ComboFix 12-12-23.01 - David 24.12.2012 22:56:02.1.6 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3326.2502 [GMT 1:00]
Spuštěný z: c:\users\David\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\David\AppData\Local\TempDIR
c:\windows\system32\muzapp.exe
c:\windows\system32\windir
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-24 do 2012-12-24 )))))))))))))))))))))))))))))))
.
.
2012-12-24 22:01 . 2012-12-24 22:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-24 21:11 . 2012-12-24 21:11 -------- d-----w- c:\users\David\AppData\Roaming\Malwarebytes
2012-12-24 21:11 . 2012-12-24 21:11 -------- d-----w- c:\programdata\Malwarebytes
2012-12-24 21:10 . 2012-12-24 21:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-24 21:10 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-24 14:10 . 2012-12-24 14:10 -------- d-----w- c:\program files\SuperSpeed
2012-12-24 09:55 . 2012-12-24 09:55 -------- d-----w- c:\users\David\AppData\Roaming\JAM Software
2012-12-24 09:55 . 2012-12-24 09:55 -------- d-----w- c:\program files\JAM Software
2012-12-23 20:01 . 2012-12-23 20:01 -------- d-----w- c:\users\David\AppData\Local\Razer
2012-12-23 20:01 . 2012-12-23 20:01 -------- d-----w- c:\programdata\Razer
2012-12-23 20:01 . 2012-12-23 20:01 -------- d-----w- c:\program files\Razer
2012-12-22 19:25 . 2012-12-24 09:55 -------- d-----w- c:\program files\CPUID
2012-12-22 18:33 . 2012-12-22 18:33 -------- d-----w- c:\program files\MSI
2012-12-22 13:53 . 2012-12-22 13:53 -------- d-----w- c:\program files\Havij
2012-12-22 11:02 . 2012-12-24 21:51 -------- d-----w- c:\program files\MSI Afterburner
2012-12-21 17:44 . 2012-12-21 17:44 -------- d-----w- c:\users\David\AppData\Roaming\Kongregate
2012-12-21 17:10 . 2012-12-21 17:11 -------- d-----w- C:\WINSSLog
2012-12-21 13:18 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 13:18 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 10:27 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3514F7EF-4FF6-45AF-B03A-6737945A86CA}\mpengine.dll
2012-12-20 21:05 . 2012-12-20 21:05 -------- d-----w- c:\users\David\AppData\Local\Arktos
2012-12-20 21:05 . 2012-12-20 21:05 -------- d-----w- c:\users\David\AppData\Local\CrashRpt
2012-12-18 18:22 . 2012-12-18 18:58 -------- d-----w- c:\users\David\AppData\Roaming\NVIDIA
2012-12-18 17:50 . 2012-12-18 17:50 -------- d-----w- c:\program files\AGEIA Technologies
2012-12-18 17:50 . 2012-12-22 11:00 -------- d-----w- c:\users\UpdatusUser
2012-12-18 17:47 . 2012-12-24 22:01 -------- d-----w- c:\programdata\NVIDIA
2012-12-18 17:45 . 2012-12-01 04:38 2869608 ----a-w- c:\windows\system32\nvsvc.dll
2012-12-18 17:45 . 2012-12-01 04:38 3984744 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-18 17:45 . 2012-12-01 04:37 3663213 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-18 17:45 . 2012-12-01 04:37 645480 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-18 17:45 . 2012-12-01 04:37 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-12-18 17:45 . 2012-12-01 04:37 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-18 17:43 . 2012-12-18 17:43 -------- d-----w- C:\NVIDIA
2012-12-13 17:11 . 2012-12-13 17:32 -------- d-----w- c:\users\David\AppData\Roaming\ftblauncher
2012-12-12 13:15 . 2012-12-12 13:15 -------- d-----w- c:\users\David\AppData\Local\SkinSoft
2012-12-12 13:03 . 2012-12-12 13:03 27248 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2012-12-12 09:23 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-10 20:30 . 2012-12-10 20:30 -------- d-----w- c:\users\David\AppData\Local\FLT
2012-12-10 16:36 . 2012-12-10 16:43 -------- d-----w- c:\users\David\AppData\Local\Painkiller Overdose
2012-12-09 17:03 . 2012-12-09 17:03 23720 ----a-w- c:\windows\system32\drivers\amdkmpfd.sys
2012-12-09 17:03 . 2012-12-09 17:03 26624 ----a-w- c:\windows\system32\drivers\pmserenum.sys
2012-12-09 17:00 . 2012-12-09 17:00 100504 ----a-w- c:\windows\system32\drivers\L1C62x86.sys
2012-12-05 20:24 . 2012-12-19 15:21 -------- d-----w- c:\program files\Notepad++
2012-12-05 20:24 . 2012-12-05 20:26 -------- d-----w- c:\users\David\AppData\Roaming\Notepad++
