Prosím o kontrolu logu z combo fix
Napsal: 17 pro 2013 19:46
Zdravím, prosím o kontrolu logu z combo fix. Jde o pc známé, pc je pomalí víc než býval při spouštění internetu prohlížeč spadne.
ComboFix 13-12-17.02 - PC 17.12.2013 18:47:46.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1024.368 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\logboot_16.12.2013.tureg.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-17 do 2013-12-17 )))))))))))))))))))))))))))))))
.
.
2013-12-17 18:27 . 2013-12-17 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-16 18:08 . 2013-12-16 18:09 -------- d-----w- c:\program files (x86)\ESTsoft
2013-12-16 18:03 . 2012-05-29 15:52 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2013-12-16 18:02 . 2012-05-29 15:52 25952 ----a-w- c:\windows\system32\authuitu.dll
2013-12-16 18:02 . 2012-05-29 15:52 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-12-16 18:00 . 2013-12-16 18:12 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2013-12-16 17:59 . 2013-12-16 18:03 -------- d-----w- c:\programdata\TuneUp Software
2013-12-16 17:59 . 2013-12-16 17:59 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-12-15 16:02 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FFF37E2-8FF0-499C-97C3-9C3F4983F7D3}\mpengine.dll
2013-12-14 14:35 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-12 19:39 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-12 19:39 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-11 20:42 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 20:42 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 20:42 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 20:42 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-11 20:42 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-11 18:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 18:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 18:58 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 18:58 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 18:58 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 18:58 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 18:58 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-11 18:57 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 18:57 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 18:57 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 18:57 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-11 18:57 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 18:57 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 18:57 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 18:57 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-11 18:57 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-11 18:57 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 18:52 . 2013-12-11 18:53 9272200 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-08 18:24 . 2013-12-15 18:28 -------- d-----w- c:\windows\system32\MRT
2013-12-08 12:04 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-12-08 12:04 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-12-06 18:48 . 2013-11-30 11:54 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-06 18:48 . 2013-11-30 11:54 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{00CFF6FD-4E41-4F79-9898-02C7B036B66A}\gapaengine.dll
2013-12-06 18:32 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2013-12-06 18:32 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2013-12-06 18:32 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-12-06 18:32 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-12-05 19:47 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-05 19:30 . 2013-12-05 19:30 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 19:30 . 2013-12-05 19:30 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 19:29 . 2013-12-05 19:29 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 19:29 . 2013-12-05 19:29 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 19:29 . 2013-12-05 19:29 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 19:29 . 2013-12-05 19:29 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 19:29 . 2013-12-05 19:29 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 19:29 . 2013-12-05 19:29 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-05 19:29 . 2013-12-05 19:29 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-05 19:29 . 2013-12-05 19:29 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-05 19:29 . 2013-12-05 19:29 151552 ----a-w- c:\program files (x86)\Internet Explorer\DiagnosticsTap.dll
2013-12-05 19:29 . 2013-12-05 19:29 222720 ----a-w- c:\program files (x86)\Internet Explorer\ielowutil.exe
2013-12-05 19:27 . 2013-12-05 19:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-05 19:26 . 2013-12-05 19:26 235520 ----a-w- c:\windows\system32\url.dll
2013-12-05 19:25 . 2013-12-05 19:25 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-05 19:25 . 2013-12-05 19:25 450560 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2013-12-05 19:25 . 2013-12-05 19:25 142336 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-05 19:25 . 2013-12-05 19:25 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-05 19:25 . 2013-12-05 19:25 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-05 19:25 . 2013-12-05 19:25 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-05 19:25 . 2013-12-05 19:25 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-04 16:01 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-04 16:01 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-12-04 16:01 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-12-04 16:01 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-12-04 16:01 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-12-04 16:01 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-12-04 15:55 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-12-04 15:55 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-12-04 15:53 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-12-04 15:53 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-12-04 15:53 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-12-04 15:53 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-12-04 15:53 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-12-04 15:53 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-12-04 15:53 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-12-04 15:53 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-12-04 15:53 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-12-04 15:50 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-12-04 15:50 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-04 15:47 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-12-04 15:47 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-12-04 15:47 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-12-04 15:47 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-04 15:46 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-12-04 15:46 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-04 15:46 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-12-04 15:46 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-04 15:42 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-04 15:39 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-12-04 15:38 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-12-04 15:38 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-04 15:38 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-12-04 15:38 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-12-04 15:38 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-12-04 15:38 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-12-04 15:35 . 2013-09-25 02:26 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-12-04 15:35 . 2013-09-25 02:21 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-12-04 15:35 . 2013-09-25 02:23 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-12-04 15:35 . 2013-09-25 01:58 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-12-04 15:35 . 2013-09-25 02:21 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-12-04 15:35 . 2013-09-25 01:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-12-04 15:35 . 2013-09-25 01:56 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-12-04 15:35 . 2013-09-25 01:03 30720 ----a-w- c:\windows\system32\lsass.exe
