Prosím o preventivní kontrolu logu

[Milan12300]

Dobrý den, OS se spouští pomaleji než jsem byl zvyklý, některé programy po spuštění jsem už zakázal. Spouští se asi 1 minutu 40 sekund. Tak nevim je to dlouhá doba? Jak dlouho se pouští PC vám ?
Tady je LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by X at 2012-01-13 23:09:46
Microsoft Windows 7 Professional
System drive C: has 82 GB (54%) free of 153 GB
Total RAM: 2048 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:10:02, on 13.1.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Users\X\Downloads\RSIT.exe
C:\Program Files\trend micro\X.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25432;
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll (file missing)
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O18 - Protocol: toolbarchrome - (no CLSID) - (no file)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Intel Corporation - (no file)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - Unknown owner - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (file missing)
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - (no file)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 3990 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-12-15 59272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-05-25 1145888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BA52B914-B692-46c4-B683-905236F6F655} - McAfee VirusScan - c:\progra~1\mcafee.com\vso\mcvsshl.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-12-09 4616064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\asc.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\suc12_uninstal.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\toolbox.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\turboboost.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
"vidc.MPG4"=MPG4C32.dll
"vidc.MP42"=MPG4C32.dll
"vidc.MP43"=MPG4C32.dll
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - NOTEPAD.EXE %1
.reg - open -
.scr - open -
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2012-01-13 23:09:46 ----D---- C:\rsit
2012-01-13 23:09:46 ----D---- C:\Program Files\trend micro
2012-01-13 18:21:07 ----D---- C:\Users\X\AppData\Roaming\SUPERAntiSpyware.com
2012-01-13 18:20:44 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-01-13 18:20:44 ----D---- C:\Program Files\SUPERAntiSpyware
2012-01-12 21:15:49 ----D---- C:\Users\X\AppData\Roaming\DMCache
2012-01-12 19:31:14 ----D---- C:\Users\X\AppData\Roaming\Wise Registry Cleaner
2012-01-12 19:30:58 ----D---- C:\Program Files\Wise Registry Cleaner
2012-01-12 17:12:37 ----D---- C:\Users\X\AppData\Roaming\Malwarebytes
2012-01-12 17:12:26 ----D---- C:\ProgramData\Malwarebytes
2012-01-11 21:29:53 ----D---- C:\ProgramData\McAfee.com
2012-01-11 21:29:04 ----A---- C:\Windows\system32\mcgdmgr.dll
2012-01-11 21:29:03 ----A---- C:\Windows\system32\mcinsctl.dll
2012-01-09 20:00:31 ----D---- C:\Program Files\DAP
2012-01-08 19:52:13 ----A---- C:\Windows\system32\BASSMOD.dll
2012-01-08 17:03:35 ----SD---- C:\Downloads
2012-01-08 17:02:57 ----D---- C:\Users\X\AppData\Roaming\FlashGet
2012-01-08 17:02:57 ----D---- C:\Users\X\AppData\Roaming\BITS
2012-01-08 17:02:48 ----D---- C:\Users\X\AppData\Roaming\FlashGetBHO
2012-01-07 22:27:14 ----D---- C:\ProgramData\SpeedBit
2012-01-07 22:27:10 ----D---- C:\Program Files\Common Files\SpeedBit
2012-01-07 16:55:18 ----A---- C:\Windows\system32\TURegOpt.exe
2012-01-07 16:55:17 ----A---- C:\Windows\system32\authuitu.dll
2012-01-07 16:54:50 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-01-06 23:13:40 ----A---- C:\Windows\system32\W95Inf32.DLL
2012-01-06 23:13:40 ----A---- C:\Windows\system32\W95Inf16.DLL
2011-12-30 00:07:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-12-30 00:07:39 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-12-30 00:07:36 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-12-30 00:07:35 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-12-30 00:07:32 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-12-30 00:07:29 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-12-30 00:07:18 ----A---- C:\Windows\avastSS.scr
2011-12-30 00:07:17 ----A---- C:\Windows\system32\aswBoot.exe
2011-12-29 11:41:45 ----A---- C:\Windows\system32\ShellManager310E2D762.dll
2011-12-29 11:33:21 ----D---- C:\Program Files\Common Files\Nero
2011-12-28 00:09:14 ----D---- C:\Users\X\AppData\Roaming\Ashampoo
2011-12-28 00:08:24 ----D---- C:\Program Files\Ashampoo
2011-12-27 16:16:05 ----D---- C:\Users\X\AppData\Roaming\Nero
2011-12-27 16:14:47 ----D---- C:\ProgramData\Nero
2011-12-26 17:33:40 ----D---- C:\ProgramData\TVU Networks
2011-12-26 14:45:19 ----D---- C:\ProgramData\IsolatedStorage
2011-12-26 14:45:16 ----D---- C:\Users\X\AppData\Roaming\SMS posílač Treca
2011-12-24 16:10:09 ----D---- C:\Users\X\AppData\Roaming\esmska
2011-12-23 08:47:28 ----D---- C:\Program Files\Rockstar Games
2011-12-21 16:17:41 ----D---- C:\Windows\fonts\AdvUninstal
2011-12-21 16:17:33 ----D---- C:\Program Files\Common Files\Innovative Solutions
2011-12-21 16:17:30 ----D---- C:\ProgramData\Innovative Solutions
2011-12-16 18:23:05 ----D---- C:\Users\X\AppData\Roaming\GlarySoft
2011-12-15 22:40:29 ----D---- C:\inetpub
2011-12-15 21:40:07 ----D---- C:\Program Files\Common Files\Java
2011-12-15 21:39:39 ----A---- C:\Windows\system32\npdeployJava1.dll
2011-12-15 21:39:39 ----A---- C:\Windows\system32\javaws.exe
2011-12-15 21:39:39 ----A---- C:\Windows\system32\javaw.exe
2011-12-15 21:39:39 ----A---- C:\Windows\system32\java.exe
2011-12-15 21:05:28 ----D---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 month======