2012-12-03 21:43 . 2012-08-21 12:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-03 21:43 . 2012-12-03 21:43 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-03 14:22 . 2012-12-03 14:22 -------- d-----w- c:\users\David\AppData\Local\SCE
2012-12-03 14:22 . 2012-12-03 14:22 -------- d-----w- C:\Crash
2012-12-03 14:22 . 2012-12-03 14:22 -------- d-----w- c:\users\David\AppData\Local\Sony Online Entertainment
2012-12-03 13:16 . 2012-12-03 21:44 -------- d-----w- c:\users\David\AppData\Roaming\Apple Computer
2012-11-30 21:43 . 2012-11-30 21:43 438632 ----a-w- c:\windows\system32\nvStreaming.exe
2012-11-29 14:19 . 2012-12-19 15:43 -------- d-----w- c:\users\David\AppData\Roaming\SPORE
2012-11-26 20:00 . 2012-11-26 20:00 -------- d-----w- c:\users\David\AppData\Local\Stardock_Corporation
2012-11-26 19:59 . 2012-11-26 19:59 -------- d--h--w- c:\programdata\Common Files
2012-11-26 19:59 . 2012-11-26 19:59 -------- d-----w- c:\users\David\AppData\Roaming\Stardock
2012-11-26 19:59 . 2012-11-26 19:59 57856 ----a-w- c:\windows\DTDraw.dll
2012-11-26 19:59 . 2012-11-26 19:59 -------- d-----w- c:\users\David\AppData\Roaming\DeskSoft
2012-11-26 19:34 . 2012-12-21 10:25 -------- d-----w- C:\Temp
2012-11-26 19:33 . 2012-11-26 19:33 -------- d-----w- c:\users\David\AppData\Local\Samsung
2012-11-26 19:33 . 2012-12-06 20:22 -------- d-----w- c:\users\David\AppData\Roaming\Samsung
2012-11-26 19:32 . 2012-09-20 04:35 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-11-26 19:32 . 2012-09-20 04:35 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-11-26 19:30 . 2012-10-29 11:10 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-11-26 19:30 . 2012-10-29 11:09 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-11-26 19:30 . 2012-11-26 19:31 -------- d-----w- c:\program files\Samsung
2012-11-26 19:30 . 2012-11-26 19:31 -------- d-----w- c:\programdata\Samsung
2012-11-26 19:24 . 2012-11-26 19:24 -------- d-----w- c:\users\David\AppData\Local\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-23 19:46 . 2012-08-08 14:52 17488 ----a-w- c:\windows\gdrv.sys
2012-12-21 18:15 . 2012-08-10 20:42 138992 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-12-21 18:15 . 2012-08-11 21:35 281288 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-12-21 18:15 . 2012-08-10 20:42 281288 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-12-21 18:04 . 2012-08-10 20:42 281288 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-12-21 17:42 . 2012-08-10 20:42 138904 ----a-w- c:\users\David\AppData\Roaming\PnkBstrK.sys
2012-12-21 17:41 . 2012-08-10 20:41 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-12-21 15:37 . 2012-08-15 09:16 17488 ----a-w- c:\windows\etdrv.sys
2012-12-21 15:35 . 2012-08-08 14:52 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2012-12-11 20:09 . 2012-08-20 11:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-11 20:09 . 2012-08-20 11:00 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-13 20:31 . 2012-11-13 20:31 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-13 20:31 . 2012-11-13 20:31 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-13 20:31 . 2012-11-13 20:31 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-13 20:31 . 2012-11-13 20:31 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-13 20:31 . 2012-11-13 20:31 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-13 20:31 . 2012-11-13 20:31 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-13 20:31 . 2012-11-13 20:31 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-13 20:31 . 2012-11-13 20:31 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-13 20:30 . 2012-11-13 20:30 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-13 20:30 . 2012-11-13 20:30 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-13 20:30 . 2012-11-13 20:30 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-13 20:30 . 2012-11-13 20:30 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-13 20:30 . 2012-11-13 20:30 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-13 20:22 . 2012-11-13 20:22 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-13 20:22 . 2012-11-13 20:22 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-13 20:21 . 2012-11-13 20:21 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-13 20:21 . 