Rapidní pokles výkonu

[piky]

dobrý den .. moje pc zdáse přišlo o značnou část výkonu ..... už při startu Win xp 32 bit podivně popraskává, občas se seká i puštěný film a náročnější aplikace (pracuji hlavně s audiem) buď spadnou nebo mi schodí audio driver (nepoužívám direct x drivery ale asio driver nutný pro profesionální audio aplikace) asio driver chvílí běží pak zapraská a spadne...což přisuzuji právě malemu výkonu pc nebo je tam někde konflikt s direct x driverem ,ale to je spíš nepravděpodobné , páč ke konfliktu s direct x driverem nikdy nedocházelo predtím..........typuji že mám zavirovaný komp nejspíše ...mohly by jste se mi na to podívat prosím ?
zde přikládám log z RSIT a jako druhý z Combofixu


Logfile of random's system information tool 1.07 (written by random/random)
Run by 303 at 2011-07-15 20:05:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (15%) free of 85 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:32, on 15.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\MAFWdiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
D:\net- foto bordel\RSIT.exe
C:\Program Files\trend micro\303.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MAFWDITaskbarApp] C:\WINDOWS\system32\MAFWdiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\MAFWDITray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: M-Audio CMIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6000 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-27 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-27 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-08-10 16384000]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-05-26 1043968]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"MAFWDITaskbarApp"=C:\WINDOWS\system32\MAFWdiTray.exe [2008-07-09 313864]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-12-14 221184]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"M-Audio Taskbar Icon"=C:\WINDOWS\System32\MAFWDITray.exe [2008-07-09 313864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-26 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-07-15 20:05:16 ----D---- C:\Program Files\trend micro
2011-07-15 20:05:15 ----D---- C:\rsit
2011-07-15 19:40:29 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2011-07-14 21:19:07 ----SHD---- C:\RECYCLER
2011-07-14 21:07:53 ----N---- C:\WINDOWS\system32\M-AudioProFireControlPanel.exe
2011-07-14 21:07:52 ----N---- C:\WINDOWS\system32\MAFWDITray.exe
2011-07-14 21:07:52 ----N---- C:\WINDOWS\system32\mafwdipnl.dll
2011-07-14 21:07:52 ----N---- C:\WINDOWS\system32\MAFWDICoIn.dll
2011-07-14 21:07:52 ----N---- C:\WINDOWS\system32\mafwdiasio.dll
2011-07-14 21:07:52 ----N---- C:\WINDOWS\system32\fwfmdio.dll
2011-07-14 21:07:25 ----D---- C:\Documents and Settings\303\Data aplikací\InstallShield
2011-07-14 20:57:48 ----A---- C:\ComboFix.txt
2011-07-14 20:36:31 ----A---- C:\WINDOWS\zip.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\SWSC.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\SWREG.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\sed.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\PEV.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\MBR.exe
2011-07-14 20:36:31 ----A---- C:\WINDOWS\grep.exe
2011-07-14 20:36:05 ----D---- C:\WINDOWS\ERDNT
2011-07-14 20:35:58 ----D---- C:\Qoobox
2011-07-10 16:11:38 ----D---- C:\Documents and Settings\303\Data aplikací\Registry Mechanic
2011-07-10 16:09:22 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-07-10 13:10:46 ----D---- C:\Documents and Settings\303\Data aplikací\DDMSettings
2011-06-27 18:34:15 ----D---- C:\WINDOWS\Sun
2011-06-27 18:33:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2011-06-27 18:33:10 ----D---- C:\Program Files\Common Files\Java
2011-06-27 18:32:32 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-27 18:32:32 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-27 18:32:32 ----A---- C:\WINDOWS\system32\java.exe
2011-06-27 18:32:32 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-06-27 18:32:13 ----D---- C:\Program Files\Java
2011-06-27 18:31:43 ----D---- C:\Documents and Settings\303\Data aplikací\Sun

