prosím kontrolu logu
Napsal: 31 říj 2011 11:18
Dobrý den.Můžete mi prosím zkontolovat log?Pc běží v pořádku,jen poslední cca.měsíc dlouho trvá prohlížeči než otevře stránky.Rychlost netu máme stejnou,to jsem zoušel.Díky
ComboFix 11-10-30.03 - Jenda 31.10.2011 10:47:41.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2815 [GMT 1:00]
Spuštěný z: d:\users\Jenda\Desktop\BezpeŔnost\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\users\Jenda\AppData\Roaming\inst.exe
d:\users\Jenda\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-31 10:03 . 2011-10-31 10:03 -------- d-----w- d:\users\Default\AppData\Local\temp
2011-10-31 09:43 . 2011-10-07 04:16 8570192 ----a-w- d:\programdata\Microsoft\Windows Defender\Definition Updates\{CAFEA352-0DAD-4E79-AB19-1B32838C991C}\mpengine.dll
2011-10-19 11:03 . 2011-10-19 11:03 -------- d-----w- d:\program files\Defraggler
2011-10-19 10:53 . 2011-10-19 10:53 -------- d-----w- d:\users\Jenda\AppData\Roaming\SUPERAntiSpyware.com
2011-10-19 10:52 . 2011-10-19 10:53 -------- d-----w- d:\program files\SUPERAntiSpyware
2011-10-19 10:52 . 2011-10-19 10:52 -------- d-----w- d:\programdata\SUPERAntiSpyware.com
2011-10-18 20:10 . 2011-10-31 09:44 -------- d-----w- d:\program files (x86)\Unlocker
2011-10-18 12:46 . 2011-10-18 20:21 -------- d-----w- d:\program files\trend micro
2011-10-17 16:50 . 2011-10-17 16:51 -------- d-----w- d:\program files (x86)\Táta hrdina
2011-10-12 10:41 . 2011-09-06 03:03 3138048 ----a-w- d:\windows\system32\win32k.sys
2011-10-12 10:41 . 2011-08-17 05:26 613888 ----a-w- d:\windows\system32\psisdecd.dll
2011-10-12 10:41 . 2011-08-17 05:25 108032 ----a-w- d:\windows\system32\psisrndr.ax
2011-10-12 10:41 . 2011-08-17 04:24 465408 ----a-w- d:\windows\SysWow64\psisdecd.dll
2011-10-12 10:41 . 2011-08-17 04:19 75776 ----a-w- d:\windows\SysWow64\psisrndr.ax
2011-10-12 10:41 . 2011-08-27 05:37 331776 ----a-w- d:\windows\system32\oleacc.dll
2011-10-12 10:41 . 2011-08-27 04:26 571904 ----a-w- d:\windows\SysWow64\oleaut32.dll
2011-10-12 10:41 . 2011-08-27 04:26 233472 ----a-w- d:\windows\SysWow64\oleacc.dll
2011-10-12 10:41 . 2011-08-27 05:37 861696 ----a-w- d:\windows\system32\oleaut32.dll
2011-10-06 07:07 . 2011-10-06 07:07 -------- d-----w- d:\program files\Google
2011-10-06 07:07 . 2011-10-06 09:39 -------- d-----w- d:\programdata\Google Updater
2011-10-04 10:50 . 2005-06-24 14:24 438272 ----a-r- d:\windows\SysWow64\vp6vfw.dll
2011-10-04 10:50 . 2004-12-10 07:06 327680 ----a-w- d:\windows\SysWow64\vp6dec.ax
2011-10-04 10:50 . 2011-10-19 06:48 -------- d-----w- d:\program files (x86)\Common Files\InstallShield
2011-10-03 11:05 . 2011-10-03 11:30 311968 ----a-w- d:\windows\system32\drivers\atksgt.sys
2011-10-03 11:05 . 2011-10-03 11:05 43168 ----a-w- d:\windows\system32\drivers\lirsgt.sys
2011-10-03 08:53 . 2011-10-03 08:59 -------- d-----w- d:\program files (x86)\Rozpisy pro Sportku - free verze 107
2011-10-03 08:48 . 2011-10-03 08:53 796672 ----a-w- d:\windows\GPInstall.exe
2011-10-03 06:41 . 2011-10-03 06:41 -------- d-----w- d:\users\Jenda\AppData\Roaming\Software Informer
2011-10-03 06:41 . 2011-10-03 06:41 -------- d-----w- d:\program files (x86)\Software Informer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 12:37 . 2011-06-16 05:33 414368 ----a-w- d:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-20 20:51 . 2011-09-20 20:51 424624 ----a-w- d:\windows\system32\wrap_oal.dll
2011-09-20 20:51 . 2011-09-20 20:51 418480 ----a-w- d:\windows\SysWow64\wrap_oal.dll
2011-09-20 20:51 . 2011-09-20 20:51 138472 ----a-w- d:\windows\system32\OpenAL32.dll
2011-09-20 20:51 . 2011-09-20 20:51 115432 ----a-w- d:\windows\SysWow64\OpenAL32.dll
2011-09-06 20:45 . 2011-01-20 15:20 41184 ----a-w- d:\windows\avastSS.scr