2012-11-13 20:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-13 20:21 . 2012-11-13 20:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-13 20:21 . 2012-11-13 20:21 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-13 20:21 . 2012-11-13 20:21 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-13 20:21 . 2012-11-13 20:21 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-13 20:21 . 2012-11-13 20:21 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-13 20:21 . 2012-11-13 20:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-13 20:21 . 2012-11-13 20:21 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-13 20:21 . 2012-11-13 20:21 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-13 20:21 . 2012-11-13 20:21 4916224 ----a-w- c:\windows\system32\mstscax.dll
2012-11-13 20:21 . 2012-11-13 20:21 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-13 20:21 . 2012-11-13 20:21 37376 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-13 20:21 . 2012-11-13 20:21 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-13 20:21 . 2012-11-13 20:21 317440 ----a-w- c:\windows\system32\wksprt.exe
2012-11-13 20:21 . 2012-11-13 20:21 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-13 20:21 . 2012-11-13 20:21 2739712 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-13 20:21 . 2012-11-13 20:21 269312 ----a-w- c:\windows\system32\aaclient.dll
2012-11-13 20:21 . 2012-11-13 20:21 221184 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-13 20:21 . 2012-11-13 20:21 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-13 20:21 . 2012-11-13 20:21 16896 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-13 20:21 . 2012-11-13 20:21 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-13 20:21 . 2012-11-13 20:21 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-13 20:21 . 2012-11-13 20:21 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-13 20:21 . 2012-11-13 20:21 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-13 20:21 . 2012-11-13 20:21 1048064 ----a-w- c:\windows\system32\mstsc.exe
2012-11-13 20:20 . 2012-11-13 20:20 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-13 20:20 . 2012-11-13 20:20 247808 ----a-w- c:\windows\system32\schannel.dll
2012-11-13 20:20 . 2012-11-13 20:20 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-13 20:20 . 2012-11-13 20:20 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-13 20:20 . 2012-11-13 20:20 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-10-29 11:09 . 2012-10-29 11:09 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2012-10-29 11:09 . 2012-10-29 11:09 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-10-29 11:09 . 2012-10-29 11:09 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2012-10-29 11:09 . 2012-10-29 11:09 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2012-10-29 11:09 . 2012-10-29 11:09 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2012-10-29 11:09 . 2012-10-29 11:09 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2012-10-29 11:09 . 2012-10-29 11:09 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2012-10-29 11:09 . 2012-10-29 11:09 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2012-10-29 11:09 . 2012-10-29 11:09 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-10-29 11:09 . 2012-10-29 11:09 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-10-29 11:09 . 2012-10-29 11:09 200704 ----a-w- c:\windows\system32\muzwmts.dll
2012-10-29 11:09 . 2012-10-29 11:09 143360 ----a-w- c:\windows\system32\3DAudio.ax
2012-10-29 11:09 . 2012-10-29 11:09 135168 ----a-w- c:\windows\system32\muzaf1.dll
2012-10-29 11:09 . 2012-10-29 11:09 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2012-10-29 11:09 . 2012-10-29 11:09 122880 ----a-w- c:\windows\system32\muzeffect.ax
2012-10-29 11:09 . 2012-10-29 11:09 118784 ----a-w- c:\windows\system32\MaDRM.dll
2012-10-29 11:09 . 2012-10-29 11:09 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2012-10-29 11:09 . 2012-10-29 11:09 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2012-10-29 11:09 . 2012-10-29 11:09 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2012-10-29 11:09 . 2012-10-29 11:09 569344 ----a-w- c:\windows\system32\muzdecode.ax