======List of files/folders modified in the last 1 months======

2011-07-15 20:05:33 ----D---- C:\WINDOWS\Prefetch
2011-07-15 20:05:30 ----D---- C:\WINDOWS\Internet Logs
2011-07-15 20:05:16 ----RD---- C:\Program Files
2011-07-15 19:42:22 ----D---- C:\WINDOWS\Temp
2011-07-15 19:40:29 ----D---- C:\WINDOWS\system32
2011-07-15 19:22:15 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-15 19:22:09 ----SHD---- C:\WINDOWS\CSC
2011-07-15 05:53:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-14 21:07:55 ----D---- C:\WINDOWS\system32\drivers
2011-07-14 21:07:26 ----D---- C:\Program Files\M-Audio
2011-07-14 20:52:33 ----D---- C:\WINDOWS
2011-07-14 20:52:33 ----A---- C:\WINDOWS\system.ini
2011-07-14 20:49:36 ----D---- C:\WINDOWS\system32\config
2011-07-14 20:47:26 ----D---- C:\Program Files\cacaoweb
2011-07-14 20:45:47 ----D---- C:\WINDOWS\AppPatch
2011-07-14 20:45:44 ----D---- C:\Program Files\Common Files
2011-07-14 19:59:18 ----D---- C:\Documents and Settings\303\Data aplikací\Winamp
2011-07-14 19:53:52 ----D---- C:\WINDOWS\Minidump
2011-07-12 20:41:36 ----D---- C:\Documents and Settings\303\Data aplikací\Skype
2011-07-12 17:36:28 ----D---- C:\Documents and Settings\303\Data aplikací\skypePM
2011-07-11 19:08:29 ----D---- C:\Program Files\VideoLAN
2011-07-11 19:07:12 ----SD---- C:\WINDOWS\Tasks
2011-07-11 19:04:44 ----D---- C:\Program Files\Utherverse Digital Inc
2011-07-11 18:59:43 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-07-11 18:54:30 ----D---- C:\Documents and Settings\303\Data aplikací\DivX
2011-07-11 18:15:17 ----SHD---- C:\WINDOWS\Installer
2011-07-11 18:15:17 ----D---- C:\Config.Msi
2011-07-11 18:15:16 ----D---- C:\WINDOWS\WinSxS
2011-07-11 05:55:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-07-10 22:59:34 ----D---- C:\Program Files\SecondLifeViewer2
2011-07-10 20:27:45 ----D---- C:\Documents and Settings\303\Data aplikací\SecondLife
2011-07-10 13:10:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-07-10 13:09:49 ----D---- C:\Program Files\DivX
2011-07-10 13:09:48 ----D---- C:\Program Files\Common Files\DivX Shared
2011-07-09 19:54:42 ----D---- C:\Documents and Settings\303\Data aplikací\GHISLER
2011-07-03 00:18:34 ----D---- C:\Documents and Settings\303\Data aplikací\Audacity
2011-06-30 15:22:27 ----A---- C:\WINDOWS\NeroDigital.ini
2011-06-26 20:40:47 ----D---- C:\Program Files\Mozilla Firefox
2011-06-22 18:47:38 ----D---- C:\Documents and Settings\303\Data aplikací\gtk-2.0
2011-06-22 18:10:04 ----RSD---- C:\WINDOWS\Fonts
2011-06-19 22:51:38 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-26 5386752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-10 4603904]
R3 MAFWDICE;Service for M-Audio ProFire Driver (WDM); C:\WINDOWS\system32\DRIVERS\mafwdi.sys [2008-07-09 209032]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 a5cn6or1;a5cn6or1; C:\WINDOWS\system32\drivers\a5cn6or1.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2004-10-11 22016]
S3 MA_CMIDI;%EVOL_USB.SvcDesc%; C:\WINDOWS\system32\drivers\ma_cmidi.sys [2005-06-14 21888]
S3 MADFUXPONENT;Service for M-Audio Xponent DFU; C:\WINDOWS\system32\DRIVERS\MAudioXponent_DFU.sys []
S3 MAUSBXPONENT;Service for M-Audio Xponent; C:\WINDOWS\system32\DRIVERS\MAudioXponent.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 pgusbmme;usb-audio.de MME-Adapter; C:\WINDOWS\system32\drivers\pgusbmm3.sys [2007-09-19 32768]
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2004-10-11 211712]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 uw500usb;usb-audio.de driver for Yamaha UW500; C:\WINDOWS\System32\Drivers\uw500usb.sys [2007-09-19 340992]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 YMIDUSB;Yamaha Corporation USB MIDI Driver; C:\WINDOWS\System32\Drivers\ymidusb.sys [2007-11-07 18048]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-26 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-06-27 153376]
R2 MA_CMIDI_InstallerService;M-Audio CMIDI Installer; C:\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe [2005-09-28 94208]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-05-26 2437176]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-11-01 593920]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-12 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-12 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


