Díky mockrát
ComboFix 13-01-08.01 - Jazz 10.01.2013 15:24:27.1.6 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4095.2103 [GMT 1:00]
Spuštěný z: c:\users\Jazz\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jazz\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-10 do 2013-01-10 )))))))))))))))))))))))))))))))
.
.
2013-01-10 14:31 . 2013-01-10 14:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-09 15:17 . 2012-11-09 05:34 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-01-08 18:05 . 2013-01-08 19:05 -------- d-----w- c:\users\Jazz\AppData\Roaming\Dev-Cpp
2013-01-08 18:05 . 2013-01-08 18:05 -------- d-----w- C:\Dev-Cpp
2013-01-08 14:52 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{95DCB12B-7006-4436-97FF-92041FCAB997}\mpengine.dll
2013-01-06 12:55 . 2005-12-08 09:09 49152 ----a-w- c:\windows\SysWow64\mydll.dll
2013-01-06 12:55 . 2005-12-07 14:13 57344 ----a-w- c:\windows\SysWow64\HookAPINT.dll
2013-01-06 12:48 . 2013-01-06 12:53 -------- d-----w- c:\program files (x86)\Game Speed Changer
2013-01-05 14:41 . 2013-01-05 14:44 -------- d-----w- c:\program files (x86)\JDownloader
2013-01-05 13:57 . 2013-01-05 13:58 -------- d-----w- c:\programdata\Western Digital
2013-01-05 13:57 . 2013-01-05 13:57 -------- d-----w- c:\program files\Western Digital
2013-01-05 13:57 . 2013-01-05 13:57 -------- d-----w- c:\program files (x86)\Western Digital
2013-01-05 13:56 . 2013-01-05 13:56 -------- d-----w- c:\users\Jazz\AppData\Local\Western Digital
2013-01-04 18:20 . 2013-01-07 17:40 -------- d-----w- c:\users\Jazz\AppData\Roaming\Little Inferno
2012-12-31 12:11 . 2012-12-31 12:11 -------- d-----w- c:\program files (x86)\Dxtory Software
2012-12-31 11:48 . 2012-12-31 11:48 -------- d-----w- c:\users\Jazz\AppData\Local\CrashRpt
2012-12-31 11:48 . 2012-12-31 11:57 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2012-12-31 07:07 . 2012-12-31 07:07 -------- d-----w- c:\programdata\SplitMediaLabs
2012-12-31 07:07 . 2012-12-31 07:07 -------- d-----w- c:\program files (x86)\SplitMediaLabs
2012-12-30 18:55 . 2012-12-30 18:55 -------- d-----w- c:\users\Jazz\AppData\Roaming\Sony Creative Software Inc
2012-12-30 15:26 . 2012-12-30 15:26 -------- d-----w- c:\users\Jazz\AppData\Roaming\OBS
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-25 18:01 . 2012-12-25 18:01 -------- d-----w- c:\users\Jazz\AppData\Local\backburner
2012-12-23 17:05 . 2012-12-23 17:05 -------- d-----w- c:\programdata\Package Cache
2012-12-23 17:03 . 2012-12-23 17:03 -------- d-----w- c:\users\Jazz\AppData\Roaming\Unity
2012-12-23 17:02 . 2012-12-23 17:02 -------- d-----w- c:\users\Jazz\AppData\Local\Unity
2012-12-23 12:29 . 2012-12-23 12:29 -------- d-----w- c:\programdata\Vegasaur
2012-12-23 12:29 . 2012-12-23 12:29 -------- d-----w- c:\program files\Vegasaur
2012-12-21 18:58 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 18:58 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:58 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:58 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-17 19:03 . 2012-12-17 19:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-12-16 10:30 . 2012-12-16 10:30 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-12-16 10:29 . 2012-12-16 10:29 -------- d-----w- c:\windows\PCHEALTH
2012-12-16 10:29 . 2012-12-16 10:29 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2012-12-16 10:29 . 2012-12-16 10:29 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2012-12-16 10:28 . 2012-12-16 10:28 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-12-16 10:28 . 2012-12-16 10:28 -------- d-----w- c:\program files\Microsoft Office
2012-12-16 10:27 . 2012-12-16 10:27 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-12-16 10:27 . 2012-12-16 10:27 -------- d-----w- c:\users\Jazz\AppData\Local\Microsoft Help
2012-12-16 10:27 . 2013-01-09 19:04 -------- d-----w- c:\programdata\Microsoft Help
2012-12-16 10:26 . 2012-12-16 10:26 -------- d-----r- C:\MSOCache
2012-12-13 05:54 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-13 05:54 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-12 18:21 . 2012-12-13 15:09 -------- d-----w- c:\program files (x86)\Ubisoft