2011-09-06 20:45 . 2011-01-20 15:20 199304 ----a-w- d:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-01-20 17:18 254400 ----a-w- d:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-04-27 17:56 601944 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-01-20 15:21 301912 ----a-w- d:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-01-20 15:21 42328 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-01-20 15:21 58200 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-01-20 15:21 65368 ----a-w- d:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-01-20 15:21 24408 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2011-08-30 15:08 . 2011-08-30 15:08 0 ---ha-w- d:\users\Jenda\AppData\Local\BIT9156.tmp
2011-08-22 10:16 . 2011-03-04 19:42 48648 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-08-22 10:16 . 2011-03-04 19:42 484160 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-08-16 11:11 . 2011-08-16 11:11 82816 ----a-w- d:\windows\system32\drivers\pcouffin.sys
2011-08-16 11:11 . 2011-08-16 11:11 82816 ----a-w- d:\users\Jenda\AppData\Roaming\pcouffin.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRDownloader"="d:\users\Jenda\Desktop\Nepoužívané odkazy\SRDownloader.exe" [2011-10-16 903680]
"Free Download Manager"="d:\program files (x86)\Free Download Manager\fdm.exe" [2010-04-28 3727411]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 gupdate;Služba Google Update (gupdate);d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 136176]
R3 gupdatem;Služba Google Update (gupdatem);d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 136176]
R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;d:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;d:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;d:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AMD External Events Utility;AMD External Events Utility;d:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;d:\windows\system32\drivers\aswMonFlt.sys [x]
S3 amdkmdag;amdkmdag;d:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;d:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 pcouffin;VSO Software pcouffin;d:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;d:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-31 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 12:48]
.
2011-10-31 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 12:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- d:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = d:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = d:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlall.htm
IE: Stáhnout webovou stránku Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlpage.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - d:\users\Jenda\AppData\Roaming\Mozilla\Firefox\Profiles\h1rul7mo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-UnlockerAssistant - d:\program files (x86)\Unlocker\UnlockerAssistant.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="730B3145CD91E4AD7992B4263B275BA18A2CB770008BB60740054DAB4F47FA71ECEC2CBA5DAD60B242667EFEECB4BD85444FF3922D634FC9FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C8EDD5E5BE2F6E667A2D97226D213B555C9AD8C44F2B26B7C60689B2540119BA40D148E4D41D57065238194B16D87FE7799E159B191FD066483E197CA30C5ADC755E20160A89B991A733BFA91B9FBC8931D882320C6B5C6161C922A66FA1D2B2C4E3CFB60313EEB9E7487B7BC34AE7A09DAAA76094661388D4E2B686483973513D918B74989D5BC92E549466077F1BFF79230336AB62BFA8E73BEB4B21C58FC7C8FD3BC1CD19E76D93A45F7AE113AD646B1E910C5B362C19D9944C9448E284E323A2FE95A1EF8151D1A23ED598224119DDE8894214B7AD3078297B71095F2833DD74F740C78EAA8C76173221CC16BD4E972A31D8580090DD6A3785E8F61C70DEE9A3BDF3FDE9CD98A1EA5DF31BAF21D5DF6B4DB814AC9DAE0A589F243955C6FD86A608A80C0DCDE59958FC55A49