pomalé otevírání programů - prohlížečů Vyřešeno

[Davson]

Prosím o kontrolu logů, otevírání je nesnesitelně pomalé. Vím, že velikost RAM není dostatečná, ale tím to nebude. Ještě nedávno to šlapalo všechno úplně v pohodě.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Agáta at 2011-07-18 21:18:03
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 23 GB (42%) free of 54 GB
Total RAM: 893 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:18:17, on 18.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Agáta\Stažené soubory\RSIT(2).exe
C:\Program Files\trend micro\Agáta.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 4054 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Agáta\AppData\Roaming\Mozilla\Firefox\Profiles\owrqatd0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, fdm_ffext@freedownloadmanager.org:1.3.4, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Agáta\AppData\Roaming\Mozilla\Firefox\Profiles\owrqatd0.default\searchplugins\
0180-telefonbuch.xml
gmailto.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-05-10 3459712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-04-19 125952]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2010-04-29 3727411]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserBallot]
C:\Windows\system32\browserchoice.exe [2010-02-12 293376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdspeed.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coverdes.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drivespeed.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infotool.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nero.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroburnrights.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerohome.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neromediahome.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroscoutoptions.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerostartsmart.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerovision.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnap.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnapviewer.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recode.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupneromobile.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupx.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showtime.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soundtrax.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\waveedit.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-07-18 20:22:49 ----A---- C:\Windows\system32\win32k.sys
2011-07-18 20:20:25 ----A---- C:\Windows\system32\kernel32.dll
2011-07-18 20:20:19 ----A---- C:\Windows\system32\winsrv.dll
2011-07-18 20:20:19 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-18 20:14:37 ----D---- C:\Program Files\Common Files\Java
2011-07-18 20:09:19 ----A---- C:\Windows\system32\javaws.exe
2011-07-18 20:09:19 ----A---- C:\Windows\system32\javaw.exe
2011-07-18 20:09:19 ----A---- C:\Windows\system32\java.exe
2011-07-18 18:10:49 ----ASH---- C:\hiberfil.sys
2011-07-05 22:05:58 ----A---- C:\Windows\system32\schannel.dll
2011-06-30 16:45:43 ----D---- C:\Program Files\Google
2011-06-20 22:43:14 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-20 22:43:13 ----A---- C:\Windows\system32\iertutil.dll
2011-06-20 22:43:12 ----A---- C:\Windows\system32\ieui.dll
2011-06-20 22:43:09 ----A---- C:\Windows\system32\jscript9.dll
2011-06-20 22:43:09 ----A---- C:\Windows\system32\jscript.dll
2011-06-20 22:43:03 ----A---- C:\Windows\system32\mshtml.dll
2011-06-20 22:43:02 ----A---- C:\Windows\system32\ieframe.dll
2011-06-20 22:43:01 ----A---- C:\Windows\system32\urlmon.dll
2011-06-20 22:34:11 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-20 22:34:09 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-20 22:34:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-20 22:34:03 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-20 22:33:58 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-20 22:33:33 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-20 22:33:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-20 22:33:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-20 22:33:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

======List of files/folders modified in the last 1 month======

2011-07-18 21:18:16 ----D---- C:\Windows\temp
2011-07-18 21:18:15 ----D---- C:\Windows\Prefetch
2011-07-18 21:18:06 ----D---- C:\Program Files\trend micro
2011-07-18 21:17:02 ----D---- C:\Users\Agáta\AppData\Roaming\Free Download Manager
2011-07-18 21:08:34 ----D---- C:\Windows\Debug
2011-07-18 21:08:34 ----D---- C:\Windows
2011-07-18 21:06:54 ----D---- C:\Windows\Microsoft.NET
2011-07-18 21:06:50 ----RSD---- C:\Windows\assembly
2011-07-18 20:58:55 ----D---- C:\Windows\system32\catroot
2011-07-18 20:54:53 ----D---- C:\Windows\System32
2011-07-18 20:54:51 ----D---- C:\Windows\inf
2011-07-18 20:39:53 ----D---- C:\Windows\winsxs
2011-07-18 20:36:25 ----A---- C:\Windows\system32\mrt.exe
2011-07-18 20:36:01 ----SHD---- C:\Windows\Installer
2011-07-18 20:34:27 ----SHD---- C:\System Volume Information
2011-07-18 20:32:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-18 20:21:23 ----D---- C:\Windows\system32\catroot2
2011-07-18 20:14:37 ----D---- C:\Program Files\Common Files
2011-07-18 20:09:10 ----D---- C:\Program Files\Java
2011-07-05 22:12:33 ----RSD---- C:\Windows\Fonts
2011-07-02 10:16:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-02 10:16:29 ----D---- C:\Windows\system32\drivers
2011-06-30 16:45:59 ----D---- C:\Windows\Tasks
2011-06-30 16:45:59 ----D---- C:\Windows\system32\Tasks
2011-06-30 16:45:43 ----RD---- C:\Program Files
2011-06-30 16:10:45 ----D---- C:\Program Files\Mozilla Thunderbird
2011-06-23 19:41:27 ----D---- C:\Program Files\Mozilla Firefox
2011-06-20 23:10:00 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-20 23:07:49 ----D---- C:\Program Files\Internet Explorer
2011-06-20 22:47:08 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-20 22:42:08 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-05-10 49240]
R2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0; \??\C:\Program Files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-02-16 60928]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-02-16 74624]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-04-19 987648]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-04-19 200704]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-05-28 14896]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-19 2314752]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-04-19 654336]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-04-19 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-04-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-04-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-04-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-04-19 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-04-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-04-19 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-04-19 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-04-19 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-05-10 42184]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-04-19 21504]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-02-18 1517376]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-04-19 21504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]