2012-12-12 15:55 . 2012-11-09 05:34 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 15:55 . 2012-11-09 04:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 15:54 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 15:54 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-12 15:54 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-11 14:38 . 2012-12-11 14:38 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-12-11 14:38 . 2012-12-11 14:38 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-12-11 14:38 . 2012-12-11 14:38 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 19:10 . 2012-07-05 13:02 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-02 14:32 . 2012-07-18 10:22 281392 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-02 14:32 . 2012-07-17 10:37 281392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-30 15:46 . 2012-09-11 15:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-30 15:46 . 2012-09-11 15:37 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-29 10:34 . 2012-09-14 13:32 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-09-14 13:32 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-09-14 13:32 15129064 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-12-29 10:34 . 2012-09-14 13:32 15052368 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2012-09-14 13:32 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-09-14 13:32 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 08:40 . 2012-09-14 13:33 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-09-14 13:33 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-09-14 13:33 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-09-14 13:33 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-09-14 13:33 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-09-14 13:33 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-26 07:35 . 2012-07-17 10:37 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-13 16:45 . 2012-07-17 10:37 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-11 17:29 . 2012-10-17 15:13 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 17:29 . 2012-10-17 15:13 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-01 05:49 . 2012-10-14 10:27 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-30 04:56 . 2013-01-09 15:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-17 15:07 . 2012-10-17 15:13 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-10-16 21:20 . 2012-11-28 14:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 21:20 . 2012-11-28 14:48 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 20:34 . 2012-11-28 14:48 559104 ----a-w- c:\windows\apppatch\AcLayers.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-03 1354736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-31 964024]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-31 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" [2010-03-16 5309056]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2012-05-09 887712]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorTray.exe" [2010-09-07 2787224]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-31 3524536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Plugin Install"="c:\program files (x86)\QuickTime\Plugins\DeleteMe2.exe" [2012-11-23 86016]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 4236288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2012-06-25 136648]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-09-20 136896]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-11-26 745368]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-05 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-10-17 27800]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704]
S2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-12-11 400160]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-12-11 565024]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2012-06-25 57512]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-01-10 120408]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-08-30 8704]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-07-06 157408]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-06-06 3293552]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-02 2673064]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2011-05-12 154624]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220483473-1178822035-113335320-1000Core.job
- c:\users\Jazz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-29 18:40]
.
2013-01-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220483473-1178822035-113335320-1000UA.job
- c:\users\Jazz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-29 18:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.youtube.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
LSP: c:\program files (x86)\FlyVPN\FlyVPNBind.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1 8.8.8.8
FF - ProfilePath - c:\users\Jazz\AppData\Roaming\Mozilla\Firefox\Profiles\dhqbmziy.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1220483473-1178822035-113335320-1000\Software\SecuROM\License information*]
"datasecu"=hex:8b,b7,ca,d8,18,70,3b,9a,e5,63,79,c0,89,65,b7,06,51,56,56,d2,9b,
74,75,61,56,ad,42,e6,e8,cf,db,0c,47,95,82,a7,ce,f4,8f,25,f2,22,63,b8,0f,c9,\
"rkeysecu"=hex:31,7a,13,9f,e7,79,f5,9e,3b,cb,56,b4,89,6b,14,d7
.