2012-01-13 23:10:02 ----D---- C:\Windows\Temp
2012-01-13 23:09:46 ----RD---- C:\Program Files
2012-01-13 18:21:07 ----HD---- C:\ProgramData
2012-01-12 22:08:09 ----AD---- C:\ProgramData\Temp
2012-01-12 22:02:25 ----AD---- C:\Windows
2012-01-12 21:51:42 ----D---- C:\Windows\Prefetch
2012-01-12 21:27:29 ----D---- C:\Windows\system32\drivers
2012-01-12 19:38:41 ----D---- C:\Windows\system32\config
2012-01-11 21:33:57 ----D---- C:\Windows\system32\Tasks
2012-01-11 21:29:59 ----D---- C:\Windows\System32
2012-01-11 20:03:28 ----D---- C:\Windows\inf
2012-01-11 15:29:50 ----D---- C:\Program Files\Seznam.cz
2012-01-10 22:12:08 ----SHD---- C:\System Volume Information
2012-01-08 20:10:07 ----SHD---- C:\Windows\Installer
2012-01-08 20:10:07 ----HD---- C:\Config.Msi
2012-01-08 17:21:21 ----D---- C:\Windows\winsxs
2012-01-07 23:01:13 ----A---- C:\Windows\_MSRSTRT.EXE
2012-01-07 22:27:10 ----D---- C:\Program Files\Common Files
2012-01-07 18:52:22 ----A---- C:\Windows\oodjobd.INI
2012-01-07 17:50:30 ----D---- C:\Windows\system32\NDF
2012-01-07 17:45:01 ----D---- C:\Program Files\IObit
2012-01-07 17:27:53 ----A---- C:\ProgramData\mazuki.dll
2012-01-02 17:27:47 ----D---- C:\Windows\debug
2012-01-01 11:33:18 ----D---- C:\Windows\SoftwareDistribution
2011-12-31 12:30:14 ----D---- C:\Windows\system32\drivers\etc
2011-12-30 14:16:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-30 00:21:24 ----D---- C:\Windows\Logs
2011-12-30 00:07:10 ----D---- C:\ProgramData\AVAST Software
2011-12-29 22:55:24 ----D---- C:\Windows\twain_32
2011-12-29 12:13:45 ----D---- C:\Program Files\Common Files\Ahead
2011-12-29 11:43:29 ----D---- C:\Program Files\Nero
2011-12-29 11:31:53 ----D---- C:\Windows\system32\catroot2
2011-12-29 10:52:22 ----D---- C:\Windows\Microsoft.NET
2011-12-29 00:17:17 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-28 23:07:15 ----RSD---- C:\Windows\assembly
2011-12-28 23:07:07 ----D---- C:\Program Files\Microsoft.NET
2011-12-28 23:07:05 ----D---- C:\Windows\system32\en-US
2011-12-28 13:31:43 ----D---- C:\ProgramData\Microsoft Help
2011-12-27 18:58:32 ----DC---- C:\Windows\system32\DRVSTORE
2011-12-27 17:19:54 ----D---- C:\Windows\system32\catroot
2011-12-25 18:47:25 ----D---- C:\Windows\system32\cs-CZ
2011-12-21 21:58:19 ----D---- C:\Windows\ModemLogs
2011-12-21 20:31:47 ----D---- C:\Users\X\AppData\Roaming\AVG
2011-12-21 20:30:25 ----D---- C:\Program Files\AVG
2011-12-21 18:36:15 ----D---- C:\Program Files\CCleaner
2011-12-21 16:26:10 ----D---- C:\ProgramData\IObit
2011-12-21 16:17:41 ----RSD---- C:\Windows\Fonts
2011-12-20 20:33:57 ----D---- C:\Windows\system32\wdi
2011-12-20 20:00:11 ----D---- C:\Windows\rescache
2011-12-16 18:46:13 ----D---- C:\Windows\Tasks
2011-12-16 18:39:55 ----D---- C:\Users\X\AppData\Roaming\Macromedia
2011-12-16 18:23:06 ----D---- C:\Windows\BDOSCAN8
2011-12-16 18:23:06 ----D---- C:\Users\X\AppData\Roaming\Audacity
2011-12-15 22:40:30 ----D---- C:\Windows\system32\migration
2011-12-15 22:40:30 ----D---- C:\Windows\system32\inetsrv
2011-12-15 22:40:29 ----D---- C:\Windows\system32\cs
2011-12-15 21:39:23 ----A---- C:\Windows\system32\deployJava1.dll
2011-12-15 21:36:19 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-07 431672]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-03-04 296936]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
R3 ULCDRHlp;ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TFSysMon.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\drivers\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 cpuz135;cpuz135; C:\Windows\system32\drivers\cpuz135.sys []
S3 CrystalSysInfo;CrystalSysInfo; C:\Windows\system32\drivers\CrystalSysInfo.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-12-09 23456]
S3 EagleNT;EagleNT; C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; C:\Windows\system32\drivers\EagleXNt.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\IntcAzAudAddService.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-04 47360]
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD.sys [2011-09-28 56840]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TfNetMon;TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WFLR6654;WinFast DTV1800 H (XC3028); C:\Windows\system32\drivers\WFLR6654.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2011-03-21 68928]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-08-03 599144]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]
R4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
S2 McTskshd.exe;McAfee Task Scheduler; c:\PROGRA~1\mcafee.com\agent\mctskshd.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 McDetect.exe;McAfee WSC Integration; c:\program files\mcafee.com\agent\mcdetect.exe []
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]