C1F76B2F195426151CC3BA67D200AB4B064352608F20E50399876C3E6AC9DB41FE87CF0E165F09BE81DB3EF9BEE3D08D4234F6CAFAA305806A333FC3D3B17F66798205BD51AA441AA2CF0AA11ECEBCDD3083A6AD3EED7A84855693054D1A907424B24E195336F46FC8DD7F5AA2C87EAD950482BED32966D0CA7DEC173CF25F1A15F52FB18B57BCF864DBC5CFE5A9A967D79EF3681B526C9A39C292406A80C2F684BF724C4CB6C1E4072E47E3E120D2E6045124495BBD338A755A127D83599123D115A4E04DCF2DD767D22FACF5AD957A4AA88334BA1267BDC907B97B9A6928A8FD91169BA6F5ADE6E1D6F3F1E5A89067FE4C442FC64A37C5A2239FA0A570E883AFE1DC5DD7CB7320F45DC8B4D8BA67E618F3DE74EE3458A6101B1A047B8336A7B04AD13BC44BB5FEC22029A25ADF40A133E90EF38874815948F1C6EE5C09FB7B6D1F12FC31C02CF8136752A3D9EBC3BA1010504F4B7FED4B233B066367BD23D67ACB7E1F49CB9674CF954750AA84A3C412DA695DD3215DDE9DA07A15A3309E898BCE3DD11BE234CC889BCD7604A211C841525FA8A37793E659608CE8F945E2D4FBB9B67B19CF4D4FF080EF188115C1C1C991FE6E1D7759AD9A4BEA7CB734E7EF4832183418AC29415E617CE924FBF19FFA4B56A289E678704BC6811F8E892B0293F3D2C555EB9759CB6D84564C4FDF47494139EB96DEC15F76CA885412242D2D23CC9BB3ECD069415AE55E79C3D6CD90CC4DBEA352CF88A04FE575533EB7F100E01FEBB1E2F57319C9A3A426B3318347405B41D833FBA44B28390507704D81825BE080281C4790F2831236622E4FCAAB056ADF4F10F9F1ED7CF938"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Alwil Software\Avast5\AvastSvc.exe
d:\windows\SysWOW64\IoctlSvc.exe
.
**************************************************************************
.
Celkový čas: 2011-10-31 11:09:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-31 10:09
.
Před spuštěním: Volných bajtů: 71 585 095 680
Po spuštění: Volných bajtů: 71 564 865 536
.
- - End Of File - - 9F76088BEC2B24A29CDB4B40DA161135
ComboFix 11-10-30.03 - Jenda 31.10.2011 10:47:41.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2815 [GMT 1:00]
Spuštěný z: d:\users\Jenda\Desktop\BezpeŔnost\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\users\Jenda\AppData\Roaming\inst.exe
d:\users\Jenda\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-31 10:03 . 2011-10-31 10:03 -------- d-----w- d:\users\Default\AppData\Local\temp
2011-10-31 09:43 . 2011-10-07 04:16 8570192 ----a-w- d:\programdata\Microsoft\Windows Defender\Definition Updates\{CAFEA352-0DAD-4E79-AB19-1B32838C991C}\mpengine.dll
2011-10-19 11:03 . 2011-10-19 11:03 -------- d-----w- d:\program files\Defraggler
2011-10-19 10:53 . 2011-10-19 10:53 -------- d-----w- d:\users\Jenda\AppData\Roaming\SUPERAntiSpyware.com
2011-10-19 10:52 . 2011-10-19 10:53 -------- d-----w- d:\program files\SUPERAntiSpyware
2011-10-19 10:52 . 2011-10-19 10:52 -------- d-----w- d:\programdata\SUPERAntiSpyware.com
2011-10-18 20:10 . 2011-10-31 09:44 -------- d-----w- d:\program files (x86)\Unlocker
2011-10-18 12:46 . 2011-10-18 20:21 -------- d-----w- d:\program files\trend micro
2011-10-17 16:50 . 2011-10-17 16:51 -------- d-----w- d:\program files (x86)\Táta hrdina
2011-10-12 10:41 . 2011-09-06 03:03 3138048 ----a-w- d:\windows\system32\win32k.sys
2011-10-12 10:41 . 2011-08-17 05:26 613888 ----a-w- d:\windows\system32\psisdecd.dll
2011-10-12 10:41 . 2011-08-17 05:25 108032 ----a-w- d:\windows\system32\psisrndr.ax
2011-10-12 10:41 . 2011-08-17 04:24 465408 ----a-w- d:\windows\SysWow64\psisdecd.dll
2011-10-12 10:41 . 2011-08-17 04:19 75776 ----a-w- d:\windows\SysWow64\psisrndr.ax
2011-10-12 10:41 . 2011-08-27 05:37 331776 ----a-w- d:\windows\system32\oleacc.dll
2011-10-12 10:41 . 2011-08-27 04:26 571904 ----a-w- d:\windows\SysWow64\oleaut32.dll
2011-10-12 10:41 . 2011-08-27 04:26 233472 ----a-w- d:\windows\SysWow64\oleacc.dll
2011-10-12 10:41 . 2011-08-27 05:37 861696 ----a-w- d:\windows\system32\oleaut32.dll
2011-10-06 07:07 . 2011-10-06 07:07 -------- d-----w- d:\program files\Google
2011-10-06 07:07 . 2011-10-06 09:39 -------- d-----w- d:\programdata\Google Updater