2013-12-04 15:35 . 2013-09-25 02:23 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-12-04 15:35 . 2013-09-25 02:23 28160 ----a-w- c:\windows\system32\secur32.dll
2013-12-04 15:34 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-12-04 15:34 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-04 15:34 . 2013-08-02 02:13 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-12-04 15:34 . 2013-08-02 02:13 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-12-04 15:31 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-04 15:31 . 2013-07-12 10:41 100864 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-04 15:31 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-12-04 15:31 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-12-04 15:31 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-04 15:31 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-03 20:30 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-12-03 20:30 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-12-03 20:30 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-12-03 20:30 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-05 19:28 . 2013-12-05 19:28 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 19:26 . 2013-12-05 19:26 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-02 20:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-12-02 20:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-11-05 20:55 . 2013-11-05 20:55 150808 ----a-w- c:\windows\system32\drivers\avgdiska.sys
2013-11-04 20:52 . 2013-11-04 20:52 240920 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-31 22:00 . 2013-10-31 22:00 212280 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2013-10-31 21:49 . 2013-10-31 21:49 294712 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-10-24 21:25 . 2013-10-24 21:25 194872 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-09-30 23:52 . 2013-09-30 23:52 123704 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2013-09-27 08:53 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS26.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTBS26.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 17:00 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-28 18:56]
.
2013-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 11:45]
.
2013-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 11:45]
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{D77741D3-3D8F-4EA2-895E-12E9C2149BB4}: NameServer = 89.235.20.1,212.24.128.8
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ski80wya.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&q=
FF - ExtSQL: 2013-11-30 12:51; toolbar@centrumholdings.com; c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ski80wya.default\extensions\toolbar@centrumholdings.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-17 19:32:29
ComboFix-quarantined-files.txt 2013-12-17 18:32
.
Před spuštěním: Volných bajtů: 56 342 003 712
Po spuštění: Volných bajtů: 56 135 032 832
.
- - End Of File - - EEBE4E030CE8E547AC304035438D4275
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-12-17.02 - PC 17.12.2013 18:47:46.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1024.368 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\logboot_16.12.2013.tureg.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-17 do 2013-12-17 )))))))))))))))))))))))))))))))
.
.
2013-12-17 18:27 . 2013-12-17 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-16 18:08 . 2013-12-16 18:09 -------- d-----w- c:\program files (x86)\ESTsoft
2013-12-16 18:03 . 2012-05-29 15:52 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2013-12-16 18:02 . 2012-05-29 15:52 25952 ----a-w- c:\windows\system32\authuitu.dll
2013-12-16 18:02 . 2012-05-29 15:52 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-12-16 18:00 . 2013-12-16 18:12 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2013-12-16 17:59 . 2013-12-16 18:03 -------- d-----w- c:\programdata\TuneUp Software
2013-12-16 17:59 . 2013-12-16 17:59 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-12-15 16:02 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FFF37E2-8FF0-499C-97C3-9C3F4983F7D3}\mpengine.dll
2013-12-14 14:35 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-12 19:39 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-12 19:39 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-11 20:42 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 20:42 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 20:42 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 20:42 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-11 20:42 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-11 18:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 18:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 18:58 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 18:58 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 18:58 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 18:58 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 18:58 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-11 18:57 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 18:57 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 18:57 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 18:57 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-11 18:57 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 18:57 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 18:57 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 18:57 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-11 18:57 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-11 18:57 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 18:52 . 2013-12-11 18:53 9272200 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-08 18:24 . 2013-12-15 18:28 -------- d-----w- c:\windows\system32\MRT
2013-12-08 12:04 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-12-08 12:04 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-12-06 18:48 . 2013-11-30 11:54 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-06 18:48 . 2013-11-30 11:54 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{00CFF6FD-4E41-4F79-9898-02C7B036B66A}\gapaengine.dll