-----------------EOF-----------------

[Reklama]

[jaro3]

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Davson]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:59, on 20.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\trend micro\hijackthis.exe
C:\Program Files\trend micro\Agáta.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 3954 bytes



Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7212

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

20.7.2011 20:23:33
mbam-log-2011-07-20 (20-23-33).txt

Typ: Rychlá kontrola
Kontrolované objekty: 161053
Uplynulý čas: 5 minut, 44 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[bledulka]

Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano

- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna

- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.

[Davson]

Vypnul jsem Avasta, ale zapomněl vypnout firewal a Windows Defender. Je to velká chyba ? Nic mně ale práci Combofixu neblokovalo. Nebo to mám všechno vypnout znovu a combofix opakovat ?

ComboFix 11-07-21.02 - Agáta 21.07.2011 18:44:53.5.1 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1250.420.1029.18.893.383 [GMT 2:00]
Spuštěný z: c:\users\Agßta\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-21 do 2011-07-21 )))))))))))))))))))))))))))))))
.
.
2011-07-21 16:53 . 2011-07-21 16:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-07-21 16:53 . 2011-07-21 16:53 -------- d-----w- c:\users\Pavlínka\AppData\Local\temp
2011-07-21 16:53 . 2011-07-21 16:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-21 16:42 . 2011-07-21 16:42 -------- d-----w- C:\32788R22FWJFW
2011-07-20 15:58 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2C07938-ED04-4DB6-9DDD-6F0D245B775D}\mpengine.dll
2011-07-18 18:22 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-18 18:20 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-18 18:20 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-18 18:14 . 2011-07-18 18:14 -------- d-----w- c:\program files\Common Files\Java
2011-07-05 20:05 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-06-30 14:45 . 2011-06-30 14:46 -------- d-----w- c:\program files\Google
2011-06-30 14:45 . 2011-06-30 14:45 -------- d-----w- c:\users\Agáta\AppData\Local\Google
2011-06-23 17:41 . 2011-06-23 17:41 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 17:41 . 2011-06-23 17:41 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-18 18:03 . 2011-05-28 09:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-06 17:52 . 2009-11-04 19:47 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2009-11-04 19:47 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2009-10-21 15:43 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-10 12:10 . 2010-07-12 16:54 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2009-10-21 20:27 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-19 14:34 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2009-10-21 20:28 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2009-10-21 20:28 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2009-10-21 20:28 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2009-10-21 20:27 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2009-10-21 20:28 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-04 02:52 . 2010-04-15 13:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-02 17:16 . 2011-06-20 20:34 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 13:49 . 2011-04-29 13:49 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-29 13:49 . 2011-04-29 13:48 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-29 13:48 . 2011-04-29 13:48 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-29 13:48 . 2011-04-29 13:48 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-29 13:48 . 2011-04-29 13:48 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-29 13:48 . 2011-04-29 13:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-29 13:48 . 2011-04-29 13:48 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-29 13:48 . 2011-04-29 13:48 367104 ----a-w- c:\windows\system32\html.iec
2011-04-29 13:48 . 2011-04-29 13:48 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-29 13:48 . 2011-04-29 13:48 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-29 13:48 . 2011-04-29 13:48 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-29 13:48 . 2011-04-29 13:48 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-29 13:48 . 2011-04-29 13:48 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-29 13:48 . 2011-04-29 13:48 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-29 13:48 . 2011-04-29 13:48 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-29 13:48 . 2011-04-29 13:48 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-29 13:48 . 2011-04-29 13:48 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-29 13:48 . 2011-04-29 13:48 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-29 13:48 . 2011-04-29 13:48 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-29 13:25 . 2011-06-20 20:34 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25 . 2011-06-20 20:34 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24 . 2011-06-20 20:33 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24 . 2011-06-20 20:33 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24 . 2011-06-20 20:33 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-22 23:35 . 2011-06-20 20:43 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 23:25 . 2011-06-20 20:43 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-23 17:41 . 2011-03-27 07:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-04-19 125952]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2010-04-28 3727411]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 17:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserBallot]
2010-02-12 10:32 293376 ----a-w- c:\windows\System32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-02-18 1517376]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-05-28 14896]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-30 14:45]
.
2011-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-30 14:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Agáta\AppData\Roaming\Mozilla\Firefox\Profiles\owrqatd0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-21 18:54
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-07-21 19:01:21
ComboFix-quarantined-files.txt 2011-07-21 17:01
ComboFix2.txt 2010-12-17 19:03
.
Před spuštěním: Volných bajtů: 27 901 538 304
Po spuštění: Volných bajtů: 27 862 736 896
.
- - End Of File - - 0B2F16B822F88131A4023CA7756AEDA5