Combofix log :

ComboFix 11-07-14.05 - 303 14.07.2011 20:40:23.1.2 - x86
SystÚm Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1432 [GMT 2:00]
SpuÜtýnř z: c:\documents and settings\303\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
VAROV┴N═ - NA TOMTO PO╚═TA╚I NEN═ NAINSTALOV┴NA KONZOLA PRO ZOTAVEN═ !!
.
.
((((((((((((((((((((((((((((((((((((((( OstatnÝ vřmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\303\Plocha\cacaoweb.exe
c:\documents and settings\303\WINDOWS
c:\program files\cacaoweb\cacaoweb.exe
c:\windows\system32\inf
c:\windows\system32\inf\MA_CMIDI.INF
c:\windows\system32\lsprst7.dll
c:\windows\system32\msvcsv60.dll
c:\windows\system32\ssprs.dll
.
.
((((((((((((((((((((((((((((((((((((((( OvladaŔe/Slu×by )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Soubory vytvo°enÚ od 2011-06-14 do 2011-07-14 )))))))))))))))))))))))))))))))
.
.
2011-07-10 14:11 . 2011-07-10 14:11 -------- d-----w- c:\documents and settings\303\Data aplikacÝ\Registry Mechanic
2011-07-10 14:09 . 2011-07-11 17:07 -------- d---a-w- c:\documents and settings\All Users\Data aplikacÝ\TEMP
2011-07-10 11:10 . 2011-07-10 11:10 -------- d-----w- c:\documents and settings\303\Data aplikacÝ\DDMSettings
2011-06-27 16:34 . 2011-06-27 16:34 -------- d-----w- c:\windows\Sun
2011-06-27 16:33 . 2011-06-27 16:33 -------- d-----w- c:\program files\Common Files\Java
2011-06-27 16:32 . 2011-06-27 16:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-27 16:32 . 2011-06-27 16:32 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-06-27 16:32 . 2011-06-27 16:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-27 16:32 . 2011-06-27 16:32 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vřpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-05-14 22:10 . 2011-05-14 22:10 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-05-14 22:05 . 2011-05-14 22:05 138056 ----a-w- c:\documents and settings\303\Data aplikacÝ\PnkBstrK.sys
2011-04-25 17:57 . 2011-04-25 17:57 406528 ----a-w- c:\windows\system32\ReWire.dll
2011-04-25 17:57 . 2011-04-25 17:57 338432 ----a-w- c:\windows\system32\REX Shared Library.dll
.
.
(((((((((((((((((((((((((((((((((( SpouÜtýcÝ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnÚ zßznamy a legitimnÝ vřchozÝ ˙daje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16384000]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-05-26 1043968]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"MAFWDITaskbarApp"="c:\windows\system32\MAFWdiTray.exe" [2008-07-09 313864]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-12-14 221184]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"Midi1"=ma_cmidn.dll
"midi6"=xgusb.cpl
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2626b3cb4b336
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.6.2010 17:59 682232]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.6.2010 15:33 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.6.2010 15:33 17744]
R3 MAFWDICE;Service for M-Audio ProFire Driver (WDM);c:\windows\system32\drivers\mafwdi.sys [5.12.2010 16:13 209032]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2010 23:30 136176]
S3 gupdatem;Slu×ba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2010 23:30 136176]
S3 MADFUXPONENT;Service for M-Audio Xponent DFU;c:\windows\system32\DRIVERS\MAudioXponent_DFU.sys --> c:\windows\system32\DRIVERS\MAudioXponent_DFU.sys [?]
S3 MAUSBXPONENT;Service for M-Audio Xponent;c:\windows\system32\DRIVERS\MAudioXponent.sys --> c:\windows\system32\DRIVERS\MAudioXponent.sys [?]
S3 pgusbmme;usb-audio.de MME-Adapter;c:\windows\system32\drivers\pgusbmm3.sys [13.12.2010 18:03 32768]
S3 uw500usb;usb-audio.de driver for Yamaha UW500;c:\windows\system32\drivers\uw500usb.sys [13.12.2010 18:03 340992]
.
Obsah adresß°e 'NaplßnovanÚ ˙lohy'
.
2011-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-12 21:30]
.
2011-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-12 21:30]
.
.
------- Dopl˛kovř sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682
IE: Download all links with IDM
IE: Download FLV video content with IDM
IE: Download with IDM
TCP: DhcpNameServer = 192.168.126.254
FF - ProfilePath - c:\documents and settings\303\Data aplikacÝ\Mozilla\Firefox\Profiles\wn7w2uaw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - BrotherSoft Extreme Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - prefs.js: network.proxy.type - 2
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: SHOUTcast Radio Toolbar: {12e4c684-c03e-4e4d-85bc-0c065e7a9489} - %profile%\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
.
- - - - NEPLATN╔ POLOÄKY ODSTRAN╠N╔ Z REGISTRU - - - -
.
HKCU-Run-cacaoweb - c:\program files\cacaoweb\cacaoweb.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-14 20:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenovßnÝ skrytřch proces¨ ...
.
skenovßnÝ skrytřch polo×ek 'Po spuÜtýnÝ' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
cacaoweb = "c:\program files\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?es??????????????????O???????????????O???O???????????O?\?O?I8G??????8G?????????????( ??????Service Pack 3?????????????????????????????
.
skenovßnÝ skrytřch soubor¨ ...
.
sken byl ˙speÜný dokonŔen
skrytÚ soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUT╔ KL═╚E V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):1c,23,5f,ab,62,ee,db,7b,17,0f,e7,dd,6f,1c,04,c2,d4,9f,5c,8d,ed,
fb,d6,d1,e9,79,a7,5a,df,d9,1b,6f,d2,75,c3,8b,3d,70,f8,e4,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{bb7be6c1-56ab-4f95-a367-01f5896cab7a}]
@Denied: (Full) (Everyone)
"Model"=dword:00000136
"Therad"=dword:00000011
.
--------------------- Knihovny navßzanÚ na bý×ÝcÝ procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(888)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3944)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ JinÚ spuÜtenÚ procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkovř Ŕas: 2011-07-14 20:57:46 - poŔÝtaŔ byl restartovßn
ComboFix-quarantined-files.txt 2011-07-14 18:57
.
P°ed spuÜtýnÝm: Volnřch bajt¨: 13á636á268á032
Po spuÜtýnÝ: Volnřch bajt¨: 13á625á294á848
.
- - End Of File - - 7124AA6703D623E034E04300382C3E76

