job
- c:\users\spravce\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 18:28]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1792352362-3121994989-1617415332-1000UA.job
- c:\users\spravce\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 18:28]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-23 7981600]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2009-07-21 492032]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_7630ez&r=27361109h806l03f3z155i48n1t225
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_7630ez&r=27361109h806l03f3z155i48n1t225
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.127.10
TCP: Interfaces\{44E51C40-EA33-4346-82E9-BA6BD0ECAEF4}: NameServer = 10.55.1.41,10.60.1.55
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files (x86)\RadioBar\toolbar.ni.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
BHO-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-13 22:16:03
ComboFix-quarantined-files.txt 2012-01-13 21:16
.
Před spuštěním: Volných bajtů: 107 135 614 976
Po spuštění: Volných bajtů: 105 184 497 664
.
- - End Of File - - E315E125AE7E7E5A28205229DEA1A892
ComboFix 12-01-13.03 - spravce 13.01.2012 21:40:36.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3997.2797 [GMT 1:00]
Spuštěný z: c:\users\spravce\Documents\spravce\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 4
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Přístup byl odepřen.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\spravce\100001112794354
c:\users\spravce\100001112794354\html\album-Danar 010.html
c:\users\spravce\100001112794354\html\album-Italy 2011.html
c:\users\spravce\100001112794354\html\album-P+ívek 010.html
c:\users\spravce\100001112794354\html\album-Profile Pictures.html
c:\users\spravce\100001112794354\html\album-Wall Photos.html
c:\users\spravce\100001112794354\html\events.html
c:\users\spravce\100001112794354\html\friends.html
c:\users\spravce\100001112794354\html\lock.gif
c:\users\spravce\100001112794354\html\messages.html
c:\users\spravce\100001112794354\html\photos-me.html
c:\users\spravce\100001112794354\html\photos.html
c:\users\spravce\100001112794354\html\profile.html
c:\users\spravce\100001112794354\html\style.css
c:\users\spravce\100001112794354\html\videos.html
c:\users\spravce\100001112794354\html\wall.html
c:\users\spravce\100001112794354\index.html
c:\users\spravce\100001112794354\photos\Danar 010\126581590722267.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581600722266.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581604055599.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581607388932.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581610722265.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581614055598.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581617388931.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581620722264.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581624055597.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581627388930.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581630722263.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581650722261.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581654055594.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581657388927.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581660722260.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581664055593.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581667388926.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581670722259.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581674055592.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581677388925.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581680722258.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581687388924.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581690722257.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581694055590.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581697388923.jpg
c:\users\spravce\100001112794354\photos\Danar 010\126581700722256.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688037844955.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688057844953.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688067844952.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688114511614.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688197844939.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688247844934.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688311178261.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688451178247.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688497844909.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688537844905.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688584511567.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688637844895.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688687844890.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688727844886.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688771178215.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688814511544.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688857844873.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688884511537.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188688977844861.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689034511522.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689104511515.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689201178172.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689264511499.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689357844823.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689384511487.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689424511483.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689454511480.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689477844811.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689597844799.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689631178129.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689674511458.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689704511455.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689754511450.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689801178112.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689851178107.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689887844770.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689921178100.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188689981178094.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690047844754.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690077844751.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690137844745.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690177844741.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690244511401.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690284511397.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690331178059.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690367844722.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690427844716.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690521178040.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690624511363.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188690711178021.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\188720561175036.jpg