2011-10-04 10:50 . 2005-06-24 14:24 438272 ----a-r- d:\windows\SysWow64\vp6vfw.dll
2011-10-04 10:50 . 2004-12-10 07:06 327680 ----a-w- d:\windows\SysWow64\vp6dec.ax
2011-10-04 10:50 . 2011-10-19 06:48 -------- d-----w- d:\program files (x86)\Common Files\InstallShield
2011-10-03 11:05 . 2011-10-03 11:30 311968 ----a-w- d:\windows\system32\drivers\atksgt.sys
2011-10-03 11:05 . 2011-10-03 11:05 43168 ----a-w- d:\windows\system32\drivers\lirsgt.sys
2011-10-03 08:53 . 2011-10-03 08:59 -------- d-----w- d:\program files (x86)\Rozpisy pro Sportku - free verze 107
2011-10-03 08:48 . 2011-10-03 08:53 796672 ----a-w- d:\windows\GPInstall.exe
2011-10-03 06:41 . 2011-10-03 06:41 -------- d-----w- d:\users\Jenda\AppData\Roaming\Software Informer
2011-10-03 06:41 . 2011-10-03 06:41 -------- d-----w- d:\program files (x86)\Software Informer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 12:37 . 2011-06-16 05:33 414368 ----a-w- d:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-20 20:51 . 2011-09-20 20:51 424624 ----a-w- d:\windows\system32\wrap_oal.dll
2011-09-20 20:51 . 2011-09-20 20:51 418480 ----a-w- d:\windows\SysWow64\wrap_oal.dll
2011-09-20 20:51 . 2011-09-20 20:51 138472 ----a-w- d:\windows\system32\OpenAL32.dll
2011-09-20 20:51 . 2011-09-20 20:51 115432 ----a-w- d:\windows\SysWow64\OpenAL32.dll
2011-09-06 20:45 . 2011-01-20 15:20 41184 ----a-w- d:\windows\avastSS.scr
2011-09-06 20:45 . 2011-01-20 15:20 199304 ----a-w- d:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-01-20 17:18 254400 ----a-w- d:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-04-27 17:56 601944 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-01-20 15:21 301912 ----a-w- d:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-01-20 15:21 42328 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-01-20 15:21 58200 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-01-20 15:21 65368 ----a-w- d:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-01-20 15:21 24408 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2011-08-30 15:08 . 2011-08-30 15:08 0 ---ha-w- d:\users\Jenda\AppData\Local\BIT9156.tmp
2011-08-22 10:16 . 2011-03-04 19:42 48648 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-08-22 10:16 . 2011-03-04 19:42 484160 ----a-w- d:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-08-16 11:11 . 2011-08-16 11:11 82816 ----a-w- d:\windows\system32\drivers\pcouffin.sys
2011-08-16 11:11 . 2011-08-16 11:11 82816 ----a-w- d:\users\Jenda\AppData\Roaming\pcouffin.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRDownloader"="d:\users\Jenda\Desktop\Nepoužívané odkazy\SRDownloader.exe" [2011-10-16 903680]
"Free Download Manager"="d:\program files (x86)\Free Download Manager\fdm.exe" [2010-04-28 3727411]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 gupdate;Služba Google Update (gupdate);d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 136176]
R3 gupdatem;Služba Google Update (gupdatem);d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 136176]
R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;d:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;d:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;d:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AMD External Events Utility;AMD External Events Utility;d:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;d:\windows\system32\drivers\aswMonFlt.sys [x]
S3 amdkmdag;amdkmdag;d:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;d:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 pcouffin;VSO Software pcouffin;d:\windows\system32\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;d:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-31 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 12:48]
.