[Rudy]

Zdravím!
Včera jste dělal sken Combofix. Rád bych z něho viděl log. Dělat sken RSIT po skenu ComboFix je nesmysl, bude vždy čistý.

[piky]

ComboFix 11-07-14.05 - 303 15.07.2011 20:39:45.2.2 - x86
SystÚm Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1383 [GMT 2:00]
SpuÜtýnř z: c:\documents and settings\303\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
VAROV┴N═ - NA TOMTO PO╚═TA╚I NEN═ NAINSTALOV┴NA KONZOLA PRO ZOTAVEN═ !!
.
.
((((((((((((((((((((((((((((((((((((((( OstatnÝ vřmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\msvcsv60.dll
.
.
((((((((((((((((((((((((( Soubory vytvo°enÚ od 2011-06-15 do 2011-07-15 )))))))))))))))))))))))))))))))
.
.
2011-07-15 18:05 . 2011-07-15 18:05 -------- d-----w- c:\program files\trend micro
2011-07-15 18:05 . 2011-07-15 18:05 -------- d-----w- C:\rsit
2011-07-14 19:07 . 2008-04-01 01:28 197128 ----a-w- c:\windows\system32\M-AudioProFireControlPanelApplet.cpl
2011-07-14 19:07 . 2008-07-09 07:51 1303560 ------w- c:\windows\system32\M-AudioProFireControlPanel.exe
2011-07-14 19:07 . 2008-07-09 07:46 325420 ------w- c:\windows\system32\drivers\fw610.bin
2011-07-14 19:07 . 2008-07-09 07:50 313864 ------w- c:\windows\system32\MAFWDITray.exe
2011-07-14 19:07 . 2008-07-09 07:50 21000 ------w- c:\windows\system32\mafwdipnl.dll
2011-07-14 19:07 . 2008-07-09 07:50 25096 ------w- c:\windows\system32\mafwdiasio.dll
2011-07-14 19:07 . 2008-07-09 07:50 209032 ------w- c:\windows\system32\drivers\mafwdi.sys
2011-07-14 19:07 . 2008-07-09 07:50 12296 ------w- c:\windows\system32\MAFWDICoIn.dll
2011-07-14 19:07 . 2008-07-09 07:50 2520032 ------w- c:\windows\system32\fwfmdio.dll
2011-07-14 19:07 . 2008-07-09 07:46 327140 ------w- c:\windows\system32\drivers\fw2626.bin
2011-07-14 19:07 . 2011-07-14 19:07 -------- d-----w- c:\documents and settings\303\Data aplikacÝ\InstallShield
2011-07-10 14:11 . 2011-07-10 14:11 -------- d-----w- c:\documents and settings\303\Data aplikacÝ\Registry Mechanic
2011-07-10 14:09 . 2011-07-11 17:07 -------- d---a-w- c:\documents and settings\All Users\Data aplikacÝ\TEMP
2011-07-10 11:10 . 2011-07-10 11:10 -------- d-----w- c:\documents and settings\303\Data aplikacÝ\DDMSettings
2011-06-27 16:34 . 2011-06-27 16:34 -------- d-----w- c:\windows\Sun
2011-06-27 16:33 . 2011-06-27 16:33 -------- d-----w- c:\program files\Common Files\Java
2011-06-27 16:32 . 2011-06-27 16:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-27 16:32 . 2011-06-27 16:32 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-06-27 16:32 . 2011-06-27 16:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-27 16:32 . 2011-06-27 16:32 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vřpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-05-14 22:10 . 2011-05-14 22:10 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-05-14 22:05 . 2011-05-14 22:05 138056 ----a-w- c:\documents and settings\303\Data aplikacÝ\PnkBstrK.sys
2011-04-25 17:57 . 2011-04-25 17:57 406528 ----a-w- c:\windows\system32\ReWire.dll
2011-04-25 17:57 . 2011-04-25 17:57 338432 ----a-w- c:\windows\system32\REX Shared Library.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-14_18.52.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-15 17:22 . 2011-07-15 17:22 16384 c:\windows\Temp\Perflib_Perfdata_140.dat
.