[HKEY_USERS\S-1-5-21-1220483473-1178822035-113335320-1000_Classes\Wow6432Node\CLSID\{330cac6c-5f4c-4db8-b654-b163f2343978}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000143
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1220483473-1178822035-113335320-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):fe,04,2f,fa,62,64,b7,a0,01,d5,31,81,2e,aa,5e,52,77,68,df,5c,32,
dc,6e,31,a7,a7,23,8d,28,d8,af,ee,88,15,36,99,03,de,d5,71,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="703E3DAAF32BBADD6B68190437C459098F65E75662370D9BD386050E417C4A1FF1A7CD5E4D5AAFE8CD76A831F879BA8826DCDF17CA9A43491C7245D149424EC0867AB166BC112F68957CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808C038D530D6EB3452C038D530D6EB34525D575E7D6A3B98080117B072E38EFBEE0D8A93113487F93FA752C56BA81EC5BDC284C1E229F6F61B644E48504F6624DD1D0A25C58A0F83775167B3739192E5E4CFA2BD07A14E72604045A9308FABC425D484F525A5F9CA44D4A4063FD8E47982F8EABAA2C4EA55CC0EAB677F7EEF433BF1DB85D435DCAFA4583A47CD22CA01BEE702EF3049435AD01EB5054F090E37F70974449D7A11C779D3DE7643A53EAA24998D0AC97D126F41111B7B54AF20E91A8236186FCCB3DA0B15CA87E5AD7FDEA2E038A730BFD7B7D5DE9638670907DCC1190EDCDA15266582BABD61A11B8EB50D63B05D4585D788AAD2E71D05BDE6C3755E6CDE16510C986D3C77DE825FB1FC9B1B2AB414D5976E410BD3FDCF0BA8841EB3C6E0FA165158C060BE4EBD82F3B669D55BA6C64F64267DF921250AC2F6BB89D294188788A03DD0C45C73A91FA29776B3FDA62D20CA24A8689BCD1EC943B8684653AF5D61EC14D85A1F84C0E5D00AA42D5195BB0DA00CEC6E13AA1898C07F50EE8345C2F0695CF665D8ADA319542ABC0A97CD0B6FFBBA5DFBDA602BBD68C63BFEA96B2198114DAD7E5D8D9210C6CAE868981A553237BE6C544B8729D9767A85804F27074F204C631308B6F6B687F03AB91D3BFAD671D8730EBF2D8DA2E9B9F14D00F2A69D97F76263B531590C37D622C575E481EF9001AE131752F3E007D8A495CC3C54A33D9F590548F66B223D697AA3733F0E28B761BDA2366B9CF157DE27DCC9660C141B485B60A4F6FDA242C97C43ED65ED39555926D08363EDC72608E7FC904669337B2BDCB1B59588C636CEC8654069927596F95081EA9670E68342389E3DA5B0DBF133398A69A7A45ECA01E120C7CD0EBEEE0A8772DD54506844324CC37044457DD202304FAF7B93CD751DAF5D680A979096857D314E63DE7980B03FBFCFD1B319B7EC61387FCC370AF0167DD9870C0D748898C520337C91DC13C50C3A827728467D7A5653D15096213B11FA2811B26D0C82A7D8760ACC00669C34962F35CB752E4468F67FA4AC5C3016673B2E73D15C8B0849133FD1F3680002ED23EC1B5F908E73A71373797D586B08A7B5262032223B62C635D88D89AA276B9B5A19E4B213BBB2DBDC3856507B1A5B90C51D8E0EA976999F6476C5144C6C4497CAABCE3D3C1B6F5DEAA8C3A9DD189E9AAB743998852F7F85A61E051276F5BDF1E5ED93E7EEA5DA3AB676D0013A52A2EE09E220F2E66826DF6AAA5CF3F57B4A"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files\ASUS\GPU Boost Driver\GpuBoostServer.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-01-10 15:39:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-10 14:39
.
Před spuštěním: Volných bajtů: 189 532 905 472
Po spuštění: Volných bajtů: 189 564 305 408
.
- - End Of File - - 3FB9FDE1EE757653C37BFD4D546004F3
Kolega sice poradil CF, ale vi ze si to muze dovolit, nejste tu poprve abyste si nemohl precist pravidla fora a i licenci se kterou jste souhlasil pred spustenim CF
Přispějete na provoz fóra?