-----------------EOF-----------------

[Rudy]

Zdravím!
Něco málo můžeme dočistit. Dvouklikem na soubor C:\Program Files\trend micro\X.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll (file missing)
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O18 - Protocol: toolbarchrome - (no CLSID) - (no file)

a klikněte na >Fix checked<. Restartujte PC.

Pak Startmenu>přík. řádek>(napsat) services.msc>Enter. Spustí se správce služeb, v němž najděte tyto služby:

O23 - Service: InstallDriver Table Manager (IDriverT) - Intel Corporation - (no file)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - (no file)

Obě zastavte a zakažte.

Jinak si myslím, že 1:40min není nijak zvláště dlouhá doba na to, že se jedná o stroj s 2GB RAM a Win7Pro.

[Milan12300]

Dobrý den tak děkuji za radu už jsem to udělal a ještě bych potřeboval takovou drobnost, koukněte se prosím na tohle je to LOG z programu SUPERAntiSpyware. Mě když njaký program najde vira tak se kouknu co je zač, jaký je umístění, pak ten název najdu GOOGLEM a když se někde dočtu že ho taky někdo měl a někdo mu poradil to smazat tak teprve pak ho smažu. Do žádné karantény viry nedávám. A potřeboval bych vědět co mám udělat s tim co mi našel v registru.. Díky.