2012-10-29 11:09 . 2012-10-29 11:09 491520 ----a-w- c:\windows\system32\muzapp.dll
2012-10-29 11:09 . 2012-10-29 11:09 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-10-29 11:09 . 2012-10-29 11:09 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2012-10-29 11:09 . 2012-10-29 11:09 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2012-10-29 11:09 . 2012-10-29 11:09 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2012-10-29 11:09 . 2012-10-29 11:09 245760 ----a-w- c:\windows\system32\MSCLib.dll
2012-10-29 11:09 . 2012-10-29 11:09 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2012-10-29 11:09 . 2012-10-29 11:09 155648 ----a-w- c:\windows\system32\MSFLib.dll
2012-10-27 13:45 . 2012-10-27 13:45 1051885 ----a-w- c:\windows\DarkSteam Uninstaller.exe
2012-10-16 07:39 . 2012-11-28 08:49 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 18:09 . 2012-08-09 17:42 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-10-10 15:00 . 2012-10-10 15:00 87696 ----a-w- c:\windows\system32\RtkCoInstII.dll
2012-10-10 15:00 . 2012-10-10 15:00 71808 ----a-w- c:\windows\system32\MBWrp32.dll
2012-10-10 15:00 . 2012-10-10 15:00 709976 ----a-w- c:\windows\system32\MaxxAudioAPOShell.dll
2012-10-10 15:00 . 2012-10-10 15:00 645776 ----a-w- c:\windows\system32\RtkApoApi.dll
2012-10-10 15:00 . 2012-10-10 15:00 54360 ----a-w- c:\windows\system32\MBppld32.dll
2012-10-10 15:00 . 2012-10-10 15:00 3240400 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2012-10-10 15:00 . 2012-10-10 15:00 3173008 ----a-w- c:\windows\system32\RtkAPO.dll
2012-10-10 15:00 . 2012-10-10 15:00 2417808 ----a-w- c:\windows\system32\RtkPgExt.dll
2012-10-10 15:00 . 2012-10-10 15:00 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2012-10-10 15:00 . 2012-10-10 15:00 1497704 ----a-w- c:\windows\system32\RTSndMgr.cpl
2012-10-10 15:00 . 2012-10-10 15:00 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll
2012-10-10 15:00 . 2012-10-10 15:00 95840 ----a-w- c:\windows\system32\AERTARen.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}"= "c:\program files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll" [2011-03-04 165776]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0MegaCloudNormal]
@="{03FB4211-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4211-3964-44E8-97D7-A2FA49CF5576}]
2012-08-23 16:13 241840 ----a-w- c:\users\David\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MegaCloudModified]
@="{03FB4212-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4212-3964-44E8-97D7-A2FA49CF5576}]
2012-08-23 16:13 241840 ----a-w- c:\users\David\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2MeagCloudError]
@="{03FB4213-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4213-3964-44E8-97D7-A2FA49CF5576}]
2012-08-23 16:13 241840 ----a-w- c:\users\David\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-12-11 969104]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
backup=c:\windows\pss\GamePark klient 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
backup=c:\windows\pss\hamachi.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Game Fire
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
2011-03-02 19:35 12008296 ----a-w- d:\adobe photoshop cs5.1\Adobe Bridge CS5.1\Bridge.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
2011-01-12 05:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
2012-09-24 20:59 490880 ----a-w- c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-11-28 13:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-17 15:19 3671872 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-08-08 14:41 116648 ----atw- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-11-01 12:16 577536 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-11-12 10:45 968120 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-12-07 15:02 1354736 ----a-w- d:\steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 18:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-08-24 20:07 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-12-11 15:29 969104 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"iSlim310_Monitor"=c:\windows\iSlim310\Monitor.exe
.