2011-10-31 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 12:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- d:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = d:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = d:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlall.htm
IE: Stáhnout webovou stránku Free Download Managerem - file://d:\program files (x86)\Free Download Manager\dlpage.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - d:\users\Jenda\AppData\Roaming\Mozilla\Firefox\Profiles\h1rul7mo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-UnlockerAssistant - d:\program files (x86)\Unlocker\UnlockerAssistant.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="730B3145CD91E4AD7992B4263B275BA18A2CB770008BB60740054DAB4F47FA71ECEC2CBA5DAD60B242667EFEECB4BD85444FF3922D634FC9FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C8EDD5E5BE2F6E667A2D97226D213B555C9AD8C44F2B26B7C60689B2540119BA40D148E4D41D57065238194B16D87FE7799E159B191FD066483E197CA30C5ADC755E20160A89B991A733BFA91B9FBC8931D882320C6B5C6161C922A66FA1D2B2C4E3CFB60313EEB9E7487B7BC34AE7A09DAAA76094661388D4E2B686483973513D918B74989D5BC92E549466077F1BFF79230336AB62BFA8E73BEB4B21C58FC7C8FD3BC1CD19E76D93A45F7AE113AD646B1E910C5B362C19D9944C9448E284E323A2FE95A1EF8151D1A23ED598224119DDE8894214B7AD3078297B71095F2833DD74F740C78EAA8C76173221CC16BD4E972A31D8580090DD6A3785E8F61C70DEE9A3BDF3FDE9CD98A1EA5DF31BAF21D5DF6B4DB814AC9DAE0A589F243955C6FD86A608A80C0DCDE59958FC55A49C1F76B2F195426151CC3BA67D200AB4B064352608F20E50399876C3E6AC9DB41FE87CF0E165F09BE81DB3EF9BEE3D08D4234F6CAFAA305806A333FC3D3B17F66798205BD51AA441AA2CF0AA11ECEBCDD3083A6AD3EED7A84855693054D1A907424B24E195336F46FC8DD7F5AA2C87EAD950482BED32966D0CA7DEC173CF25F1A15F52FB18B57BCF864DBC5CFE5A9A967D79EF3681B526C9A39C292406A80C2F684BF724C4CB6C1E4072E47E3E120D2E6045124495BBD338A755A127D83599123D115A4E04DCF2DD767D22FACF5AD957A4AA88334BA1267BDC907B97B9A6928A8FD91169BA6F5ADE6E1D6F3F1E5A89067FE4C442FC64A37C5A2239FA0A570E883AFE1DC5DD7CB7320F45DC8B4D8BA67E618F3DE74EE3458A6101B1A047B8336A7B04AD13BC44BB5FEC22029A25ADF40A133E90EF38874815948F1C6EE5C09FB7B6D1F12FC31C02CF8136752A3D9EBC3BA1010504F4B7FED4B233B066367BD23D67ACB7E1F49CB9674CF954750AA84A3C412DA695DD3215DDE9DA07A15A3309E898BCE3DD11BE234CC889BCD7604A211C841525FA8A37793E659608CE8F945E2D4FBB9B67B19CF4D4FF080EF188115C1C1C991FE6E1D7759AD9A4BEA7CB734E7EF4832183418AC29415E617CE924FBF19FFA4B56A289E678704BC6811F8E892B0293F3D2C555EB9759CB6D84564C4FDF47494139EB96DEC15F76CA885412242D2D23CC9BB3ECD069415AE55E79C3D6CD90CC4DBEA352CF88A04FE575533EB7F100E01FEBB1E2F57319C9A3A426B3318347405B41D833FBA44B28390507704D81825BE080281C4790F2831236622E4FCAAB056ADF4F10F9F1ED7CF938"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Alwil Software\Avast5\AvastSvc.exe
d:\windows\SysWOW64\IoctlSvc.exe
.
**************************************************************************
.
Celkový čas: 2011-10-31 11:09:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-31 10:09
.
Před spuštěním: Volných bajtů: 71 585 095 680
Po spuštění: Volných bajtů: 71 564 865 536
.
- - End Of File - - 9F76088BEC2B24A29CDB4B40DA161135