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/13/2012 at 07:16 PM

Application Version : 5.0.1142

Core Rules Database Version : 8132
Trace Rules Database Version: 5944

Scan type : Complete Scan
Total Scan Time : 00:49:10

Operating System Information
Windows 7 Professional 32-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 617
Memory threats detected : 0
Registry items scanned : 38255
Registry threats detected : 10
File items scanned : 81251
File threats detected : 5

Security.HiJack[ImageFileExecutionOptions]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASC.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASC.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SUC12_UNINSTAL.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SUC12_UNINSTAL.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TOOLBOX.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TOOLBOX.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TURBOBOOST.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TURBOBOOST.EXE#Debugger
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINS000.EXE
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINS000.EXE#Debugger

Adware.Tracking Cookie
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@AD2.BILLBOARD[2].TXT [ /AD2.BILLBOARD ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@AD2.BILLBOARD[3].TXT [ /AD2.BILLBOARD ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@IMEDIA[1].TXT [ /IMEDIA ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@TOPLIST[1].TXT [ /TOPLIST ]

[Rudy]

Vše můžete smazat.

[Milan12300]

V registru už jsem to smazal ale už si nevím rady s tímhle:

C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@AD2.BILLBOARD[2].TXT [ /AD2.BILLBOARD ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@AD2.BILLBOARD[3].TXT [ /AD2.BILLBOARD ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@IMEDIA[1].TXT [ /IMEDIA ]
C:\$RECYCLE.BIN\S-1-5-21-3887554259-2600576739-1838076180-1000\$R681HPB\X\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\X@TOPLIST[1].TXT [ /TOPLIST ]

Vůbec mě to do tý složky nechce pustit, zkoušel jsem to i přes Total Commander-ten tu cestu asi má bloklou takže se tam přes něj nedostanu a ještě jsem to zkoušel přes WinRar-ten mě pustil jenom sem: C:\$RECYCLE.BIN a dál mě taky nechce pustit. Jak to mám smazat ?

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[Milan12300]

Trvalo to přesně 10 minut Jo a omlouvám se že dlouho neodpovídám... nemám čas. Tak třeba dnes jsme se byli podivat v Hradci Králové měli den otevřených dveří a vrátili jsme se něco kolem 15... Ale zpět k tomu logu, tady je:

ComboFix 12-01-13.05 - X 14.01.2012 19:54:09.1.1 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2048.1439 [GMT 1:00]
Spuštěný z: c:\users\X\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\mazuki.dll
c:\programdata\Safe
c:\programdata\Safe\zsinfo.dat
c:\users\X\AppData\Roaming\inst.exe
c:\users\X\AppData\Roaming\system32
c:\users\X\AppData\Roaming\vso_ts_preview.xml
c:\users\X\AppData\Roaming\Xlog.dat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\ST6UNST.000
c:\windows\system32\roboot.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-14 do 2012-01-14 )))))))))))))))))))))))))))))))
.
.
2012-01-14 19:01 . 2012-01-14 19:01 -------- d-----w- c:\users\X\AppData\Local\temp
2012-01-14 19:01 . 2012-01-14 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-14 18:47 . 2012-01-14 18:47 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3BA0693-299A-4949-B138-219134C0612C}\offreg.dll
2012-01-14 17:18 . 2012-01-14 18:43 -------- d-----w- c:\users\X\AppData\Local\GHISLER
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2012-01-14 17:17 . 2012-01-14 18:43 -------- d-----w- c:\users\X\AppData\Roaming\GHISLER
2012-01-13 22:09 . 2012-01-14 14:48 -------- d-----w- c:\program files\trend micro
2012-01-13 17:21 . 2012-01-13 17:21 -------- d-----w- c:\users\X\AppData\Roaming\SUPERAntiSpyware.com
2012-01-13 17:20 . 2012-01-13 17:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-13 17:20 . 2012-01-13 17:20 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-12 20:15 . 2012-01-12 20:27 -------- d-----w- c:\users\X\AppData\Roaming\DMCache
2012-01-12 18:31 . 2012-01-12 18:36 -------- d-----w- c:\users\X\AppData\Roaming\Wise Registry Cleaner
2012-01-12 18:30 . 2012-01-12 18:30 -------- d-----w- c:\program files\Wise Registry Cleaner
2012-01-12 16:12 . 2012-01-12 16:12 -------- d-----w- c:\users\X\AppData\Roaming\Malwarebytes
2012-01-12 16:12 . 2012-01-12 16:12 -------- d-----w- c:\programdata\Malwarebytes
2012-01-11 20:29 . 2005-07-14 11:34 63584 ----a-w- c:\windows\system32\vshield.vxd
2012-01-11 20:29 . 2005-07-14 11:34 26720 ----a-w- c:\windows\system32\vshinit.vxd
2012-01-11 20:29 . 2005-07-14 11:33 23639 ----a-w- c:\windows\system32\mcutil.vxd
2012-01-11 20:29 . 2005-07-14 11:33 28243 ----a-w- c:\windows\system32\mckrnl.vxd
2012-01-11 20:29 . 2005-05-04 10:10 1464566 ----a-w- c:\windows\system32\MCSCAN32.VXD
2012-01-11 20:29 . 2012-01-11 20:30 -------- d-----w- c:\programdata\McAfee.com
2012-01-11 20:29 . 2005-05-24 18:23 288320 ----a-w- c:\windows\system32\mcgdmgr.dll
2012-01-11 20:29 . 2005-07-18 11:03 349760 ----a-w- c:\windows\system32\mcinsctl.dll
2012-01-10 21:12 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3BA0693-299A-4949-B138-219134C0612C}\mpengine.dll
2012-01-09 19:00 . 2012-01-12 20:45 -------- d-----w- c:\program files\DAP
2012-01-08 16:02 . 2012-01-08 16:09 -------- d-----w- c:\users\X\AppData\Roaming\BITS
2012-01-08 16:02 . 2012-01-08 16:02 -------- d-----w- c:\users\X\AppData\Roaming\FlashGet
2012-01-07 21:27 . 2012-01-09 19:00 -------- d-----w- c:\programdata\SpeedBit
2012-01-07 21:27 . 2012-01-07 21:27 -------- d-----w- c:\program files\Common Files\SpeedBit
2012-01-07 15:55 . 2011-12-14 11:47 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-01-07 15:55 . 2011-12-14 11:46 21312 ----a-w- c:\windows\system32\authuitu.dll
2012-01-07 15:54 . 2012-01-07 21:51 -------- d-----w- c:\program files\TuneUp Utilities 2012
2012-01-06 22:13 . 1999-07-17 01:21 4608 ----a-w- c:\windows\system32\W95Inf32.DLL
2012-01-06 22:13 . 1999-07-17 01:21 2272 ----a-w- c:\windows\system32\W95Inf16.DLL
2011-12-29 23:07 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-29 23:07 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-29 23:07 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-29 23:07 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-29 23:07 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-29 23:07 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-29 23:07 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-29 23:07 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-29 10:41 . 2008-06-24 11:45 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2011-12-29 10:33 . 2011-12-29 10:43 -------- d-----w- c:\program files\Common Files\Nero
2011-12-27 23:09 . 2011-12-28 22:31 -------- d-----w- c:\users\X\AppData\Roaming\Ashampoo
2011-12-27 23:08 . 2012-01-07 16:16 -------- d-----w- c:\program files\Ashampoo
2011-12-27 17:45 . 2011-12-27 17:45 -------- d-----w- c:\users\X\AppData\Local\Nero