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 EagleXNt;EagleXNt;c:\users\David\AppData\Local\Temp\EagleXNt.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [x]
R3 FLASHSYS;FLASHSYS;c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys [x]
R3 MSICDSetup;MSICDSetup;E:\CDriver.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc; [x]
R3 TsUsbFlt;TsUsbFlt; [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R4 SCBackService;Splashtop Connect Service;c:\program files\Splashtop\Splashtop Connect\BackService.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 SscRdBus;RamDisk bus enumerator;c:\windows\system32\DRIVERS\SscRdBus.sys [x]
S0 SscRdCls;RAM Disk (SuperSpeed LLC);c:\windows\system32\DRIVERS\SscRdCls.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [x]
S3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - RTCORE32
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 20:09]
.
2012-12-24 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2012-10-10 10:51]
.
2012-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-18 17:02]
.
2012-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-18 17:02]
.
2012-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2822629469-1385090575-1634205035-1000Core.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08 14:41]
.
2012-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2822629469-1385090575-1634205035-1000UA.job
- c:\users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08 14:41]
.
2012-12-24 c:\windows\Tasks\ReclaimerUpdateFiles_David.job
- c:\users\David\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-16 13:38]
.
2012-12-24 c:\windows\Tasks\ReclaimerUpdateXML_David.job
- c:\users\David\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-16 13:38]
.
2012-12-24 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_David.job
- c:\users\David\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-16 13:38]
.
.
------- Doplňkový sken -------
.
uStart Page =
hxxp://www.google.commStart Page =
hxxp://www.google.comuInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}"=hex:51,66,7a,6c,4c,1d,38,12,82,71,d1,
a0,ac,a3,a0,0f,d9,e4,d6,18,c2,ac,da,e7
"{0E5680D1-BF44-4929-94AF-FD30D784AD1D}"=hex:51,66,7a,6c,4c,1d,38,12,bf,83,45,
0a,76,f1,47,0c,eb,b9,be,70,d2,da,e9,09
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}"=hex:51,66,7a,6c,4c,1d,38,12,c4,b3,f8,
71,26,0c,da,09,ef,fa,a0,a0,7b,93,40,e3
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}"=hex:51,66,7a,6c,4c,1d,38,12,e3,94,1f,
be,3b,97,d8,0c,d0,f4,c8,9e,21,03,83,f2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:14,45,b0,de,b4,d4,cd,01
.
[HKEY_USERS\S-1-5-21-2822629469-1385090575-1634205035-1000\Software\SecuROM\License information*]
"datasecu"=hex:16,25,05,4c,ba,dd,a6,25,64,30,f3,03,45,60,4f,fc,3b,37,f1,c8,68,
6d,b0,88,35,93,3e,6d,64,55,78,56,3a,cb,9a,54,d9,a0,4f,5d,66,8c,71,72,3e,aa,\
"rkeysecu"=hex:fa,c8,5e,8d,5e,3b,65,9b,0d,e9,6f,7f,95,f2,ab,02
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\sppsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\MSI Afterburner\MSIAfterburner.exe
c:\program files\YourFileDownloader\YourFileUpdater.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-12-24 23:06:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-24 22:06
.
Před spuštěním: Volných bajtů: 23 447 085 056
Po spuštění: Volných bajtů: 23 339 540 480
.
- - End Of File - - 4A545F5094942EAEF135CD0728DDB4FC
Nepoužívám ho,používám něco jiného. :)