2013-12-06 18:32 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2013-12-06 18:32 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2013-12-06 18:32 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-12-06 18:32 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-12-05 19:47 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-05 19:30 . 2013-12-05 19:30 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 19:30 . 2013-12-05 19:30 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 19:29 . 2013-12-05 19:29 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 19:29 . 2013-12-05 19:29 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 19:29 . 2013-12-05 19:29 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 19:29 . 2013-12-05 19:29 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 19:29 . 2013-12-05 19:29 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 19:29 . 2013-12-05 19:29 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-05 19:29 . 2013-12-05 19:29 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-05 19:29 . 2013-12-05 19:29 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-05 19:29 . 2013-12-05 19:29 151552 ----a-w- c:\program files (x86)\Internet Explorer\DiagnosticsTap.dll
2013-12-05 19:29 . 2013-12-05 19:29 222720 ----a-w- c:\program files (x86)\Internet Explorer\ielowutil.exe
2013-12-05 19:27 . 2013-12-05 19:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-05 19:26 . 2013-12-05 19:26 235520 ----a-w- c:\windows\system32\url.dll
2013-12-05 19:25 . 2013-12-05 19:25 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-05 19:25 . 2013-12-05 19:25 450560 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2013-12-05 19:25 . 2013-12-05 19:25 142336 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-05 19:25 . 2013-12-05 19:25 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-05 19:25 . 2013-12-05 19:25 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-05 19:25 . 2013-12-05 19:25 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-05 19:25 . 2013-12-05 19:25 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-04 16:01 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-04 16:01 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-12-04 16:01 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-12-04 16:01 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-12-04 16:01 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-12-04 16:01 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-12-04 15:55 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-12-04 15:55 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-12-04 15:53 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-12-04 15:53 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-12-04 15:53 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-12-04 15:53 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-12-04 15:53 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-12-04 15:53 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-12-04 15:53 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-12-04 15:53 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-12-04 15:53 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-12-04 15:50 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-12-04 15:50 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-04 15:47 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-12-04 15:47 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-12-04 15:47 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-12-04 15:47 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-04 15:46 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-12-04 15:46 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-04 15:46 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-12-04 15:46 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-04 15:42 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-04 15:39 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-12-04 15:38 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-12-04 15:38 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-04 15:38 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-12-04 15:38 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-12-04 15:38 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-12-04 15:38 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-12-04 15:35 . 2013-09-25 02:26 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-12-04 15:35 . 2013-09-25 02:21 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-12-04 15:35 . 2013-09-25 02:23 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-12-04 15:35 . 2013-09-25 01:58 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-12-04 15:35 . 2013-09-25 02:21 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-12-04 15:35 . 2013-09-25 01:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-12-04 15:35 . 2013-09-25 01:56 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-12-04 15:35 . 2013-09-25 01:03 30720 ----a-w- c:\windows\system32\lsass.exe
2013-12-04 15:35 . 2013-09-25 02:23 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-12-04 15:35 . 2013-09-25 02:23 28160 ----a-w- c:\windows\system32\secur32.dll
2013-12-04 15:34 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-12-04 15:34 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-04 15:34 . 2013-08-02 02:13 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-12-04 15:34 . 2013-08-02 02:13 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-12-04 15:31 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-04 15:31 . 2013-07-12 10:41 100864 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-04 15:31 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-12-04 15:31 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-12-04 15:31 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-04 15:31 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-03 20:30 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-12-03 20:30 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-12-03 20:30 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-12-03 20:30 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-05 19:28 . 2013-12-05 19:28 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 19:26 . 2013-12-05 19:26 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-02 20:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-12-02 20:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-11-05 20:55 . 2013-11-05 20:55 150808 ----a-w- c:\windows\system32\drivers\avgdiska.sys
2013-11-04 20:52 . 2013-11-04 20:52 240920 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-31 22:00 . 2013-10-31 22:00 212280 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2013-10-31 21:49 . 2013-10-31 21:49 294712 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-10-24 21:25 . 2013-10-24 21:25 194872 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-09-30 23:52 . 2013-09-30 23:52 123704 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2013-09-27 08:53 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS26.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTBS26.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 17:00 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-28 18:56]
.
2013-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 11:45]
.
2013-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 11:45]
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{D77741D3-3D8F-4EA2-895E-12E9C2149BB4}: NameServer = 89.235.20.1,212.24.128.8
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ski80wya.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&q=
FF - ExtSQL: 2013-11-30 12:51; toolbar@centrumholdings.com; c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ski80wya.default\extensions\toolbar@centrumholdings.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-17 19:32:29
ComboFix-quarantined-files.txt 2013-12-17 18:32
.
Před spuštěním: Volných bajtů: 56 342 003 712
Po spuštění: Volných bajtů: 56 135 032 832
.
- - End Of File - - EEBE4E030CE8E547AC304035438D4275
A36C5E4F47E84449FF07ED3517B43A31