2011-12-27 15:16 . 2011-12-29 10:37 -------- d-----w- c:\users\X\AppData\Roaming\Nero
2011-12-27 15:14 . 2011-12-29 11:12 -------- d-----w- c:\programdata\Nero
2011-12-26 16:33 . 2011-12-26 16:33 -------- d-----w- c:\users\X\AppData\Local\TVU Networks
2011-12-26 16:33 . 2011-12-26 16:33 -------- d-----w- c:\programdata\TVU Networks
2011-12-26 13:45 . 2011-12-26 13:45 -------- d-----w- c:\programdata\IsolatedStorage
2011-12-26 13:45 . 2011-12-26 13:45 -------- d-----w- c:\users\X\AppData\Roaming\SMS posílač Treca
2011-12-24 15:10 . 2011-12-24 15:23 -------- d-----w- c:\users\X\AppData\Roaming\esmska
2011-12-23 07:47 . 2011-12-23 07:47 -------- d-----w- c:\program files\Rockstar Games
2011-12-23 07:44 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-12-23 07:44 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-12-23 07:44 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-12-23 07:44 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-12-23 07:44 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-12-23 07:44 . 2011-12-23 07:44 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-12-23 07:44 . 2011-12-23 07:44 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-12-21 15:17 . 2011-12-21 15:17 -------- d-----w- c:\program files\Common Files\Innovative Solutions
2011-12-21 15:17 . 2011-12-21 15:25 -------- d-----w- c:\programdata\Innovative Solutions
2011-12-16 17:23 . 2011-12-16 17:33 -------- d-----w- c:\users\X\AppData\Roaming\GlarySoft
2011-12-15 20:40 . 2011-12-15 20:40 -------- d-----w- c:\program files\Common Files\Java
2011-12-15 20:39 . 2011-12-15 20:39 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2011-12-15 20:05 . 2011-12-15 20:05 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 22:01 . 2010-07-09 21:23 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-12-15 20:39 . 2011-10-28 20:34 567184 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-09 22:08 . 2011-12-10 16:46 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-11-22 18:42 . 2011-12-04 19:21 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-15 13:29 . 2010-02-03 11:15 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-14 15:07 . 2011-12-04 19:35 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-11-14 15:07 . 2011-12-04 19:35 2246608 ----a-w- c:\windows\PCTBDCore.dll
2011-11-14 15:07 . 2011-12-04 19:35 1681360 ----a-w- c:\windows\PCTBDRes.dll
2011-11-14 15:06 . 2011-12-04 19:35 767952 ----a-w- c:\windows\BDTSupport.dll
2011-11-13 13:09 . 2011-11-13 13:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-19 21:15 . 2011-11-17 20:46 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2011-05-25 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iolo Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2011-12-29 15:43 620376 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-12-09 00:44 4616064 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R0 TfFsMon;TfFsMon; [x]
R0 TFSysMon;TFSysMon; [x]
R3 ATEK;ATEK; [x]
R3 cpuz135;cpuz135; [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-12-09 23456]
R3 EagleXNt;EagleXNt; [x]
R3 FQXV;FQXV; [x]
R3 GLRXXGXOD;GLRXXGXOD; [x]
R3 K;K; [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-04-04 47360]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [2011-09-28 56840]
R3 TfNetMon;TfNetMon; [x]
R3 WFLR6654;WinFast DTV1800 H (XC3028); [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
R4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-03-21 68928]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = http=127.0.0.1:25432;
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: ????3??
IE: ????3??????
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: ????3?? - c:\users\X\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\X\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 10.0.0.138
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.
.
------- Asociace souborů -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-SolutoService
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,a4,01,d1,8a,e6,e7,4d,92,90,0b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,a4,01,d1,8a,e6,e7,4d,92,90,0b,\
.
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\X\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\X\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-14 20:03:48
ComboFix-quarantined-files.txt 2012-01-14 19:03
.
Před spuštěním: Volných bajtů: 86 322 532 352
Po spuštění: Volných bajtů: 85 996 048 384
.
- - End Of File - - A4B14D4D3F3E2B6D789E24C2E4857774