c:\users\spravce\100001112794354\photos\Italy 2011\Snad u ka+żd+Ż pam+ítky byli po ulici Rumuni a prod+ív.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079398339153.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079401672486.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079405005819.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079408339152.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079411672485.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079415005818.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079418339151.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079421672484.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079425005817.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079428339150.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079491672477.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079495005810.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079498339143.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079501672476.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079505005809.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079508339142.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079511672475.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079515005808.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079518339141.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079521672474.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079608339132.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079611672465.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079615005798.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079618339131.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079621672464.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079625005797.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079628339130.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079631672463.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079635005796.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079638339129.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079705005789.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079708339122.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079711672455.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079715005788.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079718339121.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079721672454.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079725005787.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079728339120.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079731672453.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079735005786.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079805005779.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079808339112.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079811672445.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079815005778.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079818339111.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079821672444.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079825005777.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079828339110.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079831672443.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079835005776.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079881672438.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079885005771.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079888339104.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079891672437.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079895005770.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079898339103.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079901672436.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079905005769.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079908339102.jpg
c:\users\spravce\100001112794354\photos\P+ívek 010\117079911672435.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\100684763311950.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\100684813311945.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\148189518561474.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\160541930659566.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\190688974311528.jpg
c:\users\spravce\100001112794354\photos\Profile Pictures\prost¦Ť spicza fotka -D.jpg
c:\users\spravce\100001112794354\photos\Wall Photos\N+ív+ít¦Ťva +ś+şpu.jpg
c:\users\spravce\100001112794354\README.txt
c:\users\spravce\100001112794354\videos\198166060230486.mp4
c:\users\spravce\100001112794354\videos\198657040181388.mp4
c:\users\spravce\100001112794354\videos\¦î+üST vystoupen+ş T+íborsk+ę gardy.mp4
c:\users\spravce\9100.jpg
c:\users\spravce\9121.jpg
c:\users\spravce\9142.jpg
c:\users\spravce\9214.jpg
c:\users\spravce\AppData\Local\Temp\RtkBtMnt.exe
c:\users\spravce\AppData\Roaming\.#
c:\users\spravce\AppData\Roaming\.#\MBX@DF4@3E2760.###
c:\users\spravce\AppData\Roaming\.#\MBX@DF4@3E2790.###
c:\users\spravce\AppData\Roaming\.#\MBX@F5C@262770.###
c:\users\spravce\AppData\Roaming\.#\MBX@F5C@2627A0.###
c:\users\spravce\AppData\Roaming\AD ON Multimedia
c:\users\spravce\AppData\Roaming\AD ON Multimedia\eBay Shortcuts\config.ini
c:\users\spravce\AppData\Roaming\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe
c:\users\spravce\Dj Tommis - Clubber Edit 2 (Extented 2010) .mp3
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\SysWow64\tmpE060.tmp
c:\windows\SysWow64\tmpE0AF.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-13 do 2012-01-13 )))))))))))))))))))))))))))))))
.
.
2012-01-13 21:07 . 2012-01-13 21:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-13 19:45 . 2012-01-13 19:45 -------- d-----w- c:\program files (x86)\Cácko
2012-01-13 19:44 . 2012-01-13 19:44 -------- d-----w- c:\program files (x86)\Cáčko