(((((((((((((((((((((((((((((((((( SpouÜtýcÝ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnÚ zßznamy a legitimnÝ vřchozÝ ˙daje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 16384000]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-05-26 1043968]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"MAFWDITaskbarApp"="c:\windows\system32\MAFWdiTray.exe" [2008-07-09 313864]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-12-14 221184]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"M-Audio Taskbar Icon"="c:\windows\System32\MAFWDITray.exe" [2008-07-09 313864]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"Midi1"=ma_cmidn.dll
"midi6"=xgusb.cpl
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2626b3cb4b336
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.6.2010 17:59 682232]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.6.2010 15:33 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.6.2010 15:33 17744]
R3 MAFWDICE;Service for M-Audio ProFire Driver (WDM);c:\windows\system32\drivers\mafwdi.sys [14.7.2011 21:07 209032]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2010 23:30 136176]
S3 gupdatem;Slu×ba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2010 23:30 136176]
S3 MADFUXPONENT;Service for M-Audio Xponent DFU;c:\windows\system32\DRIVERS\MAudioXponent_DFU.sys --> c:\windows\system32\DRIVERS\MAudioXponent_DFU.sys [?]
S3 MAUSBXPONENT;Service for M-Audio Xponent;c:\windows\system32\DRIVERS\MAudioXponent.sys --> c:\windows\system32\DRIVERS\MAudioXponent.sys [?]
S3 pgusbmme;usb-audio.de MME-Adapter;c:\windows\system32\drivers\pgusbmm3.sys [13.12.2010 18:03 32768]
S3 uw500usb;usb-audio.de driver for Yamaha UW500;c:\windows\system32\drivers\uw500usb.sys [13.12.2010 18:03 340992]
.
Obsah adresß°e 'NaplßnovanÚ ˙lohy'
.
2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-12 21:30]
.
2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-12 21:30]
.
.
------- Dopl˛kovř sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682
IE: Download all links with IDM
IE: Download FLV video content with IDM
IE: Download with IDM
TCP: DhcpNameServer = 192.168.126.254
FF - ProfilePath - c:\documents and settings\303\Data aplikacÝ\Mozilla\Firefox\Profiles\wn7w2uaw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - prefs.js: network.proxy.type - 2
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: SHOUTcast Radio Toolbar: {12e4c684-c03e-4e4d-85bc-0c065e7a9489} - %profile%\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
.
- - - - NEPLATN╔ POLOÄKY ODSTRAN╠N╔ Z REGISTRU - - - -
.
AddRemove-{B28C85A5-01A3-4767-B42B-348FB1035799} - c:\program files\InstallShield Installation Information\{B28C85A5-01A3-4767-B42B-348FB1035799}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-15 20:48
Windows 5.1.2600 Service Pack 3 NTFS
.
skenovßnÝ skrytřch proces¨ ...
.
skenovßnÝ skrytřch polo×ek 'Po spuÜtýnÝ' ...
.
skenovßnÝ skrytřch soubor¨ ...
.
sken byl ˙speÜný dokonŔen
skrytÚ soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUT╔ KL═╚E V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):1c,23,5f,ab,62,ee,db,7b,17,0f,e7,dd,6f,1c,04,c2,d4,9f,5c,8d,ed,
fb,d6,d1,e9,79,a7,5a,df,d9,1b,6f,d2,75,c3,8b,3d,70,f8,e4,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{bb7be6c1-56ab-4f95-a367-01f5896cab7a}]
@Denied: (Full) (Everyone)
"Model"=dword:00000136
"Therad"=dword:00000011
.
--------------------- Knihovny navßzanÚ na bý×ÝcÝ procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(868)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkovř Ŕas: 2011-07-15 20:51:09
ComboFix-quarantined-files.txt 2011-07-15 18:51
ComboFix2.txt 2011-07-14 18:57
.
P°ed spuÜtýnÝm: Volnřch bajt¨: 13á557á354á496
Po spuÜtýnÝ: Volnřch bajt¨: 13á541á867á520
.
- - End Of File - - 04372AC44012A0D576F315896CA432E1