[Rudy]

....omlouvám se že dlouho neodpovídám... nemám čas.

Nic se neděje, ani nikdo z nás tu nemůže být stále.

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
C:\$RECYCLE.BIN

Reglockdel::
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]

Driver::
TfFsMon
TFSysMon
ATEK
cpuz135
EagleXNt
FQXV
GLRXXGXOD
K
TfNetMon

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Milan12300]

Hotovo. Udělal jsem to 2x protože poprvé se mi objevila ta modrá obrazovka tak se restartoval a podruhý už to šlo dobře takže tady je log. Dáte mi prosím nějaké rady jakými mužu počítač čistit? Já používám CCleaner ten je vynikající vždycky počítač jako „osvěží“


ComboFix 12-01-13.05 - X 14.01.2012 21:08:37.2.1 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2048.1389 [GMT 1:00]
Spuštěný z: c:\users\X\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\X\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$RECYCLE.BIN
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ135
-------\Legacy_EAGLEXNT
-------\Legacy_TFFSMON
-------\Legacy_TFNETMON
-------\Legacy_TFSYSMON
-------\Service_ATEK
-------\Service_cpuz135
-------\Service_EagleXNt
-------\Service_FQXV
-------\Service_GLRXXGXOD
-------\Service_K
-------\Service_TfFsMon
-------\Service_TfNetMon
-------\Service_TFSysMon
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-14 do 2012-01-14 )))))))))))))))))))))))))))))))
.
.
2012-01-14 20:16 . 2012-01-14 20:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-14 20:05 . 2012-01-14 20:05 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3BA0693-299A-4949-B138-219134C0612C}\offreg.dll
2012-01-14 19:03 . 2012-01-14 20:19 -------- d-----w- c:\users\X\AppData\Local\temp
2012-01-14 17:18 . 2012-01-14 18:43 -------- d-----w- c:\users\X\AppData\Local\GHISLER
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2012-01-14 17:17 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2012-01-14 17:17 . 2012-01-14 18:43 -------- d-----w- c:\users\X\AppData\Roaming\GHISLER
2012-01-13 22:09 . 2012-01-14 14:48 -------- d-----w- c:\program files\trend micro
2012-01-13 17:21 . 2012-01-13 17:21 -------- d-----w- c:\users\X\AppData\Roaming\SUPERAntiSpyware.com
2012-01-13 17:20 . 2012-01-13 17:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-13 17:20 . 2012-01-13 17:20 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-12 20:15 . 2012-01-12 20:27 -------- d-----w- c:\users\X\AppData\Roaming\DMCache
2012-01-12 18:31 . 2012-01-12 18:36 -------- d-----w- c:\users\X\AppData\Roaming\Wise Registry Cleaner
2012-01-12 18:30 . 2012-01-12 18:30 -------- d-----w- c:\program files\Wise Registry Cleaner
2012-01-12 16:12 . 2012-01-12 16:12 -------- d-----w- c:\users\X\AppData\Roaming\Malwarebytes
2012-01-12 16:12 . 2012-01-12 16:12 -------- d-----w- c:\programdata\Malwarebytes
2012-01-11 20:29 . 2005-07-14 11:34 63584 ----a-w- c:\windows\system32\vshield.vxd
2012-01-11 20:29 . 2005-07-14 11:34 26720 ----a-w- c:\windows\system32\vshinit.vxd
2012-01-11 20:29 . 2005-07-14 11:33 23639 ----a-w- c:\windows\system32\mcutil.vxd
2012-01-11 20:29 . 2005-07-14 11:33 28243 ----a-w- c:\windows\system32\mckrnl.vxd
2012-01-11 20:29 . 2005-05-04 10:10 1464566 ----a-w- c:\windows\system32\MCSCAN32.VXD
2012-01-11 20:29 . 2012-01-11 20:30 -------- d-----w- c:\programdata\McAfee.com
2012-01-11 20:29 . 2005-05-24 18:23 288320 ----a-w- c:\windows\system32\mcgdmgr.dll
2012-01-11 20:29 . 2005-07-18 11:03 349760 ----a-w- c:\windows\system32\mcinsctl.dll
2012-01-10 21:12 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3BA0693-299A-4949-B138-219134C0612C}\mpengine.dll
2012-01-09 19:00 . 2012-01-12 20:45 -------- d-----w- c:\program files\DAP
2012-01-08 16:02 . 2012-01-08 16:09 -------- d-----w- c:\users\X\AppData\Roaming\BITS
2012-01-08 16:02 . 2012-01-08 16:02 -------- d-----w- c:\users\X\AppData\Roaming\FlashGet
2012-01-07 21:27 . 2012-01-09 19:00 -------- d-----w- c:\programdata\SpeedBit
2012-01-07 21:27 . 2012-01-07 21:27 -------- d-----w- c:\program files\Common Files\SpeedBit
2012-01-07 15:55 . 2011-12-14 11:47 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-01-07 15:55 . 2011-12-14 11:46 21312 ----a-w- c:\windows\system32\authuitu.dll
2012-01-07 15:54 . 2012-01-07 21:51 -------- d-----w- c:\program files\TuneUp Utilities 2012
2012-01-06 22:13 . 1999-07-17 01:21 4608 ----a-w- c:\windows\system32\W95Inf32.DLL
2012-01-06 22:13 . 1999-07-17 01:21 2272 ----a-w- c:\windows\system32\W95Inf16.DLL
2011-12-29 23:07 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-29 23:07 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-29 23:07 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-29 23:07 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-29 23:07 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-29 23:07 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-29 23:07 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-29 23:07 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-29 10:41 . 2008-06-24 11:45 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2011-12-29 10:33 . 2011-12-29 10:43 -------- d-----w- c:\program files\Common Files\Nero