2012-01-13 15:26 . 2012-01-13 15:26 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-01-11 15:55 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:55 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 15:55 . 2011-10-26 05:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 15:55 . 2011-10-26 04:28 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 15:55 . 2011-11-17 07:14 1739160 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:55 . 2011-11-17 05:41 1292592 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 15:55 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:55 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-08 20:25 . 2012-01-08 20:25 -------- d-----w- c:\users\spravce\AppData\Local\DOSBox
2012-01-08 20:25 . 2012-01-08 20:25 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2012-01-05 14:57 . 2012-01-05 14:57 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-01-03 16:21 . 2012-01-13 19:57 -------- d-----w- C:\Nexon
2012-01-01 11:51 . 2012-01-01 11:51 -------- d-----w- c:\program files (x86)\Application Updater
2012-01-01 11:50 . 2012-01-01 11:51 -------- d-----w- c:\program files (x86)\IObit Toolbar
2012-01-01 11:50 . 2012-01-01 11:50 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-12-25 09:11 . 2011-12-25 09:13 -------- d-----w- c:\programdata\AVG Secure Search
2011-12-24 18:16 . 1997-05-26 12:55 23040 ----a-w- c:\windows\SysWow64\irisco32.dll
2011-12-24 18:15 . 2011-12-24 18:16 -------- d-----w- c:\program files (x86)\Readiris10
2011-12-24 18:14 . 2011-12-24 18:18 -------- d-----w- c:\program files (x86)\SmarThru 4
2011-12-24 18:13 . 2011-12-24 18:14 -------- d-----w- c:\program files (x86)\Scan Assistant
2011-12-24 18:13 . 2011-12-24 18:13 -------- d-----w- c:\users\spravce\AppData\Local\S2PC
2011-12-24 18:13 . 2009-12-08 10:38 482408 ----a-w- c:\windows\SSndii.exe
2011-12-24 18:10 . 2011-12-24 18:10 -------- d-----w- c:\users\spravce\AppData\Roaming\InstallShield
2011-12-24 18:10 . 2009-10-28 15:20 38160 ----a-w- c:\windows\SysWow64\msxml2r.dll
2011-12-24 18:10 . 2009-10-28 15:20 21776 ----a-w- c:\windows\SysWow64\msxml2a.dll
2011-12-24 18:10 . 2009-10-28 15:20 701440 ----a-w- c:\windows\SysWow64\msxml2.dll
2011-12-24 18:10 . 2009-10-28 15:20 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2011-12-24 18:10 . 2011-12-24 18:10 -------- d-----w- c:\windows\Samsung
2011-12-24 18:09 . 2011-06-10 03:12 143872 ----a-w- c:\windows\Wiainst64.exe
2011-12-24 18:08 . 2011-04-18 06:10 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\ssb3mpc.dll
2011-12-24 18:06 . 2011-12-24 18:06 -------- d-----w- c:\program files (x86)\Samsung
2011-12-21 20:54 . 2011-12-21 20:54 -------- d-----w- c:\users\spravce\AppData\Roaming\AVG2012
2011-12-21 20:52 . 2011-12-21 20:52 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2011-12-21 20:52 . 2012-01-12 18:17 -------- d-----w- c:\program files (x86)\AVG Secure Search
2011-12-21 20:46 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C748D827-6846-498C-994A-16EAC46AF270}\mpengine.dll
2011-12-21 20:41 . 2012-01-13 17:31 -------- d-----w- c:\windows\system32\drivers\AVG
2011-12-21 20:41 . 2011-12-21 21:00 -------- d-----w- c:\programdata\AVG2012
2011-12-14 22:24 . 2011-11-24 05:00 3141632 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 22:24 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 22:00 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 22:00 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 21:59 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 21:59 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-13 15:26 . 2010-12-16 13:30 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2011-12-31 16:29 . 2009-11-16 16:28 1004 --sha-w- c:\programdata\KGyGaAvL.sys
2011-10-30 17:45 . 2011-10-30 17:45 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-10-30 17:45 . 2011-10-30 17:45 27176 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-10-30 17:45 . 2011-10-30 17:45 13352 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-10-25 16:40 . 2011-10-25 16:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
2010-01-11 10:18 451808 ----a-w- c:\program files (x86)\RadioBar\toolbar.ni.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-25 09:11 1574240 ----a-w- c:\program files (x86)\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{5B291E6C-9A74-4034-971B-A4B007A0B315}"= "c:\program files (x86)\RadioBar\toolbar.ni.dll" [2010-01-11 451808]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll" [2011-12-25 1574240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-08-09 417112]
"SmartRAM"="c:\program files (x86)\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" [2011-08-09 373080]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-01-13 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2011-07-20 4393816]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2011-12-25 892768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-22 21328]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-07-11 20336]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2009-08-11 24576]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 PfFilter;PfFilter;c:\program files (x86)\IObit\Protected Folder\pffilter.sys [2011-03-16 36792]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-25 869216]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-22 33184]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 18:28]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-16 18:28]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1792352362-3121994989-1617415332-1000Core.job
- c:\users\spravce\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 18:28]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1792352362-3121994989-1617415332-1000UA.job
- c:\users\spravce\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 18:28]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-23 7981600]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2009-07-21 492032]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_7630ez&r=27361109h806l03f3z155i48n1t225
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_7630ez&r=27361109h806l03f3z155i48n1t225
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.127.10
TCP: Interfaces\{44E51C40-EA33-4346-82E9-BA6BD0ECAEF4}: NameServer = 10.55.1.41,10.60.1.55
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files (x86)\RadioBar\toolbar.ni.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
BHO-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-13 22:16:03
ComboFix-quarantined-files.txt 2012-01-13 21:16
.
Před spuštěním: Volných bajtů: 107 135 614 976
Po spuštění: Volných bajtů: 105 184 497 664
.
- - End Of File - - E315E125AE7E7E5A28205229DEA1A892