[Rudy]

něco CF smazal, zbytek logu vypadá čistý. Co jste instaloval těsně před tím, než se problém objevil?

[piky]

typoval bych to na nějaký divX Player nebo tak něco , přesně už nevím ...jestly neodchází hdd taky si řikam pomalu

[Rudy]

Zkuste tedy obnovu systému k datu, kdy korektně fungoval.

[piky]

tak jsem dal obnovu systemu :-)trvalo to cca tak 3hodiny a těsně před koncem se pc restartovalo a pak to napsalo , že k tomuto datu system nelze obnovit a že se v pc neudály žádné změny, tak já nevím co to může být...........třeba při spuštěném filmu se sem tam zadrhne zvuk i obraz (z rebráků to navteřinku udělá jakési drrrrrrrrrrr a pak to zase jede) jakoby tam něco uvízlo v nějaké smyčce nebo ja nevím co to je ....no přinejhorším naformátuji bude to možná rychlejší než skoušet znovu obnovu systemu

[Rudy]

Před formatem bych ještě zkusil opravu systému z instal. média, příp. odinstalovat ten player.

[piky]

ok skusím ještě opravit...diky

[Rudy]

Nemáte zač!

[piky]

Tak ještě na závěr: problém je vyřešen ...HDD jsem připojil do jiného sata portu na desce a bylo po problému

[Rudy]

Pravděpodobně jste měl připojen disk v portu s jinou specifikací.