2011-12-27 23:09 . 2011-12-28 22:31 -------- d-----w- c:\users\X\AppData\Roaming\Ashampoo
2011-12-27 23:08 . 2012-01-07 16:16 -------- d-----w- c:\program files\Ashampoo
2011-12-27 17:45 . 2011-12-27 17:45 -------- d-----w- c:\users\X\AppData\Local\Nero
2011-12-27 15:16 . 2011-12-29 10:37 -------- d-----w- c:\users\X\AppData\Roaming\Nero
2011-12-27 15:14 . 2011-12-29 11:12 -------- d-----w- c:\programdata\Nero
2011-12-26 16:33 . 2011-12-26 16:33 -------- d-----w- c:\users\X\AppData\Local\TVU Networks
2011-12-26 16:33 . 2011-12-26 16:33 -------- d-----w- c:\programdata\TVU Networks
2011-12-26 13:45 . 2011-12-26 13:45 -------- d-----w- c:\programdata\IsolatedStorage
2011-12-26 13:45 . 2011-12-26 13:45 -------- d-----w- c:\users\X\AppData\Roaming\SMS posílač Treca
2011-12-24 15:10 . 2011-12-24 15:23 -------- d-----w- c:\users\X\AppData\Roaming\esmska
2011-12-23 07:47 . 2011-12-23 07:47 -------- d-----w- c:\program files\Rockstar Games
2011-12-23 07:44 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-12-23 07:44 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-12-23 07:44 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-12-23 07:44 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-12-23 07:44 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-12-23 07:44 . 2011-12-23 07:44 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-12-23 07:44 . 2011-12-23 07:44 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-12-21 15:17 . 2011-12-21 15:17 -------- d-----w- c:\program files\Common Files\Innovative Solutions
2011-12-21 15:17 . 2011-12-21 15:25 -------- d-----w- c:\programdata\Innovative Solutions
2011-12-16 17:23 . 2011-12-16 17:33 -------- d-----w- c:\users\X\AppData\Roaming\GlarySoft
2011-12-15 20:40 . 2011-12-15 20:40 -------- d-----w- c:\program files\Common Files\Java
2011-12-15 20:39 . 2011-12-15 20:39 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 22:01 . 2010-07-09 21:23 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-12-15 20:39 . 2011-10-28 20:34 567184 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-09 22:08 . 2011-12-10 16:46 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-11-22 18:42 . 2011-12-04 19:21 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-15 13:29 . 2010-02-03 11:15 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-14 15:07 . 2011-12-04 19:35 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-11-14 15:07 . 2011-12-04 19:35 2246608 ----a-w- c:\windows\PCTBDCore.dll
2011-11-14 15:07 . 2011-12-04 19:35 1681360 ----a-w- c:\windows\PCTBDRes.dll
2011-11-14 15:06 . 2011-12-04 19:35 767952 ----a-w- c:\windows\BDTSupport.dll
2011-11-13 13:09 . 2011-11-13 13:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-19 21:15 . 2011-11-17 20:46 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2011-05-25 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2011-12-29 15:43 620376 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-12-09 00:44 4616064 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-12-09 23456]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-04-04 47360]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [2011-09-28 56840]
R3 WFLR6654;WinFast DTV1800 H (XC3028); [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
R4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
R4 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-03-21 68928]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = http=127.0.0.1:25432;
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: ????3??
IE: ????3??????
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: ????3?? - c:\users\X\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\X\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 10.0.0.138
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,a4,01,d1,8a,e6,e7,4d,92,90,0b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,a4,01,d1,8a,e6,e7,4d,92,90,0b,\
.
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\X\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3887554259-2600576739-1838076180-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\X\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-01-14 21:23:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-14 20:23
ComboFix2.txt 2012-01-14 19:03
.
Před spuštěním: Volných bajtů: 86 232 047 616
Po spuštění: Volných bajtů: 85 776 257 024
.
- - End Of File - - DFFCFFADAEFD97217455EEB058CD72D7

[Rudy]

Log již vypadá OK. CCleaner je čistič, který doporučujeme i zde. Je nutné najít kompromis a doporučovat userům takový, který promazává jen to, co evidentně již nikdy potřebovat nebude a zároveň nepoškodí nic, co je nainstalováno. Čističů je spousta, některé čistí dost povrchně, jiné při neznalosti dokáží i poškodit systém.

[Milan12300]

Moc vám děkuji že jste si na mě udělal chvíli a zatím se mějte hezky nashledanou

[Rudy]

Vy též a nemáte zač!