Prosím o kontrolu logu - potvora psswcore v mém PC

[Caroprd111]

Ok

[Antusek]

Dobrý večer,
tak jsem to projel těmi všemi čističi. Ale je tu ještě problém, že když chci spustit RSIT mam ho už v PC (odstranil jsem ho nahrál znovu), tak při naběhnutí ohlásí hlášku "C:\RSIT\log.txt přístup byl odepřen" a program se nespustí. Mám zapnutý Avast a Zone Alarm. I když jsem ten program znova nahrál. To je divné. Dříve to fungovalo.
Dík za další radu.

[Caroprd111]

Zkuste antivir dočasně vypnout.

[Antusek]

Tak jsem vypnul avast i Zone Alarm. A spustil RSIT. Nic se ale nezměnilo. Při naběhnutí se objeví stejné hlášení a že přístup byl odepřen. Nemůže tam být ještě nějaká jiná potvora?
Je to záhada. Díky za další postup.

[Caroprd111]

Poprosím Vás o log z DDS http://www.viry.cz/forum/viewtopic.php?f=24&t=81946

[Antusek]

To mi šlo udělat. Vkládám sem první log DDS. txt
Ještě je záhada, že txt nejdou otevřít poklepáním (přístup byl odepřen). Musím je otevřít až v poznámkovém bloku. Dříve se poklepáním poznámkový blok spustil. Pokud bude potřeba ten druhý log, tak ho sem pak také vložím.
Díky za další rady.



DDS (Ver_10-12-12.02) - NTFSx86
Run by User at 20:47:00,21 on źt 27.01.2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2038.1257 [GMT 1:00]

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Samsung\FrameManager\sam_service.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Disková media\MP3 přehrávač Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\media\players\real player\update\realsched.exe
C:\přehrávače\QuickTime 6\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Samsung\FrameManager\FrameManager.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Čističe\Advanced SystemCare 3\AWC.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programy\Adobe\Distillr\AcroTray.exe
C:\Tiskárna\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Aviry\Secunia\PSI\psi.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Tiskárna\Digital Imaging\bin\hpqSTE08.exe
C:\Tiskárna\Digital Imaging\bin\hpqbam08.exe
C:\Tiskárna\Digital Imaging\bin\hpqgpc01.exe
C:\Aviry\Zone Alarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Samsung\FrameManager\sam_controller.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Aviry\DDS\dds.com

============== Pseudo HJT Report ===============

uStart Page =
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\tiskárna\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Podpora odkazu pro Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\data aplikací\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - c:\program files\iobitcom\tbIOb1.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: ZoneAlarm Spy Blocker BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\1.bin\SPYBLOCK.DLL
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\tiskárna\digital imaging\smart web printing\hpswp_BHO.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: ZoneAlarm Spy Blocker: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\1.bin\SPYBLOCK.DLL
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - c:\program files\iobitcom\tbIOb1.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\user\local settings\data aplikací\google\update\GoogleUpdate.exe" /c
uRun: [Advanced SystemCare 3] "c:\čističe\advanced systemcare 3\AWC.exe" /startup
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AROReminder] c:\program files\advanced registry optimizer\ARO.exe -rem
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [WinFastDTV] c:\program files\winfast\wfdtv\DTVSchdl.exe
mRun: [SMSTray] c:\disková media\mp3 přehrávač samsung\samsung media studio 5\SMSTray.exe
mRun: [MAAgent] c:\program files\markany\contentsafer\MAAgent.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [TkBellExe] "c:\media\players\real player\update\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\přehrávače\quicktime 6\QTTask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [hpqSRMon] c:\tiskárna\digital imaging\bin\hpqSRMon.exe
mRun: [FrameManager] c:\program files\samsung\framemanager\FrameManager.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\user\nabdka~1\programy\posput~1\secuni~1.lnk - c:\aviry\secunia\psi\psi.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\acroba~1.lnk - c:\programy\adobe\distillr\AcroTray.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\hpdigi~1.lnk - c:\tiskárna\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\autoru~1\corelm~1.lnk - c:\grafika\programs\MFIndexer.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\programy\micros~1\office11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\komunikace\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\programy\micros~1\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\tiskárna\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261224740859
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261224714906
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: ShellHook Class: {88485281-8b4b-4f8d-9ede-82e29a064277} - c:\progra~1\markany\conten~1\MACSMA~1.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-5-10 294608]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-4-5 532224]
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\drivers\wfcxacap.sys [2008-4-8 9856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-5-10 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-12 40384]
R2 FrameManager Service;FrameManager Service;c:\program files\samsung\framemanager\sam_service.exe [2010-12-27 188416]
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2009-7-16 222968]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 493032]
R2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [2008-4-8 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [2008-4-8 167040]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [2008-4-8 39424]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-8-18 69120]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-7-7 14904]
R3 SODI;SODI;c:\windows\system32\drivers\sam_miniport.sys [2010-12-27 14720]
R3 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [2008-4-8 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [2008-4-8 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [2008-4-8 10496]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 62304121;62304121;c:\windows\system32\drivers\62304121.sys --> c:\windows\system32\drivers\62304121.sys [?]
S1 KLIF;KLIF;c:\windows\system32\drivers\klif.sys --> c:\windows\system32\drivers\klif.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c99cd572e121b6;Google Update Service (gupdate1c99cd572e121b6);c:\program files\google\update\GoogleUpdate.exe [2009-3-4 133104]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [2008-4-28 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [2008-4-28 64896]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 miniusb;FrameManager Display Adapter;c:\windows\system32\drivers\sam_miniusb.sys [2010-12-27 10624]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-18 14336]
S3 WFIOCTL;WFIOCTL;c:\program files\winfast\wfdtv\WFIOCTL.sys [2008-4-8 9446]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2011-01-26 21:11:34 -------- d-----w- c:\program files\trend micro
2011-01-18 10:17:41 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys
2011-01-12 09:50:19 -------- d-----w- C:\stati2011
2011-01-04 08:53:05 -------- d-----w- C:\Prezentace 2011
2011-01-04 08:52:18 -------- d-----w- C:\Nová složka

==================== Find3M ====================

2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2010-12-04 10:23:07 1342752 ----a-w- C:\VideosSetup.exe
2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:15:47 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23:38 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23:37 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23:37 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec

============= FINISH: 20:48:02,57 ===============

[Caroprd111]

Doporučuji odinstalovat mcafee security scan, jinak je log v pořádku.

[Antusek]

Díky za pomoc. Jen mám ještě jeden takový dotaz. Pořád se mi nahrávají z windows update 4 aktualizace. Když se na windows update kouknu tak nic neobsahují. Jak se dá zakázat, aby se ty 4 aktualizace nenahrávaly, ale ostatní jiné ano. A ještě jeden dotázek. Když chci aktualizovat javu, tak to hlásí, že chybí nějaké dll a nejde to. Asi by to chtělo jí odinstalovat a nahrát znovu. (?).
Přeji hezký večer

[Caroprd111]

Zkuste stáhnout aktualizace přímo z webu Microsoftu a nainstalovat. Javu přeinstalujte.