[jaro3]

Nemusíš , vypadá to bez nákazy...

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

a použij i T-Cleaner

http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Napiš , jak to vypadá..

[Davson]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Nejde mi to odinstalovat. Píše to hlášku, že windows nemůže najít Combofix. Když jsem program stahoval, tak to bylo ve stažených souborech. Přesunul jsem to před spuštěním na plochu tak jak radíte. Windows to nemůže najít a´t to nechám na ploše nebo to přesunu zpátky do stažených souborů.

[bledulka]

Nevadí, pokračuj dál.

Otestuj na www.virustotal.com
c:\windows\system32\FlashPlayerCPLApp.cpl

[Davson]

Posílám ten výsledek z Virustotal. Jinak je to otevírání o hodně rychlejší. Díky za pomoc. Můžu to už označit jako vyřešené ?

File name:
FlashPlayerCPLApp.cpl
Submission date:
2011-07-24 08:34:28 (UTC)
Current status:
finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.07.24.00 2011.07.23 -
AntiVir 7.11.12.65 2011.07.23 -
Antiy-AVL 2.0.3.7 2011.07.24 -
Avast 4.8.1351.0 2011.07.23 -
Avast5 5.0.677.0 2011.07.23 -
AVG 10.0.0.1190 2011.07.23 -
BitDefender 7.2 2011.07.24 -
CAT-QuickHeal 11.00 2011.07.23 -
ClamAV 0.97.0.0 2011.07.24 -
Commtouch 5.3.2.6 2011.07.23 -
Comodo 9492 2011.07.24 -
DrWeb 5.0.2.03300 2011.07.23 -
Emsisoft 5.1.0.8 2011.07.24 -
eSafe 7.0.17.0 2011.07.21 -
eTrust-Vet 36.1.8459 2011.07.22 -
F-Prot 4.6.2.117 2011.07.23 -
F-Secure 9.0.16440.0 2011.07.24 -
Fortinet 4.2.257.0 2011.07.24 -
GData 22 2011.07.24 -
Ikarus T3.1.1.104.0 2011.07.24 -
Jiangmin 13.0.900 2011.07.23 -
K7AntiVirus 9.108.4937 2011.07.22 -
Kaspersky 9.0.0.837 2011.07.24 -
McAfee 5.400.0.1158 2011.07.24 -
McAfee-GW-Edition 2010.1D 2011.07.24 -
Microsoft 1.7104 2011.07.24 -
NOD32 6319 2011.07.24 -
Norman 6.07.10 2011.07.23 -
nProtect 2011-07-23.01 2011.07.23 -
Panda 10.0.3.5 2011.07.23 -
PCTools 8.0.0.5 2011.07.24 -
Prevx 3.0 2011.07.24 -
Rising 23.67.04.03 2011.07.22 -
Sophos 4.67.0 2011.07.24 -
SUPERAntiSpyware 4.40.0.1006 2011.07.23 -
Symantec 20111.1.0.186 2011.07.24 -
TheHacker 6.7.0.1.261 2011.07.23 -
TrendMicro 9.200.0.1012 2011.07.24 -
TrendMicro-HouseCall 9.200.0.1012 2011.07.24 -
VBA32 3.12.16.4 2011.07.22 -
VIPRE 9948 2011.07.24 -
ViRobot 2011.7.23.4585 2011.07.23 -
VirusBuster 14.0.135.0 2011.07.23 -
Additional information
MD5 : 3f5011a09d48af099b5757e4c145650e
SHA1 : 58d34552a4292860bc44d88e4096c699c9d465de
SHA256: dba64879dd0d7f9743e221751a697064b57dd75f5ea2fef1e24cd32e32b2f0df

[bledulka]

Ten soubor ale stejně smaž, to je ten stažený z Facebooku,ne?
c:\windows\system32\FlashPlayerCPLApp.cpl


Pokud už nemáš problémy, můžeš dát vyřešeno .